deployment guide for cisco directory · pdf filedeployment guide for cisco directory...

Deployment Guide for Cisco Directory ConnectorFirst Published 2017-02-24

Last Modified 2018-04-03

Americas HeadquartersCisco Systems Inc170 West Tasman DriveSan Jose CA 95134-1706USAhttpwwwciscocomTel 408 526-4000 800 553-NETS (6387)Fax 408 527-0883

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco andor its affiliates in the US and other countries To view a list of Cisco trademarks go to this URL httpswwwciscocomgotrademarks Third-party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a partnershiprelationship between Cisco and any other company (1721R)

copy 2018 Cisco Systems Inc All rights reserved

C O N T E N T S

P r e f a c e New and Changed Information v

C H A P T E R 1 Overview of Cisco Directory Connector 1

Cisco Directory Connector Overview 1

C H A P T E R 2 Prepare Your Environment 5

System Requirements for Cisco Directory Connector 5

Prerequisites for Cisco Directory Connector 6

AD LDS and Cisco Directory Connector 7

AD LDS with Directory Connector 7

Use AD LDS with Directory Connector 7

Web Proxy Integration 8

Directory Connector with Web Proxy Integration 8

Use a Web Proxy Through The Browser 8

Configure Web Proxy Through a PAC file 9

Configure Transparent Proxy 9

Disable Proxy Authentication 10

Set Proxy Authentication for Directory Connector 10

C H A P T E R 3 Deploy Cisco Directory Connector 11

Cisco Directory Connector Deployment Task Flow 11

Install Cisco Directory Connector 13

Sign In To Cisco Directory Connector 14

Directory Connector Dashboard 15

Configure General Settings for Directory Connector 17

Select the Connector Object 18

Configure the Connector Policy 19

Deployment Guide for Cisco Directory Connector iii

Set the Connector Schedule 19

Map User Attributes 20

Active Directory Attributes in Directory Connector 20

Synchronize Directory Avatars to the Cloud 22

Perform a Dry Run Synchronization 23

Run a Full Synchronization 25

Run an Incremental Synchronization 26

Assign Cisco Spark Services to Directory Synchronized Users in Cisco Spark Control

Hub 27

C H A P T E R 4 Manage Cisco Directory Connector 29

Upgrade Cisco Directory Connector 29

Turn Off Directory Synchronization 29

Uninstall and Deactivate Cisco Directory Connectors 30

C H A P T E R 5 Manage Cisco Spark User Accounts 31

Change a Cisco Spark Email Address 31

Change the Active Directory Domain 31

Domain Claim 32

Convert Cisco Spark Users in a Directory Synchronized Organization 32

Sideboarded Cisco Spark User Accounts 33

Change Cisco Spark Username Format After Directory Synchronization 33

A P P E N D I X A Troubleshoot Cisco Directory Connector 35

Enable Troubleshooting for Directory Connector 35

Launch the Event Viewer 36

Enable TLS in Internet Explorer 37

Check Directory Connector for Errors 38

Cisco Directory Connector Stopped Working 38

Error Messages and Fixes for Cisco Directory Connector 39

Troubleshoot Service Account Sign In Issues 41

A P P E N D I X B Scenarios for Provisioning Cisco Spark Users with Cisco Directory Connector 43

Manage New and Departing Employees and Their Cisco Spark Accounts 43

Deployment Guide for Cisco Directory Connectoriv

Contents

New and Changed Information

Changes MadeDate

bull In Prerequisites for Cisco Directory Connector on page 6 documentedthe process for synchronizing more than 10000 users (large organizations)

bull In System Requirements for Cisco Directory Connector on page 5 addedthis statement ldquoFor a Virtual Machine login the admin account privilegemust at least be able to read domain informationrdquo

April 3 2018

bull Added the forest functionality level 2 requirement for Windows Server2003

bull Made the following structural changes to the guide

Added a new chapter Prepare Your Environment on page 5

Retired AD LDS and Web Proxy chapters moved the content toPrepare Your Environment on page 5

Retired Run Active Directory Synchronization chapter moved thecontent to Deploy Cisco Directory Connector on page 11

Retired the Configure Directory Connector chapter moved the contentto Deploy Cisco Directory Connector on page 11

Added a new section Cisco Directory Connector Deployment TaskFlow on page 11

February 15 2018

Previously the Unified Directory feature overview was removed because ofaccuracy issues It is now readded to Cisco Directory Connector Overview onpage 1 and can only be used in organizations that use Cisco Spark Calling(cloud PSTN service) for some users

January 31 2018

Updated Synchronize Directory Avatars to the Cloud on page 22 to betterexplain the avatar URI pattern and what happens when a user does not have anavatar in the directory

January 25 2018

Deployment Guide for Cisco Directory Connector v

Changes MadeDate

bull Updated Assign Cisco Spark Services to Directory Synchronized Users inCisco Spark Control Hub on page 27 with updated interface in CiscoSpark Control Hub and added reference to suppress email notifications

bull Updated Synchronize Directory Avatars to the Cloud on page 22 withinformation about how the avatars are synchronized for a Cisco WebExsite managed through Cisco Spark Control Hub

January 16 2018

InRun a Full Synchronization on page 25 added a prerequisite that you mustverify domains and integrate single-sign on (SSO) in Cisco Spark Control Hubif you want user accounts to be in active state after you synchronize them fromActive Directory See Add and Verify Domains and Single Sign-On with CiscoSpark Services and Your Identity Provider for more information

January 12 2018

Updated Synchronize Directory Avatars to the Cloud on page 22 to clarify thatthe Directory Connector needs http or https access to the images but the imagesdont need to be publically accessible from the Internet

December 13 2017

Added context about groups to Select the Connector Object on page 18mdashtheyshould only be used for Hybrid Data Security deployments

November 2 2017

Added new appendix Scenarios for Provisioning Cisco Spark Users with CiscoDirectory Connector on page 43

October 13 2017

Added Unified Directory overview to Cisco Directory Connector Overview onpage 1

September 5 2017

Added idbrokerwebexcom to the URLs to add to the allowed list in a proxyenvironment

August 8 2017

Added Windows 2012 R2 to the list of supported serversJuly 19 2017

Added a section for troubleshooting service account sign in issuesJune 15 2017

Added Windows 2016 to the list of supported servers Added an example to theconnector policy section

June 5 2017

Retired the Best Practices section and created Manage Cisco Spark UserAccounts and Troubleshoot Directory Connector

May 4 2017

Added steps to uninstall and deregister directory connectors Added informationabout high availability (HA) for failover intervals

March 6 2017

Deployment Guide for Cisco Directory Connectorvi


C H A P T E R 1Overview of Cisco Directory Connector

bull Cisco Directory Connector Overview page 1

Cisco Directory Connector OverviewCisco Directory Connector is an on-premises application for identity synchronization in to the cloud Youdownload the connector software from Cisco Spark Control Hub and install it on your local machine

With Cisco Directory Connector you can maintain your user accounts and data in the Active Directory singlesource See all the features descriptions and benefits in the table

Description and BenefitFeature

The dashboard provides a synchronization schedule summary andstatus of synchronization and the status of the Directory ConnectorYou can view the dashboard when you sign in to the DirectoryConnector

Easy-to-use dashboard

Synchronize the entire directory Or just synchronize the incrementalchanges to save on processing power and shorten synchronization time

Full and incrementalsynchronization

Set a synchronization schedule by day hour and minuteScheduled synchronization

Define LDAP search criteria and provide efficient importsLightweight Directory AccessProtocol (LDAP) filters

Conduct a dry run of changes to the directory before they areimplemented Then run a report to see that the changes you want tomake are what you expect

Dry run

MapMicrosoft Active Directory attributes to corresponding Cisco Sparkattributes

User attribute mapping

Deployment Guide for Cisco Directory Connector 1


If part of your organization uses Cisco Spark Calling for call servicethis feature lets Cisco Spark users search the directory for enterprisecontacts from their Cisco Spark Calling (cloud PSTN) phones andmakecalls to enterprise contacts in addition to Cisco Spark contacts ThroughCisco Directory Connector the enterprise users and their phone numbersare synchronized and added to your Cisco Spark organization They donot need to be licensed for Cisco Spark for this feature to work

Users that are not licensed for Cisco Spark will appear in the directorysearch performed from a Cisco Spark Calling users phone as long asthere is a URI or a phone number synchronized to Cisco Spark throughthe Cisco Directory Connector Calling functionality behaves the samefor both types of users This feature also provides edit dial functionalityfor contacts with only phone numbers

In the contacts search result

bull If contacts have a dialable URI (Cisco Spark SIP address) andphone number the URI assocoiated with the contact is displayed

bull If contacts do not have a dialable URI but do have a phone numberthe phone number is shown They also have an edit dial softkey

bull If contacts have neither they are not shown in the directory

Unified Directory for Cisco SparkCalling Users and EnterpriseContacts without Cisco SparkLicensing

Use the event viewer to determine if there were any issues with thesynchronization

Event viewer

Once you enable troubleshooting logs are written that can be sent totechnical support

Troubleshooting

After you install Directory Connector youre sent a notificationwhenever a new version of the software is available

Automated upgrade

Configure multiple connectors so that there is a backup in case the mainconnector or the machine hosting it goes down

High availability

Cisco Directory Connector is divided into three areas

bull Cisco Spark Control Hub is the single interface that lets you manage all aspects of your Cisco Sparkorganization view users assign licenses download Directory Connector and configure single sign-on(SSO) if you want your users to authenticate through their enterprise identity provider and you dontwant to send email invitations for Cisco Spark

bull Cisco Directory Connector management interface is the software that you download from CiscoSpark Control Hub and install on a trusted Windows server Using the software you can run asynchronization to bring your Active Directory user accounts into Cisco Spark view and monitorsynchronization status and configure Directory Connector services

bull Directory synchronization service queries your Active Directory to retrieve users and groups tosynchronize to the connector service and Cisco Directory Connector

Deployment Guide for Cisco Directory Connector2

Overview of Cisco Directory ConnectorCisco Directory Connector Overview

Refer to this diagram to understand Cisco Directory Connector architecture

Figure 1 Architecture for Cisco Directory Connector





C H A P T E R 2Prepare Your Environment

bull System Requirements for Cisco Directory Connector page 5

bull Prerequisites for Cisco Directory Connector page 6

bull AD LDS and Cisco Directory Connector page 7

bull Web Proxy Integration page 8

System Requirements for Cisco Directory ConnectorYou can install Cisco Directory Connector on these supported Windows Servers

bullWindows Server 2016

bullWindows Server 2012 R2




For a Virtual Machine login the admin account privilege must at least be able to read domain informationNote

Cisco Directory Connector works with Active Directory 2008 2008 R2 2012 and 2012 R2 In addition

bull You must have NET Framework v35 on the machine where Cisco Directory Connector is installed Ifyou run into any issues use the directions in Enable NET Framework 35 by using the Add Roles andFeatures Wizard

bull Active Directory forest functional level 2 (Windows Server 2003) or higher is required (See What AreActive Directory Functional Levels for more information)

Cisco Directory Connector supports TLS 10


Minimum Hardware Requirements

Cisco Directory Connector requires a computer with

bull 8 GB of RAM

bull 50 GB of storage

bull No minimum for the CPU

Prerequisites for Cisco Directory ConnectorNetwork Requirements

bull If your network is behind a firewall ensure that your system has HTTPS (port 443) access to theinternet

Cisco Spark Organization Configuration

bull Integrate your Single Sign-On environment with Cisco Spark before you run Cisco DirectoryConnector Then you can suppress email notifications so that users who are newly synchronizedinto Cisco Spark wont receive the invite email

bull Add verify and claim domains that contain the user email addresses you want to synchronizeinto the cloud You must verify domains claim domains and integrate single sign-on if you wantnew Cisco Spark user accounts to show up in an active state in Cisco Spark Control Hub

bull If youre going to use Cisco Directory Connector to synchronize more than 10000 users youmust use Support Case Manager to open a Cisco Spark case and get your organization added toa large organization list Without doing this step you wont see synchronized users in Cisco SparkControl Hub

Cisco Directory Connector Installation

bullWe recommend that you install Cisco Directory Connector and Active Directory DomainServiceActive Directory Lightweight Directory Services (ADDSADLDS) on separate machines

bull The machine with Cisco Directory Connector installed needs an administrator account toauthenticate the Cisco Directory Connector machine to the on-premises domain that has DNSenabled


Prepare Your EnvironmentPrerequisites for Cisco Directory Connector

AD LDS and Cisco Directory Connector

AD LDS with Directory ConnectorA data model restriction (a single LDAP partition view or a single organizational unit (OU) view) may beimposed on an enterprise directory-enabled application This application must access data that is associatedwith AD DS-authenticated users applications or network resources that are located in multiple forestsdomains or OUs in the enterprise

In this situation AD LDS is used to synchronize its user database with different AD Domain Controllers orother LDAP sources In such a case choose Domain Account for AD LDS item when you install CiscoDirectory Connector

If your environment has multiple domainsforests set up AD LDS and bind the Cisco Directory Connectorto the parent domain AD LDS provides Cisco Directory Connector with a consolidated view of multipledomainsforests

About AD LDS

You can use Microsoft Active Directory Lightweight Directory Service (AD LDS) to provide directoryservices for directory-enabled applications Rather than use your organizations Active Directory DomainService (AD DS) database to store the directory-enabled application data AD LDS can be used to store thedata

You can use AD LDS with AD DS so that you can have a central location for security accounts (AD DS) anda separate location to support the application configuration and directory data (AD LDS)

With AD LDS you can

bull Reduce the overhead associated with AD replication

bull Avoid the need to extend the AD schema in order to support the application

bull Partition the directory structure so that the AD LDS service is only deployed to the servers that need tosupport the directory-enabled application

See When Should I Use AD LDS Role to understand seven scenarios that require using AD LDS

You can set up your AD LDS environment by following the AD LDS Getting Started Step-by-Step Guide

Use AD LDS with Directory ConnectorA limited set of server roles is available for the Server Core installation option of Windows Server 2008 andfor Windows Server 2008 for Itanium-Based systems

Before You Begin

Review the Using AD LDS documentation


Prepare Your EnvironmentAD LDS and Cisco Directory Connector

Procedure

Step 1 To install the AD LDS server role on a computer running Windows Server 2008 see Install the AD LDSServer Role

Step 2 To begin working with AD LDS instances see Practice Working with AD LDS InstancesStep 3 To import data from a file into an AD LDS instance seeImport data into an AD LDS instanceStep 4 To import from AD DS seeSynchronize with AD DSStep 5 If you set up multiple partitions in AD LDS choose the one you need and then click Confirm in the Cisco

Directory Connector Confirm Organization window

Web Proxy Integration

Directory Connector with Web Proxy IntegrationIf web proxy authentication is enabled in your environment you can still use Cisco Directory Connector

If your organization uses a transparent web proxy it does not support authentication Cisco Directory Connectorsuccessfully connects and synchronizes users

You can take one of these approaches

bull Explicit web proxy through Internet Explorer (Directory Connector inherits web proxy settings)

bull Explicit web proxy through a pac file (Cisco Directory Connector inherits enterprise-specific proxysettings

bull Transparent Proxy that works with Cisco Directory Connector without any changes

Use a Web Proxy Through The BrowserYou can set up Cisco Directory Connector to use a web proxy through Internet Explorer

If the Cisco DirSync Service runs from a different account than the currently signed in user you also need tosign in with this account and configure web proxy

Procedure

Step 1 From Internet Explorer go to Internet Options click Connections and then choose LAN SettingsStep 2 Point the Windows instance where Cisco Directory Connector is installed at your web proxy Cisco Directory

Connector inherits these web proxy settingsStep 3 If your environment uses proxy authentication add these URLs to your allowed list

bull cloudconnectorciscocom for synchronization

bull idbrokerwebexcom for authentication


Prepare Your EnvironmentWeb Proxy Integration

You may perform this either site-wide (for all hosts) or just for the host that is Cisco Directory Connector

If you add these URLs to an allowed list to completely bypass your web proxy make sure yourfirewall ACL table is updated to permit the Cisco Directory Connector host to access the URLsdirectly

Note

Configure Web Proxy Through a PAC fileYou can configure a client browser to use a pac file This file supplies the web proxy address and portinformation Cisco Directory Connector directly inherits the enterprise-specific web proxy configuration

Procedure

Step 1 For Cisco Directory Connector to successfully connect and sync user information with Cisco Spark andWebExmake sure proxy authentication is disabled for cloudconnectorciscocom in the pac file configurationfor the host where Cisco Directory Connector is installed

Step 2 If your environment uses proxy authentication add these URLs to your allowed list





Note

Configure Transparent ProxyIn this scenario the browser is unaware that a transparent web proxy is intercepting http requests (port 80port443) and no client-side configuration is required

Procedure

Step 1 Deploy a transparent proxy so that Cisco Directory Connector can connect and synchronize usersStep 2 Confirm that the proxy is successful if you see an expected browser authentication popup window when

starting Cisco Directory Connector


Prepare Your EnvironmentConfigure Web Proxy Through a PAC file

Disable Proxy AuthenticationYou can disable proxy authentication in your enterprise if you are not using a proxy server to handleauthentication requests

Set Proxy Authentication for Directory ConnectorAdd the URL cloudconnectorciscocom to your allowed list by creating an Access Control ListOn your enterprise firewall server

Procedure

Step 1 Enable DNS lookup if not already enabledStep 2 Determine an estimated bandwidth for this connection (Cisco Directory Connector at ~2 mbs or less) This

may not be requiredStep 3 Create an Access Control List to apply to the Cisco Directory Connector host and specify

cloudconnectorciscocom as the target to add to the allowed listFor example

access-list 2000 acl-inside extended permit TCP [IP of the Directory Connector]

cloudconnectorciscocom eq https

Step 4 Apply this ACL to the appropriate firewall interface which is only applicable for this single host (CiscoDirectory Connector)

Step 5 Ensure that the rest of the hosts in your enterprise are still required to use your web proxy by configuring theappropriate implicit deny statement


Prepare Your EnvironmentDisable Proxy Authentication

C H A P T E R 3Deploy Cisco Directory Connector

bull Cisco Directory Connector Deployment Task Flow page 11

bull Install Cisco Directory Connector page 13

bull Sign In To Cisco Directory Connector page 14

bull Configure General Settings for Directory Connector page 17

bull Select the Connector Object page 18

bull Configure the Connector Policy page 19

bull Set the Connector Schedule page 19

bull Map User Attributes page 20

bull Synchronize Directory Avatars to the Cloud page 22

bull Perform a Dry Run Synchronization page 23

bull Run a Full Synchronization page 25

bull Run an Incremental Synchronization page 26

bull Assign Cisco Spark Services to Directory Synchronized Users in Cisco Spark Control Hub page 27

Cisco Directory Connector Deployment Task FlowBefore You Begin

Prepare Your Environment on page 5

Procedure

PurposeCommand or Action

Cisco Spark Control Hub initially shows directory synchronizationas disabled To turn on directory synchronization for your

Install Cisco DirectoryConnector on page 13

Step 1

organization you must install and configure Cisco DirectoryConnector and then successfully perform a full synchronization



For a new installation of Cisco Directory Connector always goto Cisco Spark Control Hub (httpsadminciscosparkcom) toget the latest version of the software so that youre using the latestfeatures and bug fixes After you install the software upgradesare reported through the software and automatically install whenavailable

Sign in with your Cisco Spark administrator credentials andperform the initial setup

Sign In To Cisco DirectoryConnector on page 14

Step 2

You can configure the name of the server running Cisco DirectoryConnector the log levels and the preferred settings for the domain

Configure General Settings forDirectory Connector on page17

Step 3

controllers The name of the connector appears on the dashboardin the connectors section along with any other connectors thatare running

You can select an object and its container By default all usersthat are not computers and all groups that are not critical systemobjects are synchronized with the entire domain

Select the Connector Object onpage 18

Step 4

You can set the maximum number of deletes that can occur duringsynchronization Running synchronization does not delete objects

Configure the ConnectorPolicy on page 19

Step 5

from your on-premises Active Directory All objects are deletedonly from the cloud

You can set the times that you want to synchronize your ActiveDirectory Failover is used for high availability (HA) If one

Set the Connector Schedule onpage 19

Step 6

connector is down we switch to another standby connector afterthe predefined interval

You can map attributes from your local Active Directory tocorresponding attributes in the cloud The only required field isthe uid

Map User Attributes on page20

Step 7

You can synchronize your users avatars to the cloud so that eachusers avatar appears when they sign in to the application

Synchronize Directory Avatarsto the Cloud on page 22

Step 8

When you perform a dry run Cisco Directory Connector retrievesthe information from your Active Directory based on the

Perform a Dry RunSynchronization on page 23

Step 9

configuration parameters that you set This information is thencompared against the information stored in the cloud A dry runallows you to see what objects will be added modified or deletedwhen you run a full or incremental synchronization

When you run a full synchronization the connector service sendsall filtered objects from your Active Directory (AD) to the cloud

Choose one depending on thetype of synchronization youwant to perform

Step 10

The connector service then updates the identity store with yourAD entries

bull Run a FullSynchronization on page25

An incremental synchronization queries your Active Directoryand looks for changes that occurred since the last synchronization


Deploy Cisco Directory ConnectorCisco Directory Connector Deployment Task Flow


This step then bundles those changes and sends them to theconnector service

bull Run an IncrementalSynchronization on page26

After you complete a full user synchronization from CiscoDirectory Connector in to Cisco Spark Control Hub you can

Assign Cisco Spark Services toDirectory Synchronized Users

Step 11

assign Cisco Spark service licenses to all of your users at onceYou can make individual changes after this initial step

in Cisco Spark Control Hub onpage 27

Install Cisco Directory ConnectorCisco Spark Control Hub initially shows directory synchronization as disabled To turn on directorysynchronization for your organization you must install and configure Cisco Directory Connector and thensuccessfully perform a full synchronization

Before You Begin

If you authenticate through a proxy server ensure that you have your proxy credentials

bull For proxy basic-auth youll enter the username and password after you install an instance of the CiscoDirectory Connector Internet Explorer proxy configuration is also required for basic-auth see Use aWeb Proxy Through The Browser on page 8

bull For proxy NTLM you may see an error when you open the Cisco Directory Connector for the first timeSee Use a Web Proxy Through The Browser on page 8

Procedure

Step 1 From the customer view in httpsadminciscosparkcom go to Users clickManage Users click EnableDirectory Synchronization and then choose Next

Step 2 Click the Download and Install link to save the latest version of the Cisco Directory Connector installationzip file to your VMware or Windows server

For a new installation of Cisco Directory Connector always go to Cisco Spark Control Hub (httpsadminciscosparkcom) to get the latest version of the software so that youre using the latest featuresand bug fixes After you install the software upgrades are reported through the software andautomatically install when available

Tip

Step 3 On the VMware orWindows server unzip and run the msi file in the setup folder to launch theCisco DirectoryConnector Setup Wizard

Step 4 Click Next check the box to accept the license agreement and then click Next until you see the account typescreen

Step 5 Choose the type of service account that you want to use and perform the installation with an admin account

bull Local SystemmdashThe default option You can use this option if you have a proxy configured throughInternet Explorer


Deploy Cisco Directory ConnectorInstall Cisco Directory Connector

bull Domain AccountmdashUse this option if the computer is part of the domain Directory Connector mustinteract with network services to access domain resources You can enter the account information andclick OK When entering the Username use the format domainuser_name

For a proxy that integrates with AD (NTLMv2 or Kerberos) you must use the domain accountoption The account used to run Directory Connector Service must have enough privilege topass proxy and access AD You need to ensure the domain account can access the on-premisesAD data and avatars data The account must also have the local Administrator Role because itmust access access files under CProgram Files

For a Virtual Machine login the admin account privilege must at least be able to read domaininformation

Note

To avoid errors make sure the following privileges are in place

bull The server is part of the domain

bull The service account has domain admin privileges

Step 6 Click Install After the network test runs and if prompted enter your proxy basic credentials click OK andthen click Finish

Sign In To Cisco Directory ConnectorProcedure

Step 1 Open the Cisco Directory Connector and then add httpsidbrokerwebexcom to your list of trusted sites ifyou see a prompt

Step 2 If prompted sign in in with your proxy authentication credentials and then sign in to Cisco Spark using youradmin account and click Next

Step 3 Confirm your organization and domain

bull If you choose AD DS choose the domain that you want to synchronize from and then click Confirm

bull If you choose AD LDS enter the host domain and port and then click Refresh to load all applicationpartitions Then select the partition from the drop-down list and clickConfirm See the AD LDS sectionfor more information

Step 4 After the Cisco Directory Connector Confirm Organization screen appears click ConfirmIf you already bound AD DSAD LDS the Confirm Organization screen appears

Step 5 Click ConfirmStep 6 Choose one depending on the number of Active Directory domains you want to bind to Directory Connector

bull If you have a single domain that isADLDS bind to the existing ADLDS source and then clickConfirm

bull If you have a single domain that is AD DS either bind to the existing domain or to a new domain Ifyou choose Bind to a new domain click Next


Deploy Cisco Directory ConnectorSign In To Cisco Directory Connector

Because the existing source type is AD DS you cannot select AD LDS for the new binding

What to Do Next

After you sign in youre prompted to perform a dry run synchronization See the links below for synchronizationsteps

Related Topics

Perform a Dry Run Synchronization on page 23Run a Full Synchronization on page 25

Directory Connector DashboardWhen you first sign in to Directory Connector the Dashboard appears Here you can view a summary of allsynchronization activities view cloud statistics perform a dry run synchronization start a full or incrementalsynchronization and launch the event view to see error information

If your session times out sign back inNote

You can easily run these tasks from the Actions Toolbar or Actions Menu

Table 1 Dashboard Components

Displays the status information about the synchronization that iscurrently underway When no synchronization is being run the statusdisplay is idle

Current Synchronization

Displays the next scheduled full and incremental synchronizations Ifno schedule is set Not Scheduled is displayed

Next Synchronization

Displays the status of the last two synchronizations performedLast Synchronization

Displays the overall status of the synchronizationCurrent Synchronization Status

Displays the current on-premises connectors that are available to theCloud

Connectors

Displays the overall status of the synchronizationCloud Statistics

Displays the synchronization schedule for incremental and fullsynchronization

Synchronization Schedule


Deploy Cisco Directory ConnectorDirectory Connector Dashboard



Lists the settings that you changed in the configuration For examplethe summary might include the following

bull All objects will be synchronized

bull All users will be synchronized

bull Deleted threshold has been disabled

Configuration Summary

Table 2 Actions Toolbar

Manually start an incremental synchronization (disabled when youpause or disable synchronization if a full synchronization was notcompleted or if synchronization is in progress)

Start Incremental Sync

Perform a dry run synchronizationSync Dry Run

Launch the Microsoft Event ViewerLaunch Event Viewer

Refresh the Cisco Directory Connector dashboardRefresh

Table 3 Actions Menubar

Start a full synchronization instantlySync Now

Select either incremental or full synchronization modeSynchronization Mode

Establish a conversation between Cisco Directory Connector and theconnector service Selecting this action will reset the secret in the cloudand then saves the secret locally

Reset Connector Secret

Perform a test of the synchronization process You must do a dry runbefore you do a full synchronization

Dry Run

Turn onoff troubleshootingTroubleshooting

Refresh the Cisco Directory Connector main screenRefresh

Exit Cisco Directory ConnectorExit



Table 4 Key Combinations

ActionKey Combination

Show the Actions menuAlt +A

Synchronization nowAlt +A + S

Reset Connector SecretAlt +A + R

Dry runAlt +A + D

Incremental synchronizationAlt +A + S + I

Full synchronizationAlt +A + S + F

ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F

Configure General Settings for Directory ConnectorYou can configure the name of the server running Cisco Directory Connector the log levels and the preferredsettings for the domain controllers The name of the connector appears on the dashboard in the connectorssection along with any other connectors that are running

Procedure

Step 1 From Directory Connector go to Configuration and then click GeneralStep 2 In the Connector Name field enter the connector name This field shows only the computer name that is

currently running the connectorStep 3 Choose the log level from the drop-down By default the log level is set to info The available log levels are

bull Info (Default)mdashShows informational messages that highlight the progress of the application at a highlevel

bullWarnmdashShows potentially harmful situations

bull DebugmdashShows detailed informational events that are most useful to debug an application When yousee any issue set this log level and send the event log to support when you open a case

bull ErrormdashShows error events that might still allow the application to continue running

Step 4 Choose the Preferred Domain Controllers to set the order of domain controllers for synchronizing identities


Deploy Cisco Directory ConnectorConfigure General Settings for Directory Connector

The domain controllers are accessed from top to bottom If the top controller is unavailable choose the secondcontroller on the list If no controller is listed you can access the primary controller

Select the Connector ObjectYou can select an object and its container By default all users that are not computers and all groups that arenot critical system objects are synchronized with the entire domain

Procedure

Step 1 From Directory Connector go to Configuration and then click Object SelectionStep 2 In the ObjectType section click Users and consider limiting the number of searchable containers for users

Use Groups only for Hybrid Data Security when pilot users are added to the HDS trial group See theDeployment Guide for Cisco Spark Hybrid Data Security for guidance This setting does not affect other usersynchronization in to the cloud

Step 3 Configure the LDAP filters You can add extended filters by providing a valid LDAP filterStep 4 Specify the On Premises Base DNs to Synchronize

To synchronize only the users that are enabled in Active Directory add the domain names (DNs) without thequotes

For example ((userAccountControl1284011355614803=2))

Step 5 Click Select to see the tree structure of your Active Directory From here you can select or deselect whichcontainers to search on

Step 6 Check that the objects you want to add for this configuration and click SelectYou can select individual or parent containers to use for synchronization Select a parent container to enableall child containers If you select a child container the parent container shows a gray check mark that indicatesa child has been checked You can then click Select to accept the Active Directory containers that you checked

If your organization places all users and groups in the Users container you do not have to search othercontainers If your organization is divided into organization units make sure that you select OUs

Step 7 Click ApplyChoose an option

bull Apply Config Changes

bull Dry Run

bull Cancel

For information on dry runs see Perform a Dry Run Synchronization on page 23


Deploy Cisco Directory ConnectorSelect the Connector Object

Configure the Connector PolicyYou can set the maximum number of deletes that can occur during synchronization Running synchronizationdoes not delete objects from your on-premises Active Directory All objects are deleted only from the cloud

For example you set 1 as the delete threshold trigger value When you do full or incremental sync if thenumber of users you want to delete is more than the setting the directory connector shows a warning If youclick Override Threshold you can start full or incremental sync successfully but you will see this overridenotice the next time you run the policy

Procedure

Step 1 From Directory Connector click Configuration and then choose PolicyStep 2 Check the Enable delete threshold trigger box if you want to add a threshold trigger

Choosing this option triggers an alert if the number of deletes exceeds the thresholdWhen the deletion accountexceeds the one that you define the synchronization fails

Step 3 Enter the maximum number of deletes that you want The default is 20We recommend that you do not increase the defaultvalue

Note

Step 4 Click Apply

Set the Connector ScheduleYou can set the times that you want to synchronize your Active Directory Failover is used for high availability(HA) If one connector is down we switch to another standby connector after the predefined interval

Procedure

Step 1 From Cisco Directory Connector click Configuration and then choose ScheduleStep 2 Specify the Incremental Synchronization Interval in minutes

By default an incremental synchronization is set to occur every 30 minutes The full incrementalsynchronization does not occur until you initially perform a full synchronization

Step 3 Change the Send Reports perhellip time value if you want the change how often reports are sentStep 4 Check Enable Full Sync Schedule to specify the days and times on which you want a full synchronization

to occurStep 5 Specify the Failover Interval in minutesStep 6 Click Apply


Deploy Cisco Directory ConnectorConfigure the Connector Policy

Map User AttributesYou can map attributes from your local Active Directory to corresponding attributes in the cloud The onlyrequired field is the uid

Accounts in Active Directory must have an email address the uid maps by default to the ad field of mail(not sAMAccountName)

Note

If you choose to have the preferred language come from your Active Directory users wont be able to changetheir language setting inMy Cisco Spark and administrators wont be able to change the setting in Cisco SparkControl Hub

Procedure

Step 1 From Cisco Directory Connector click Configuration and then choose User Attribute MappingThis page shows the attribute names for Active Directory and the Cisco Collaboration Cloud All requiredattributes are marked with a red asterisk

Step 2 Scroll down to the bottom of the Active Directory Attribute Names and then choosemail to map to thecloud attribute uidTo see what attributes in Active Directory correspond to in the cloud see Active Directory Attributes inDirectory Connector

Step 3 After you make your choices click Apply

Any user data that is contained in Active Directory overwrites the data in the cloud that corresponds to thatuser For example if you created a user manually in Cisco Spark Control Hub the userrsquos email address mustbe identical to the email in Active Directory Any user without a corresponding email address in ActiveDirectory is deleted

Active Directory Attributes in Directory ConnectorYou can map attributes from your local Active Directory to corresponding attributes in the cloud by usingthe User Attribute Mapping tab

This table compares the mapping between the Active Directory Attribute Names and the Cisco Cloud AttributeNames

Cisco Cloud Attribute NamesActive Directory Attribute Names

buildingNamemdash

cc

departmentNumberdepartmentNumber


Deploy Cisco Directory ConnectorMap User Attributes


displayNamedisplayName

employeeNumberemployeeNumber

employeeTypeemployeeType

facsimileTelephoneNumberfacsimileTelephoneNumber

givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou

physicalDeliveryOfficeNamephysicalDeliveryOfficeName

postalCodepostalCode

preferredLanguage

The following formats are supported xx_YYor xx-YY Here are a few examples en_USen_GB fr-CA

If you use an unsupported language orinvalid format users preferred language willchange to the language set for theorganization

Note

preferredLanguage

SipAddressestype-enterprisemdash

snsn

stst

streetstreetAddress

telephoneNumbertelephoneNumber

timezonemdash


Deploy Cisco Directory ConnectorActive Directory Attributes in Directory Connector


titletitle

enterprisetype

uidmail

Synchronize Directory Avatars to the CloudYou can synchronize your users directory avatars to the cloud so that each avatar appears when they sign into the Cisco Spark app

Before You Begin

The URI pattern and variable value in this procedure are examples You must use actual URLs where yourdirectory avatars are located

Procedure

Step 1 From Cisco Directory Connector go to Configuration and then click AvatarStep 2 Enter the Avatar URI PatternmdashFor example httpwwwexamplecomdirphotozoommail

(=)jpg

Lets look at each part of the avatar URI pattern and what they mean

bull httpwwwexamplecomdirphotozoommdashThe path to where all of the photos that will be syncedis located It has to be a URL which the Cisco Directory Connector service on your server must be ableto reach

bull mailmdashTells Cisco Directory Connector to get the value of the mail attribute from Active Directory

bull (=)mdashA regex syntax that performs these functions

mdashAny character repeating zero or more times

mdashTells the preceding variable to match as few characters as possible

(= )mdashMatches a group after the main expression without including it in the result DirectoryConnector looks for a match and doesnt include it in the output

mdashThe at-symbol followed by any character repeating zero or more times

bull jpgmdashThe file extension for your users avatars See supported file types in this document and changethe extension accordingly

The avatar URI pattern and the server where the avatars reside must be reachable from the Cisco DirectoryConnector application The connector needs http or https access to the images but the images dont need tobe publicly accessible on the internet


Deploy Cisco Directory ConnectorSynchronize Directory Avatars to the Cloud

Step 3 Enter the Variable ValuemdashFor example abcdexamplecomStep 4 Click Test to make sure the avatar URI pattern works correctly

ExampleIn this example if the mail value for one AD entry is abcdexamplecom and jpg images were beingsynchronized the Final Avatar URI is httpwwwexamplecomdirphotozoomabcdjpg

Step 5 After the URI information is verified and looks correct check Enabled and then click ApplyFor detailed information about using regular expressions see the Microsoft Regular Expression LanguageQuick Reference

bull The images that are synchronized become the default avatar for users in the Cisco Spark app Users arenot allowed to set their own avatar after this feature is enabled from Cisco Directory Connector

bull If your Cisco WebEx site is managed through Cisco Spark Control Hub the user avatars synchronizeover to both Cisco Spark and any matching accounts on the WebEx site

What to Do Next

Do a dry run synchronization if there are no issues then do a full synchronization to get your Active Directoryuser accounts and avatars to synchronize into the cloud and appear in Cisco Spark Control Hub

Perform a Dry Run SynchronizationWhen you perform a dry run Cisco Directory Connector retrieves the information from your Active Directorybased on the configuration parameters that you set This information is then compared against the informationstored in the cloud A dry run allows you to see what objects will be added modified or deleted when yourun a full or incremental synchronization


Deploy Cisco Directory ConnectorPerform a Dry Run Synchronization

Perform a dry run before you enable full synchronization or when you change the synchronization parametersIf the dry run was initiated by a configuration change you can save the settings after the dry run is completeIf you have already added users manually performing an Active Directory synchronisation may causepreviously added users to be removed You can check the Cisco Directory Connector Dry Run Reports toverify that all expected users are present

Procedure

Step 1 Choose one

bull After first-time sign in click Yes

bull From Cisco Directory Connector click Dashboard choose Sync Dry Run and then click OK to starta dry run synchronization

The connector collects data while the test runs Youll see a report appear with the results (Mismatched Objects)

Email address is the key value for users Users without email addresses who are in Active Directory are notlisted in the dry run report

Step 2 Review the results and delete any flagged objects as needed



bull Click Delete all objects if you want to remove mismatched user accounts then click Yes to confirm theoperation

bull If youre sure you want to keep mismatched user accounts after you reviewed the results click Done

You may already have some Cisco Spark users before you used Cisco Directory Connector Amongthe users in the cloud some might be matched into the on-premises Active Directory and assignedlicenses for services But somemay be test users that you want to delete while doing a synchronization

The dry run identifies the users by comparing them with domain users The application can identifythe users if they belong to the current domain In this step determine whether you want to retain theusers for when you synchronize the next domain In the next Active Directory domain all users in thecloud must be matched with users in the on-premises Active Directory in a different Active Directorydomain You can decide to delete invalid users After you delete them you can configure automaticsynchronization

Tip

Step 3 Redo the dry run synchronization and view the dashboard to see the resultsAny accounts that were successfully synchronized in the dry run appear under Objects Matched

If a user in the cloud doesnt have a corresponding user with the same email in Active Directory the entry islisted under Admin objects will be deleted To avoid this delete flag you can add a user in Active Directorywith the same email address

Step 4 (Optional) Click Enable Now if you want to enable synchronization at this point

What to Do Next

bull Continue the steps to perform a full synchronization

bull To view the details of the items that were synchronized click the corresponding tab for specific itemsor Objects Matched To save the summary information click Save Results to File

Run a Full SynchronizationWhen you run a full synchronization the connector service sends all filtered objects from your Active Directory(AD) to the cloud The connector service then updates the identity store with your AD entries

Cisco Directory Connector synchronizes the user account statemdashIn Active Directory any users that are markedas disabled appear as disabled in the cloud too

Before You Begin

bull If you want the Cisco Spark user accounts to be active after the full synchronization and before theysign in for the first time you must do these steps to bypass the email validation

Integrate Single Sign-On with your Cisco Spark organization See Single Sign-On with CiscoSpark Services and your Organizations Identity Provider

Use Cisco Spark Control Hub to verify domains contained in the email addresses Then contactthe Cisco TAC to claim the domains See Add Verify and Claim Domains

bullWhen you enable synchronization Cisco Directory Connector asks you to perform a dry run first Werecommend that you do a dry run before a full synchronization to catch any potential errors


Deploy Cisco Directory ConnectorRun a Full Synchronization

Procedure

Step 1 Choose one

bull After first-time sign in if the dry run is complete and looks correct clickEnable Now to allow automaticsynchronization to occur

bull From Cisco Directory Connector go to the Dashboard click Actions choose Synchronization Modegt Enable Synchronization and then click Sync Now gt Full to start the synchronization

Step 2 Confirm the start of the synchronizationDuring the synchronization the dashboard shows the synchronization progress this may include the type ofsynchronization the time it started and what phase in which the synchronization is currently running

After synchronization the Last Synchronization and Cloud Statistics sections are updated with the newinformation User data is synchronized to the cloud

If errors occur during the synchronization the status indicator ball turns red

Step 3 Click Refresh if you want to update the status of the synchronization (Synchronized items appear underCloud Statistics)

Step 4 For information about errors select the Launch Event Viewer from the Actions toolbar to view the errorlogs

bull After full synchronization is completed the status for directory synchronization updates from Disabledto Operational on the Settings page in Cisco Spark Control Hub When all data is matched betweenon-premises and cloud Cisco Directory Connector changes from manual mode to automaticsynchronization mode

bull Unless you integrate Single Sign-On verify domains and get Cisco TAC to claim domains for the emailaccounts that you synchronized the Cisco Spark user accounts remain in a pending activation state untilusers sign in to Cisco Spark for the first time to confirm their accounts See the Before You Begin sectionfor guidance

bull If you integrated Single Sign-Onwith Cisco Spark and suppressed email notifications the email invitationsare not sent out to the newly synchronized users

What to Do Next

If you remove a user from Active Directory the user is deleted after the next Cisco Directory Connectorsynchronization If you disable a user through Active Directory (by checking Account is disabled in theActive Directory interface) the user is changed to inactive but his profile data is kept in the backend Eachaction has a different logic but in both cases the user account disappears from the Cisco Spark Control Hub

Run an Incremental SynchronizationAn incremental synchronization queries your Active Directory and looks for changes that occurred since thelast synchronization This step then bundles those changes and sends them to the connector service


Deploy Cisco Directory ConnectorRun an Incremental Synchronization

Procedure

Step 1 From Cisco Directory Connector click DashboardWhen you enable synchronization Cisco Directory Connector asks you to perform a dry runfirst

Note

Step 2 From Actions click Synchronization Mode gt Enable SynchronizationStep 3 From Actions click Sync Now gt Incremental

bull During the synchronization the dashboard shows the synchronization progress this may include thetype of synchronization the time it started and what phase in which the synchronization is currentlyrunning

bull After synchronization the LastSynchronization and Cloud Statistics sections are updated with thenew information


For information about errors click LaunchEvent Viewer from theActions toolbar to view the error logs

What to Do Next

Related Topics

Launch the Event Viewer on page 36

Assign Cisco Spark Services to Directory Synchronized Usersin Cisco Spark Control Hub

After you complete a full user synchronization from Cisco Directory Connector in to Cisco Spark ControlHub you can use Cisco Spark Control Hub assign Cisco Spark service licenses to all of your users at onceYou can make individual changes after this initial step

When you assign a license to a Cisco Spark user that user receives an email confirming the assignment bydefault The email is sent by a notification service in Cisco Spark Control Hub If you integrated SingleSign-On with your Cisco Spark organization you can also suppress these automatic email notifications if youprefer to contact your users directly

Before You Begin

bull Perform a Dry Run Synchronization on page 23

bull Run a Full Synchronization on page 25


Deploy Cisco Directory ConnectorAssign Cisco Spark Services to Directory Synchronized Users in Cisco Spark Control Hub

Procedure

Step 1 From the customer view in httpsadminciscosparkcom go to Users clickManage Users chooseModifyall synchronized users and then click Next

Step 2 If you suppressed email notifications read the prompt that appears and then click NextStep 3 On Sync Status click the refresh arrow to reload the list click Next and then heck the Cisco Spark services

that you want to apply initially to all of the synchronized users

What to Do Next

bull If emails arent suppressed an email is sent to each user with an invite to join and download Cisco Spark

bull If you selected the same Cisco Spark services for all of your users afterwards you can change licenseassigned individually or in bulk

Related Topics

Ways to Add and Manage Users in Your Cisco Spark Organization



C H A P T E R 4Manage Cisco Directory Connector

bull Upgrade Cisco Directory Connector page 29

bull Turn Off Directory Synchronization page 29

bull Uninstall and Deactivate Cisco Directory Connectors page 30

Upgrade Cisco Directory ConnectorCisco Directory Connector automatically notifies you when a new version is available Always upgrade tothe latest version to avoid problems You also see a notification in the Windows task bar

Before You Begin

You must disable the existing synchronization for the upgrade to proceed

Procedure

Step 1 From Cisco Directory Connector click DashboardStep 2 Go to Actions click Synchronization Mode and then choose Disable SynchronizationStep 3 Either click on the notification or right-click on the icon in the taskbar to start the upgrade processStep 4 Follow the instructions to complete the upgrade

What to Do Next

When the upgrade process is complete be sure to verify the version number of the software

Turn Off Directory SynchronizationIf you need to stop synchronization from Cisco Directory Connector you can temporarily turn it off fromCisco Spark Control Hub


Procedure

Step 1 From the customer view in httpsadminciscosparkcom go to Settings scroll to Directory Synchronizationand then click Turn Off

Step 2 After you read the prompt click Turn OffSynchronization stops until you reenable it from Cisco Directory Connector

Uninstall and Deactivate Cisco Directory ConnectorsAfter you uninstall an instance of Cisco Directory Connector you must deregister it Completely remove aCisco Directory Connector for any of these scenarios

bull You dont want to use directory synchronization any more

bull You dont want to use one of multiple directory connectors (high availability)

bull You want to change the domain and install another connector

Before You Begin

bull You may have multiple instances of Cisco Directory Connectors set up for high availability (HA) Disable the synchronization if you are uninstalling the only or last remaining instance of DirectoryConnector

bull Save and close any important work before you uninstall Cisco Directory Connector

Procedure

Step 1 From your Windows machine go to Control Panel and then click Programs and FeaturesStep 2 From the program list click Cisco Directory Connector choose Uninstall and then follow the prompts

You might have to reboot your system to complete the uninstallation

Step 3 From the customer view in httpsadminciscosparkcom go to Settings scroll to Directory Synchronizationand then click Deactivate

Step 4 After you read the prompt click DeactivateUnless theres another Cisco Directory Connector in a high availability (HA) deployment user accounts arenot synchronized any more


Manage Cisco Directory ConnectorUninstall and Deactivate Cisco Directory Connectors

C H A P T E R 5Manage Cisco Spark User Accounts

bull Change a Cisco Spark Email Address page 31

bull Change the Active Directory Domain page 31

bull Domain Claim page 32

bull Convert Cisco Spark Users in a Directory Synchronized Organization page 32

bull Sideboarded Cisco Spark User Accounts page 33

bull Change Cisco Spark Username Format After Directory Synchronization page 33

Change a Cisco Spark Email AddressIf your organization does not use the Cisco Directory Connector you can change your Cisco Spark emailaddresses through the account settings at httpsidbrokerwebexcomidbprofile

If you want to change your email addresses using the Cisco Directory Connector you change those emailaddresses in Active Directory After the next synchronization the changes appear in Cisco Spark There isno loss of data or spaces using this method The on-premises user ID is set in the cloud after the firstsynchronization All subsequent synchronizations are based on the user ID

Change the Active Directory DomainYou can use this procedure to create new domains and email addresses They will be synchronized with theidentity service in the cloud

Procedure

Step 1 Set up a new Active Directory (AD) domainStep 2 Disable synchronizations on all of your Cisco Directory ConnectorsStep 3 Uninstall all of your Cisco Directory ConnectorsStep 4 Open a case to change the domainStep 5 After the case is resolved


a) Install the Cisco Directory Connector on the same server as the one with the newActive Directory domainb) Configure the Cisco Directory Connector so that its point to the new Active Directory domain

If there are existing users in Cisco Spark Control Hub (httpsadminciscosparkcom) ensure that userswith matching email addresses are also present in Active Directory User email addresses that are in themanagement portal but not in Active Directory are deleted from the portal

Perform a test run with the Cisco Directory Connector before doing the actual synchronization

Domain ClaimA domain claim occurs if you claim an email domain for an organization so that any sideboarded account iscreated in the customer organization and not the free consumer organization You can only do a domain claimthrough a support case (see the link below)

If the Cisco Directory Connector is active and the domain is claimed sideboarded accounts are not createdeither in the customer organization or in the free consumer organization Only the Cisco Directory Connectormay provision accounts for the organization fromActive Directory The information stored on Active Directoryis the original source If you attempt to sideboard an account the invited user receives an error The only waythat an invited user can be added to a Cisco Spark space is by using the Cisco Directory Connector to provisionthe account

Related Topics

Add Verify and Claim Domains

Convert Cisco Spark Users in a Directory SynchronizedOrganization

You can only use unique email addresses in the Cisco Spark directory If your users have signed up for thefree version of Cisco Spark their account exists in the free consumer organization

Tomanage users in this organization using Cisco Directory Connector migrate (convert) them to the customerorganization before you turn on the Cisco Directory Connector

If you do not convert the accounts before activation turn off the Cisco Directory Connector in order to convertthem

If you attempt to convert a user while directory synchronization is enabled the error message ltemail addressgtcould not be converted appears

To avoid the problem you can use this workaround

Before You Begin

If any converted users are deleted they lose all their Cisco Spark spacesCaution


Manage Cisco Spark User AccountsDomain Claim

Procedure

Step 1 Disable the directory synchronization from the Cisco Directory ConnectorStep 2 Convert the user from the free consumer organization to the enterprise organizationStep 3 On the Cisco Directory Connector run a dry run When the dry run completes check the Delete Users tab

Verify that any users that you converted are not deletedStep 4 When you are sure that the next synchronization will not remove any accounts reenable directory

synchronization from the Cisco Directory Connector

Sideboarded Cisco Spark User AccountsWhen you invite another user to a space in Cisco Spark if the invited user does not exist in the Cisco Sparkdirectory an account is created for them (sideboarded) By default accounts that are created this way areadded to the free consumer organization

If you want to manage the sideboarded account using the Cisco Directory Connector you must convert theaccount

Change Cisco Spark Username Format After DirectorySynchronization

By default Cisco Directory Connector maps the displayName attribute in Active Directory to the displayNameattribute in the cloud

After performing a directory synchronization you may find that usernames display in the format ltlastNamefirstNamegt

This username may appear if the displayName attribute in Active Directory is configured that way Whenthe attribute is mapped to displayName in the cloud names show up in the format ltlastName firstNamegtin Cisco Spark Control Hub

To change the format in the Directory Connector attribute mapping screen map the attribute givenNamesn (or sn givenName) to displayName in the Cisco Cloud Attribute Names column


Manage Cisco Spark User AccountsSideboarded Cisco Spark User Accounts

Alternatively map the attribute sn givenName to displayName


Manage Cisco Spark User AccountsChange Cisco Spark Username Format After Directory Synchronization

A P P E N D I X ATroubleshoot Cisco Directory Connector

bull Enable Troubleshooting for Directory Connector page 35

bull Launch the Event Viewer page 36

bull Enable TLS in Internet Explorer page 37

bull Check Directory Connector for Errors page 38

bull Cisco Directory Connector Stopped Working page 38

bull Error Messages and Fixes for Cisco Directory Connector page 39

bull Troubleshoot Service Account Sign In Issues page 41

Enable Troubleshooting for Directory ConnectorYou can enable troubleshooting to help diagnose any errors you encounter in Cisco Directory ConnectorTroubleshooting lets you capture the network traffic information and save it to a file

Locate the troubleshooting file ltInstallation LocationgtCisco SystemsCisco SystemsCisco Directory

ConnectorDataTroubleshootingtxt

Procedure

Step 1 Run the servicesmsc file to change the running account for the Cisco Directory Connector service from theLocal System to a domain account that has privileges to access your AD DS or AD LDS

Step 2 Restart the serviceSee How to Start Services for guidance


Step 3 In Cisco Directory Connector click DashboardStep 4 Go to Actions and then click TroubleshootingStep 5 With troubleshooting enabled repeat the actions that were causing an error this captures the traffic data so

that it can be examinedStep 6 Examine the log file if the file is blank make sure that the account has privileges to access your AD DS or

AD LDSStep 7 If necessary send the log file to support for assistanceStep 8 Disable the troubleshooting feature when you are done

Related Topics

Contact Support

Launch the Event ViewerTo see the events that occurred during a full or incremental synchronization launch the Event Viewer Itdisplays a summary of the administrative events and error logs

Procedure

Step 1 From Cisco Directory Connector go to Dashboard and then click Action gt Launch Event ViewerThe Event Properties dialog shows the synchronization event details and error details

Step 2 From Event Viewer go to Applications and Services Logs gt Cisco Directory Connector


Troubleshoot Cisco Directory ConnectorLaunch the Event Viewer

Step 3 Click Save All Events As to export the logs as an Events file (evtx)

What to Do Next

If you need to open a case contact support describe the problem with Cisco Directory Connector and thenattach the Events file to your case

Event logs capture user actions For help with managing network traffic enable troubleshooting on CiscoDirectory Connector

Note

Enable TLS in Internet ExplorerIf you switched Single Sign-On (SSO) providers you may see the following error messages from CiscoDirectory Connector

bull Error occurred logging on to service

bull An error has occurred in the script on this page

If you see these errors you must enable a TLS setting in your browser


Troubleshoot Cisco Directory ConnectorEnable TLS in Internet Explorer

Procedure

Step 1 Open Internet Explorer and then choose Tools Now check the boxes for the TLSSSL version you want toenable Click OK Close the browser and open it again

Step 2 Click Internet Options go to Advanced scroll to the SecurityStep 3 Check the Use TLS 10 check box and then click OKStep 4 Restart your system for the changes to take effect

Check Directory Connector for ErrorsYou may receive an email informing you that the Cisco Directory Connector is not working

Procedure

Step 1 First ensure that the machine where the connector was installed has connectivity to the networkStep 2 Run Cisco Directory Connector and sign in to the DashboardStep 3 Verify that there are no errors in the DashboardStep 4 Follow the troubleshooting steps

Related Topics

Cisco Directory Connector Stopped Working on page 38

Cisco Directory Connector Stopped WorkingProblem You received alert emails notifying you that your Cisco Directory Connector is not working

Possible Cause

bull The Cisco Directory Connector may not be installed correctly

bull The Cisco Directory Connector may not be running

bull The network may not be available

Solution Try the following

bull Open the Control Panel then Programs and Features Locate Cisco Directory Connector If itrsquos not theredownload the latest version and install it

bull Open Service and locate Cisco DirSync Service Make sure that it displays the status as Started If theservice is stopped right-click and select Start to restart the service

bull Make sure the server on which you installed the Cisco Directory Connector has the access to Internet


Troubleshoot Cisco Directory ConnectorCheck Directory Connector for Errors

Error Messages and Fixes for Cisco Directory ConnectorYou may encounter an error message or other issue in Cisco Directory Connector Also after Cisco DirectoryConnector synchronizes user information it may send you an email report that lists any problems with thesynchronization Use this table to understand the issue and try the proposed fixes

How to FixExampleWarning or Error Message

1 Run a command prompt (cmd)and then enter ldpexe

2 Click Connection gt Bindchoose Bind as currentlylogged on user and then clickOK

3 Click View gt Tree enterDC=arbonneintlDC=ad asBaseDN and then click OK

4 If the issue continues open acase with support

In most cases the problem isbecause the Cisco DirectoryConnector has no privilege toconnect to LDAP root context

Unable to register the connectorA general exception occurred

When you see the login popup youneed provide a valid account whichhas the authentication for passingthrough security

The Connector completes NTLMsecurity authentication silently withthe logon account If authenticationfails a dialog pops up to ask forthe authentication username andpassword

A dialog appears prompting youto enter the username and passwordto pass the authentication

The avatar data synchronization isseparated from the AD userprofiles If avatar data synced failsyou must ensure that avatar datacan be accessed by NTLMauthentication or basic-auth

Youre using NTLM securityauthentication to access avatar data

Cisco Directory Connectorsynchronized user AD data to theCisco Collaboration Cloud But noavatar data was syncedsuccessfully


Troubleshoot Cisco Directory ConnectorError Messages and Fixes for Cisco Directory Connector


Choose one

bull If its okay to delete the userand redo the licenses afteryou can use DirectoryConnector for the fixPerform a synchronization todelete the user and thenperform anothersynchronization to sync theuser from on-premises AD tothe cloud

bull If you cant delete andrecreate the user accountopen a case with support

When performing a dry runsynchronization to check the databetween Active Directory and thecloud you may see the same emailaddress in both However the useris marked as an object to bedeleted

The matched users are marked tobe deleted

Create a user in your ActiveDirectory with the same emailaddress as the administrator thatyou registered in Cisco SparkControl Hub

Synchronization deletes all existingfull administrators Promote otherusers to full administrator status orchange your synchronizationconfiguration

Synchronization deletes all existingfull administrators

An attribute for this user does nothave a valid value Fix its valueaccording to the description in thewarningmessage Then do anothersynchronization

For CN=bOU=EmployeesOU=CUsersDC=cDC=com the attribute[telephone number] has thefollowing invalid value + Thisattribute must contain at least onenumber

For [user dn (distinguished name)]the attribute [attribute name] hasthe following invalid value[attribute value]

One of the required attributes ismissing for the user[user_email_address] Provide therequired values for that user

The required attribute emailaddress is missing When addingon-premises entry [CN=SalesUserOU=EngineersOU=KDC=kDC=local]the entry is not created in CiscoSpark Control Hub until allrequired attributes have a value

The required attribute[attribute_name] when addingon-premises entry [user dn(distinguished name)] The entryis not created in Cisco SparkControl Hub until all requiredattributes have a value

Create a user in your ActiveDirectory with the same emailaddress as the administrator thatyou registered though Cisco SparkControl Hub

No on-premises user matches theexisting full administrators in thecloud The following cloud fulladministrators would have beendeleted but were not [admin emailaddress]

No on-premises user matches theexisting full administrators in CiscoSpark Control Hub The followingcloud full administrators wouldhave been deleted but were not[admin email address]




A user with that email addressalready exists in Cisco SparkControl Hub

There is a naming conflict for[CN=MROU=UsersOU=DDC=dDC=local]with an existing cloud entry objectwith the name[user_email_address] and of[user_type ] (Unwilling to allowthe client to enter value [user emailaddress] for [attribute uid] whichconflicts with another user)

There is a naming conflict for [userdn] for an existing cloud entryobject with the name [user emailaddress] and of user type[user_type]

Troubleshoot Service Account Sign In IssuesIf you cant sign in to Cisco Directory Connector or cant run a synchronization use these steps to try to resolvethe issue before contacting support

Procedure

Step 1 Try to visit httpscloudconnectorciscocomSynchronizationService-v1_0orgId=GLOBAL in your webbrowser

Step 2 Choose one depending on the results

bull If you cant visit the link from your browser check your network settings if your environment usesproxy check the proxy settings

bull If you can visit the link from your browser but cant open Directory Connector (Cant open connectorand pop up error message with 407) go to the customer view in httpsadminciscosparkcom andmake sure you get the latest version of Cisco Directory Connector You can contact the support teamfor help too

bull If you can visit the link from your browser but cant run a synchronization from the Cisco DirectoryConnector change the service login account to domain admin

Step 3 At a minimum make sure the configured account for the Cisco DirSync Service (which can be found inWindows services) has a privilege level that lets it access avatar data and AD data By default the serviceleverages the Windows login account credentials and authentication

Related Topics

Contact support


Troubleshoot Cisco Directory ConnectorTroubleshoot Service Account Sign In Issues



A P P E N D I X BScenarios for Provisioning Cisco Spark Userswith Cisco Directory Connector

bull Manage New and Departing Employees and Their Cisco Spark Accounts page 43

Manage New and Departing Employees and Their Cisco SparkAccounts

Scenario

Amedium-sized company with more than 8000 employees across various departments is in a phase of rapiddevelopment and are opening multiple locations The company purchased a few Cisco services such as CiscoSpark Messaging Hybrid Services and WebEx online meeting The customer IT administrator needs toprovision the users to the Cisco Collaboration Cloud after which the users can use the services

With the rapid development of the company there are employees joining and leaving The IT team want tomanage these changes so they need to add new users into their enterprise directory and also delete the useraccounts for people who left

Problem

The IT team produced a report that shows that former employees and contractors can still access servicesThe IT team didnrsquot immediately remove the user from the cloud after they finished the update in the HR servicesystem IT teams generally donrsquot have sufficient availability to support frequent changes As a result there isa discrepancy in the financial report and the service usage summary report This poses a risk of leakedconfidential information because users who already left the company can still access services

The issues in this scenario require an automated solution

Organizational Goals

The organization expects a low maintenance effort to

bull Automatically provision new users to the cloud and automatically remove the deleted users from cloudThe new users are automatically assigned services and the former employees are denied to access to theservices


bull Synchronize the user changes from on-premises to the cloud

bull Strictly make the cloud user account information consistent with on-premises directory

Solution

Cisco Directory Connector is designed to solve this problem and facilitate the customers to provision usersto the identity service in the Cisco Collaboration Cloud

Cisco Directory Connector is an on-premises application that you can set up on the AD DS devices Thenthe Directory Connector can talk with the on-Premises Active Directory and monitor the changes to sync thechanges to the cloud

The Directory Connector is easy to set up and maintain After you set up Directory Connector you never haveto worry about the security and consistency between the cloud and on-premises Active Directory Here areexamples of the convenience that the software provides

bull The user is completely deleted from the cloud once the user is removed from on-premises ActiveDirectory This ensures that the departed user is denied permission to access services

bull The software can be a distributed deployment for High Availability The other Connector can beautomatically activated when the previous active one is disconnected So High Availability can serveyour business without worrying about missing changes of on-premises AD

bull The software prevents accidental changes to user data Directory Connector maintains the integrity ofthe user data Once the Directory Connector is enabled the only data source is the on-premises ActiveDirectory

bull The software can synchronize data to the cloud at a frequency of your choosing You can choose eithera full or incremental synchronization of the changes

Conclusion

Cisco Directory Connector simplifies provisioning users to Cisco Spark for big enterprise customers withhundreds of users With this tool you can keep your user data in sync and prevent the issues covered in thescenario


Scenarios for Provisioning Cisco Spark Users with Cisco Directory ConnectorManage New and Departing Employees and Their Cisco Spark Accounts

Deployment Guide for Cisco Directory Connector

Contents


Overview of Cisco Directory Connector

Cisco Directory Connector Overview

Prepare Your Environment

System Requirements for Cisco Directory Connector

Prerequisites for Cisco Directory Connector


AD LDS with Directory Connector

Use AD LDS with Directory Connector


Directory Connector with Web Proxy Integration

Use a Web Proxy Through The Browser

Configure Web Proxy Through a PAC file

Configure Transparent Proxy

Disable Proxy Authentication

Set Proxy Authentication for Directory Connector

Deploy Cisco Directory Connector

Cisco Directory Connector Deployment Task Flow

Install Cisco Directory Connector

Sign In To Cisco Directory Connector

Directory Connector Dashboard

Configure General Settings for Directory Connector

Select the Connector Object

Configure the Connector Policy

Set the Connector Schedule

Map User Attributes

Active Directory Attributes in Directory Connector

Synchronize Directory Avatars to the Cloud

Perform a Dry Run Synchronization

Run a Full Synchronization

Run an Incremental Synchronization

Assign Cisco Spark Services to Directory Synchronized Users in Cisco Spark Control Hub

Manage Cisco Directory Connector

Upgrade Cisco Directory Connector

Turn Off Directory Synchronization

Uninstall and Deactivate Cisco Directory Connectors

Manage Cisco Spark User Accounts

Change a Cisco Spark Email Address

Change the Active Directory Domain

Domain Claim

Convert Cisco Spark Users in a Directory Synchronized Organization

Sideboarded Cisco Spark User Accounts

Change Cisco Spark Username Format After Directory Synchronization

Troubleshoot Cisco Directory Connector

Enable Troubleshooting for Directory Connector

Launch the Event Viewer

Enable TLS in Internet Explorer

Check Directory Connector for Errors

Cisco Directory Connector Stopped Working

Error Messages and Fixes for Cisco Directory Connector

Troubleshoot Service Account Sign In Issues

Scenarios for Provisioning Cisco Spark Users with Cisco Directory Connector

Manage New and Departing Employees and Their Cisco Spark Accounts

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco andor its affiliates in the US and other countries To view a list of Cisco trademarks go to this URL httpswwwciscocomgotrademarks Third-party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a partnershiprelationship between Cisco and any other company (1721R)

copy 2018 Cisco Systems Inc All rights reserved

C O N T E N T S


































Hub 27








Domain Claim 32















Contents


Changes MadeDate



April 3 2018








February 15 2018


January 31 2018


January 25 2018


Changes MadeDate



January 16 2018


January 12 2018


December 13 2017


November 2 2017


October 13 2017


September 5 2017


August 8 2017




June 5 2017


May 4 2017


March 6 2017















Dry run













Event viewer


Troubleshooting


Automated upgrade


High availability
































bull 8 GB of RAM


















About AD LDS



With AD LDS you can







Before You Begin




Procedure













Procedure









Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim














C O N T E N T S


































Hub 27








Domain Claim 32















Contents


Changes MadeDate



April 3 2018








February 15 2018


January 31 2018


January 25 2018


Changes MadeDate



January 16 2018


January 12 2018


December 13 2017


November 2 2017


October 13 2017


September 5 2017


August 8 2017




June 5 2017


May 4 2017


March 6 2017















Dry run













Event viewer


Troubleshooting


Automated upgrade


High availability
































bull 8 GB of RAM


















About AD LDS



With AD LDS you can







Before You Begin




Procedure













Procedure









Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim






















Hub 27








Domain Claim 32















Contents


Changes MadeDate



April 3 2018








February 15 2018


January 31 2018


January 25 2018


Changes MadeDate



January 16 2018


January 12 2018


December 13 2017


November 2 2017


October 13 2017


September 5 2017


August 8 2017




June 5 2017


May 4 2017


March 6 2017















Dry run













Event viewer


Troubleshooting


Automated upgrade


High availability
































bull 8 GB of RAM


















About AD LDS



With AD LDS you can







Before You Begin




Procedure













Procedure









Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim















Changes MadeDate



April 3 2018








February 15 2018


January 31 2018


January 25 2018


Changes MadeDate



January 16 2018


January 12 2018


December 13 2017


November 2 2017


October 13 2017


September 5 2017


August 8 2017




June 5 2017


May 4 2017


March 6 2017















Dry run













Event viewer


Troubleshooting


Automated upgrade


High availability
































bull 8 GB of RAM


















About AD LDS



With AD LDS you can







Before You Begin




Procedure













Procedure









Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim














Changes MadeDate



January 16 2018


January 12 2018


December 13 2017


November 2 2017


October 13 2017


September 5 2017


August 8 2017




June 5 2017


May 4 2017


March 6 2017















Dry run













Event viewer


Troubleshooting


Automated upgrade


High availability
































bull 8 GB of RAM


















About AD LDS



With AD LDS you can







Before You Begin




Procedure













Procedure









Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim


























Dry run













Event viewer


Troubleshooting


Automated upgrade


High availability
































bull 8 GB of RAM


















About AD LDS



With AD LDS you can







Before You Begin




Procedure













Procedure









Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim























Event viewer


Troubleshooting


Automated upgrade


High availability
































bull 8 GB of RAM


















About AD LDS



With AD LDS you can







Before You Begin




Procedure













Procedure









Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim







































bull 8 GB of RAM


















About AD LDS



With AD LDS you can







Before You Begin




Procedure













Procedure









Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim


















About AD LDS



With AD LDS you can







Before You Begin




Procedure













Procedure









Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim














Procedure













Procedure









Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim
















Note


Procedure







Note


Procedure







Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim
















Procedure


























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim






























Procedure




Step 1







Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim


















Step 2



Step 3




Step 4



Step 5




Step 6




Step 7



Step 8



Step 9




Step 10











Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim



















Step 11




Before You Begin




Procedure




Tip










Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim

















Note


















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim















What to Do Next


Related Topics













Connectors

























Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim

































Dry Run











Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim



















Dry runAlt +A + D



ShowHelpmenuAlt + H

HelpAlt + H + H

AboutAlt + H + A

FAQAlt + H + F


Procedure












Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim
















Procedure











bull Dry Run

bull Cancel






Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim
















Procedure




Note

Step 4 Click Apply


Procedure









Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim
















Note


Procedure








buildingNamemdash

cc









givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim



















givenNamegivenName

jabberIDmdash

ll

localemdash

managermanager

mobilemobile

oo

ouou



preferredLanguage



Note

preferredLanguage


snsn

stst

streetstreetAddress


timezonemdash




titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim















titletitle

enterprisetype

uidmail


Before You Begin


Procedure


(=)jpg


















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim



















What to Do Next






Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim















Procedure

Step 1 Choose one












Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim


















Tip




What to Do Next





Before You Begin







Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim














Procedure

Step 1 Choose one











What to Do Next





Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim














Procedure


Note






What to Do Next

Related Topics





Before You Begin





Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim














Procedure




What to Do Next



Related Topics









Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim



















Before You Begin


Procedure


What to Do Next




Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim














Procedure







Before You Begin



Procedure

















Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim
























Procedure








Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim



















Related Topics








Before You Begin




Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim














Procedure



























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim




























Procedure







Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim

















Related Topics

Contact Support


Procedure






What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim















What to Do Next



Note







Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim














Procedure




Procedure


Related Topics



Possible Cause



























Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim































Choose one
























Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim



















Procedure







Related Topics

Contact support








Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim



















Scenario



Problem









Solution








Conclusion





Contents


























Map User Attributes














Domain Claim
















Solution








Conclusion





Contents


























Map User Attributes














Domain Claim














deployment guide for cisco directory · pdf filedeployment guide for cisco directory...

Documents