Skip to end of metadata
Go to start of metadata

This page describes how to configure Sonus SBC 1000/2000 for Active Directory User Group Access:

When configuring the Domain Controller, we recommend using a domain name other than the Domain Admin user.

Step 1 - Configure the Domain Controllers

This step allows you to specify the Domain Controller(s) which will be used in the Sonus SBC 1000/2000 system. The information from the same domain controller(s) will be used for AD-based telephony routing and for Logging in to Sonus SBC 1000-2000 using an AD domain user.

To add a Domain Controller, follow the instructions outlined in Adding and Modifying Domain Controllers with the following settings:

  • Description: The name you wish to use for referencing this domain controller - used in the next step
  • IP Address/FQDN: IP address or FQDN of the Domain Controller
  • Search Scope: for example dc=uxdemo,dc=net
  • LDAP Query: for example userPrincipalName=*

Step 2 - Configure Sonus SBC 1000/2000 for Active Directory Access

In this step, we configure the Active Directory settings on Sonus SBC 1000/2000 such that we can authenticate users through the Domain Controller created earlier. Configuring the Sonus SBC 1000-2000 for Active Directory with the following settings:

In the Active Directory Configuration settings group:

  • AD Enabled: True
  • User Name: (for example, uxacc@uxdemo.net)
  • Password: (the password for the AD user)
  • Use TLS: False
  • Operating Mode: Updates

In the Cache Settings group:

  • Normalize Cache: False
  • Update Frequency: 60 (minutes)
  • Cache Attributes: for example telephoneNumber, msRTCSIP-Line, mobile, displayName, userPrincipalName

In the User Authentication Settings

  • Select the Domain Controller - created in Step 1

Step 3 - Configure AD User Group to Access Level Mapping

In this step, we map the Active Directory (AD) group with the Sonus SBC 1000/2000 access level for the AD user we wish to grant access on the Sonus SBC 1000/2000:

  • Group Name: enter the name of the AD group
  • Access level: select the access level for the group

Step 4 - Login with an Active Directory Domain User

To verify the AD domain user can access the Sonus SBC 1000/2000, the AD username must be supplied in the format USERNAME@DOMAIN - see How User Authentication Works. Enter the following in the login screen

  • User Name: enter the AD user name in the format USERNAME@DOMAIN; for example readonlyuser1@uxdemo.net
  • Password: enter the password of the AD user

  • No labels