For Active Directory Integration to work properly, VX must be configured to communicate with the AD server using either LDAP queries or the Global Catalog (which requires VX be joined to the domain). With access to AD, VX can query the database.
The following procedure is for VX systems that are NOT part of an AD domain.
Active Directory Connection
First, you must define a connection to the Active Directory server (as shown in the following screen shots).
The parameters to set are explained in the table below.
The credentials (login/password) for a user that has read access to the Active Directory.
Controls how VX processes data from Active Directory. Data from Active Directory can be cached entirely on VX, or can be dynamically retrieved from Active Directory for each query, or a combination of both.
The key query used to obtain the cache. Anything that matches this AD query will be retrieved and the associated attributes cached.
Actual data entries cached from Active Directory within VX. These attributes, normally selected by pull-down, may also be modified by typing directly into the pull-down box.
How often (in minutes) to update the cache from AD.
Specifies the IP address of the machine (Domain Controller) from which values are drawn when using LDAP binds. Valid entry: IPv4 or IPv6 addresses.
Not all cache entries in Active Directory will contain the field that is searched. This can cause errors that appear to be fatal binding problems. These errors can be viewed in the ad-get and show ad-status commands. You can ignore these errors if it is clear that AD data has been cached.
Configuring AD Attributes
The fields within AD (AD attributes) have programmatic names and were not intended for users to access directly.
Active Directory Field Descriptions function permits the VX user to assign user-friendly names to AD attributes. This makes entries in the route table easier to comprehend. You must create an AD Field Description binding for every AD element you intend to use for routing decisions.
In the example shown below, the AD attribute telephoneNumber is bound to the user-friendly description PBX Phone. Obviously the AD field names are fixed, however the information stored within each field can vary by customer.
The user-friendly description can be used later for creating Route Table entries.
Verifying AD Connectivity
The status of the connection between VX and Active Directory can be determined from the VX CLI.
The command ad-get updates the local AD cached values in VX. This only works in Offline or Update modes.
The show ad-status command reveals the status of the connection between VX and AD.
The ad-dump command retrieves the desired information from the cache (Offline mode), or, if required, from the cache and subsequently AD (Update mode). No cache is built in online mode, so the request is sent directly to the AD server.
Examples of these commands are: