You can manage users in CMS using Active Directory (AD) integration. It supports Active Directory for the Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, and 2019 versions. The AD integration connects to one AD system at once. The AD integration does not support Azure AD. Activating LDAP integration will not change the way you use CMS.
LDAP integration streamlines user login for CMS using:
Authentication: You can directly authenticate against the configured LDAP server during login.
Password Management: The Password Management eliminates the need to manage CMS user passwords through Avaya Services.
The CMS allows you to manage both traditional Linux users and those authenticated through LDAP.
When you activate LDAP, the LDAP system upgrades the existing CMS User Data screen.
This new interface lets you identify and manage LDAP-authenticated users alongside traditional ones.
The CMS users can log on using all CMS interfaces, including,
The LDAP authentication feature package offers an optional layer of security. You can choose to encrypt the connection between CMS and the Active Directory (AD) server. This encryption helps protect sensitive user data from being exposed during communication over the LDAP protocol.
Note:
The CMS user ID maps to the Active Directory user or person objectClass:sAMAccountName field. The CMS user IDs can be up to 31 characters long. When using LDAP, user IDs are limited to 20 characters to match Active Directory's s AMAccountName field. Keep the LDAP user IDs under 20 characters to avoid login problems.
You must verify that the user name is configured in a user or person objectClass and that the user name is in the sAMAccountName field.
The installation log file for LDAP is found in the CMS security log located at: /cms/install/logdir/security/cms_sec.log.
