ZPM Proxy - How to Configure On-Premise AD (LDAP) Write-Down

:warning: The following article assumes that the ZPM Proxy is configured and enabled. For instructions on how to setup your proxy see ZPM Proxy - How to setup Connection between ZPM and Proxy

How to Configure Active Directory AD (LDAP) write-down

1 Configure LDAP settings on the Proxy Server

  • 1.1 Using your browser login to Proxy server using the machine’s hostname or ip.

  • 1.2 Go to Settings via the gear in top right corner, then to System > LDAP Management.

  • 1.3 Fill in the required information and click Save at the bottom right of the page.

    LDAP Server Details
    IP Address(es)/DNS
    LDAP Type LDAP, Novell or OpenLDAP
    Protocol LDAP using Port 386 or LDAPS using Port 636
    LDAP Service Account
    Username Provide the fullyDistinguishedName[1] or userPrincipalName[1:1] attribute of the LDAP service account with read & write access created for ZIRO.
    Password
    General Settings
    User Base DN Provide the fullyDistinguishedName attribute of the location of your UC users.
    User ID Attribute Provide the LDAP attribute used to synchronize User IDs in CUCM.
    User Object Class If your environment uses a customized version of OpenLDAP, you may need to change the default user value to allow ZIRO to find your users.
    Group Base DN Provide the fullyDistinguishedName of the location of your LDAP permission groups to be used in ZIRO.
    Groups Attribute Always use memberOf unless using Novell, in this case use groupMemberOf.
    Groups Object Class If your environment uses a customized version of OpenLDAP, you may need to change the default group value to allow ZIRO to find your groups.
    Connection Timeout (Seconds) Increase this value if you experience any LDAP connection timeout issues/errors in ZIRO.
    Read Timeout (Seconds) Increase this value if you experience any LDAP read timeout issues/errors in ZIRO.

2. Turn on Write Down to On-Premise AD feature Toggle in ZPM

  • 2.1. Login to ZPM and go to Settings > Proxy Server Management > Proxy Feature Settings
  • 2.2 Turn on Write Down to On-Premise AD feature toggle.

3. Configure your ZPM Dial Plan(s) to Write Down to On-Premise AD

  • 3.1 Scroll to the bottom of the dial plan group.
  • 3.2 Enable the Write Down to On-Premise AD toggle to expose the settings
  • 3.3 Define the specific phone number attribute(s) for ZPM to update in your On-Premise AD and define the value. A flexible expression editor creates the attribute value to be written.

EXAMPLE
Users are assigned a DID and the number needs to be written to the telephoneNumber attribute with dashes in On-Premise AD (e.g. User’s lineUri is +913367520922 and the value needed in telephoneNumber attribute is +91-33-6752-0922)

  • The required expression is {{ first 3 did }}-{{ last 2 (first 5 did) }}-{{ last 4 (first 9 did) }}-{{ last 4 did}}

  • 3.4 Save your Dial Plan. ZPM will now update the On-Premise Active Directory (AD/LDAP) whenever a phone number is assigned to a user from the specified dial plan. Additionally, feedback on any misconfiguration will be provided if the number in AD is not set correctly.

Example of the AD Write-Down in Action :clapper:


  1. Example of the required attributes for the LDAP Service Account.

    ↩︎ ↩︎