LDAP server

For general use and administration of Meeting Management we recommend that users are authenticated via LDAP, so you should set up an LDAP server with the LDAP groups you need. We recommend that you create at least one group for administrators and one group for video operators.

See more about users and LDAP user groups in the Before you start article.

Note: All user groups must be configured on your LDAP server before you can configure Meeting Management to use them.

Set up LDAP server

To set up Meeting Management to use your LDAP server:

  1. On the Users page, go the LDAP tab.
  2. Check the Use LDAP check box.

  3. Choose protocol.

    LDAP is for unencrypted TCP connections, LDAPS is for secure connections, optionally using the certificate trust store for authentication.

  4. Enter server address and port number for your LDAP server.

    Default port numbers:

    • LDAP: 389
    • LDAPS: 636

    Note: If you are using AD, and your base DN is set on domain component (DC) level only, use the default ports for searching the Global Catalog - for LDAP port 3268, for LDAPS port 3269.

    Note: If your LDAP server address is a literal IPv6 address, enter it within square brackets.

     

  5. Optional: Check certificates against certificate revocation lists (CRLs) if you have chosen to use certificates, and you want Meeting Management to reject the connection if a certificate has been revoked.

    Meeting Management will block the connection if a certificate in the chain has been revoked, or if there is a CRL it cannot access.

    We recommend that you enable this when possible.

    Note: Only certificates with HTTP Certificate Distribution points (CDPs) are supported. If you are using CRL checks, and a certificate has no CDP, or if the CDP is not reachable via HTTP, then the connection is rejected.

    Also, your network must be configured so Meeting Management can connect to external address via HTTP.

  6. If you are using LDAPS, click Upload certificate to add the certificate chain for your LDAP server to your Meeting Management trust store.

    Certificate requirements:

    • The certificate chain should include the certificate of the CA that signed the LDAP server's certificate, plus any certificates higher in the certificate chain, up to and including the root CA certificate.
    • The server address you entered for your LDAP server must be included in the LDAP server certificate.

  7. Enter bind DN and password.

    These are credentials for the user account that will bind (authenticate) Meeting Management to your LDAP server.

    Note: These fields are case sensitive.

  8. Add Base DN (base distinguished name).

    The base distinguished name is the starting point for the directory search. Meeting Management will search for LDAP groups in this node and all nodes below it in the LDAP tree.

    Note: This field is case sensitive.

    Note: If your base DN is set on domain component (DC) level only, use the default ports for searching the Global Catalog - for LDAP port 3268, for LDAPS port 3269.

  9. Choose Search attribute.

    The search attribute is the LDAP attribute you want users to enter as username when they sign in to Meeting Management.

    Note: This field is case sensitive.

  10. Save your settings and Restart Meeting Management.

    Edit LDAP server details

    To edit LDAP server details:

    1. Sign as a local administrator.

    2. Make any relevant changes.

      See the installation guide for requirements and detailed instructions.

    3. Scroll down to the Authorization section and enter the password for your LDAP bind user.

    4. Save the changes and Restart Meeting Management.

      Note: You can restart now or wait until you have completed the configuration.