Migration of MiCollab Client IDS to MiCollab IDS must be performed manually. You must copy the IDS settings from MiCollab Client into the corresponding fields in the MiCollab IDS Connection page and IDS Attributes Mappings page.
Review the General Guidelines and Limitations.
Under Applications, click MiCollab Client Service.
Under Configuration, click Configure MiCollab Client Service.
Click the Synchronization tab.
Click Active Directory/LDAP Synchronizer and then click the LDAP link.
Click Connection Settings to display the AD/LDAP Connection Settings. Use this table to match the MiCollab Client AD/LDAP settings with the corresponding MiCollab IDS Connection page settings.
MiCollab Client AD/LDAP Connection Settings |
MiCollab IDS Connection Parameters |
Description |
Primary Directory Server |
Domain name |
Domain |
Show LDAP Path Assistant |
|
LDAP path |
|
Server supports paging results |
|
Do not import disabled accounts from AD |
|
Search contents |
Search scope |
User Query |
|
Username |
Distinguished name |
Password |
Password |
Default feature profile |
|
Timestamp |
|
Timestamp attribute |
|
Timestamp syntax |
|
Click Field Mappings to display the AD/LDAP field attributes. The following table maps the default MiCollab Client IDS field attributes to the MiCollab IDS field attributes..
MiCollab Client Attribute |
Directory Server Default Attribute |
MiCollab Attribute |
|
COMMON ATTRIBUTES |
|||
|
Direct Inward Dial Number |
||
Directory key |
objectGUID |
User ID |
|
Login ID |
samAccountName |
Login |
|
distinguishedName |
distinguishedName |
Distinguished Name |
|
|
|
|
|
First name |
givenName |
First Name |
|
Last name |
sn |
Last Name |
|
Desk phone extension |
ipPhone (See Note 1 below) |
Home Element |
|
|
|
MiCollab ONLY |
|
|
|
department |
Department |
|
|
telephoneNumber |
Directory Number |
|
|
mobile |
Mobile Phone Directory Number |
|
|
objectClass |
Object Class |
|
|
otherTelephone |
Secondary Phone Directory Number |
|
preferredLanguage |
Language |
|
|
|
physicalDeliveryOfficeName |
Location |
|
employeeType |
Role |
|
MiCollab Client ONLY |
|||
Middle name |
initials |
||
Soft phone extension |
otherIpTelephone |
||
PBX Node |
facsimileTelephoneNumber |
||
Company name |
company |
||
Address |
streetAddress |
||
City |
l |
||
State/Province |
st |
||
ZIP/Postal code |
postal code |
||
Display picture |
jpegPhoto |
Note 1: If you are migrating from MiCollab Client, you must either clear ipPhone attribute from the directory server or enter a different attribute.
Synchronize the MiCollab Client database with the directory server database.
Disable IDS (LDAP Integration) for the MiCollab Client application:
Click MiCollab Client Service in the MiCollab server manager.
Click Configure MiCollab Client Service.
Click the Synchronization tab.
Click None and click Apply.
Run the MiCollab Client Integration Wizard.
In the MiCollab server manager, under Configuration click MiCollab Client Configuration Wizard.
Follow the screen prompts provided in the wizard screens.
On MiCollab in the Network Element tab of the Users and Services application, disable Single Point Provisioning.
Create a MiCollab synchronization account on the directory service domain. The account must have read access.
If Active Directory Authentication is required, ensure that a valid Certificate Authority (CA) has been configured for Active Directory. If LDAP Authentication is not required, you assign users new passwords on MiCollab using roles and associated user templates.
On the directory server, ensure that the user data fields contain entries for the following attributes: samAccountName, givenName, sn, and distinguishedName. Otherwise, failed update errors are generated on MiCollab during the synchronization. If an employeeType field is not specified the entry is sent to the detained queue.
In the MiCollab Users and Services application, create user templates for the various roles in the enterprise. In the templates, assign the phone and application services that you want to apply to the user data that is obtained from the directory server. In the templates, also set a password policy for the user data. You have the option of creating these templates from the UCC default templates.
In the MiCollab Users and Services application, create roles that correspond to the employeeType attribute entries on the directory service. You can create these roles from the UCC default roles. Note that when users are obtained from the directory server, if a user entry has a blank employeeType field, the update is sent to the detained user updates queue.
Create a connection to the directory server:
Under Configuration, click Integrated Directory Service.
Click Add connection. The Add Integrated Directory Service connection page opens.
Complete the fields to create a connection. When you configure the IDS Connection Parameters on MiCollab, transfer the "Current MiCollab Client AD/LDAP Connection Field Values" that you recorded in the first table into the MiCollab IDS Connection page. See Manage IDS Connections for field descriptions.
If Active Directory Authentication is required, the Synchronization option must be enabled. Also, set the Connection Method to either TLS or TSL/SSL. The Connection Method cannot be Unsecured.
Note: To use SSL/TLS for IDS, LDAP over SSL must enabled on the active directory server. See the following links for more information:
Click Save. MiCollab verifies the connection parameters and indicates if any errors are present.
Configure Active Drirectory Authentication if required.
Check the Enable authentication box below the desired domain. You can only enable authentication on a single domain. So, if you want to select a different domain, you must first disable the currently selected domain.
Note: You can connect the LDAP Authentication to a Global Catalogue on the domain controller. If multiple connections are used, and if those connections point to domains which are under the same forest, you can configure one connection to use the global catalogue. With global catalogue enabled, all users from all connections under the same forest should be able to authenticate. Note that using global catalogue limits the fields that can be used for synchronization.
Secure authentication requests are required as part of the IDS connection.
Click Save.
Configure the IDS Attribute Mappings. Transfer any custom Directory Server Attributes that you recorded in the second table into the MiCollab IDS Attributes Mapping page.
Note: If you are migrating from MiCollab Client, you must either clear ipPhone attribute from the directory server or enter a different attribute.
By default, user service data and Active Directory authentication is synchronized for all users. Specify any user records that you do not want to receive changes from the directory service. To prevent a user record from receiving updates from the directory server:
Under Applications, click User and Services.
Locate the user using the Search function.
On the User tab in the Personal Information section, clear the IDS Manageable box.
Click Save.
Schedule synchronizations with the directory server database to occur on a regular basis during off-business hours (for example: daily at 12:00 am). These re-occurring synchronizations keep the MiCollab database up to date with database changes that are entered on the directory server.
Under Configuration, click Integrated Directory Service.
Click Edit next to the directory service connection. The Manage IDS connections page opens.
Ensure the Re-initialize on next cycle box is clear.
In the Schedule field, set the schedule using the drop-down menus.
Click Save.
Perform a full synchronization from MiCollab with the directory server database. The user entries are not distributed to the MiVoice Business because SPP is disabled.
Resolve any detained IDS updates on MiCollab.
After the full synchronization is complete and you have resolved the detained updates, both the MiCollab and MiVoice Business databases match the directory server database.