View Single Post
  #2  
Old 05-06-2021, 10:10 AM
mlombardi1's Avatar
mlombardi1 mlombardi1 is offline
Legend
 
Join Date: Sep 2010
Location: New York
Posts: 482
mlombardi1 has 25 to 49 reputation pointsmlombardi1 has 25 to 49 reputation pointsmlombardi1 has 25 to 49 reputation points
Default

AADS integrates with your enterprise directory and acts as an authentication front-end for single-sign-on. You elect in AADS what LDAP attribute to use for the username, typically something like e-mail address or sAMAccountName.

Whatever is chosen must be added to the SIP user profile in SMGR under the communication address section. This is in addition to the SIP extension. For example, use the "Microsoft Exchange" option if using e-mail. This should also work for sAMAccountName but only the user portion is referenced.

When the user logs into the softclient with domain credentials, AADS sends the username and password to enterprise directory for validation. If authenticated, AADS then performs an inquiry into SMGR to discover the user profile containing the matching username. When found, it grabs the SIP extension and communication profile password in that user account and sends those back to the softclient. These SIP credentials are used to login and register with Session Manager for telephony services without further user input.

This is really only applicable to SIP softclients such as Equinox, or Workplace as its now known. Hardphones, with the exception of the Vantage video device, do not make use of AADS in this way because they do not support domain credentials.
__________________
Meridian IT - Senior Engineer
Reply With Quote