.. _ldap_integration:

LDAP Integration
----------------

LDAP servers can be integrated with VOSS-4-UC for these two purposes:

* User synchronization  - sync users from LDAP into VOSS-4-UC and use LDAP to
  authenticate users.
* User authentication only - use LDAP to authenticate users in VOSS-4-UC
  (either added locally or synced from Cisco Unified CM)

User synchronization is available for Active Directory (AD) and OpenLDAP.

User authentication only is not available for OpenLDAP.

.. note::

   * To use LDAP for authentication only, you must have VOSS-4-UC 10.6(3) or later.

   * Since LDAP servers support case insensitive search base DNs,
     VOSS-4-UC supports this case insensitivity. For example, on an LDAP server,
     the following search base DNs are equal:
    
     * CN=Users,DC=example,DC=com
     * cn=Users,dc=example,dc=com
     


Multiple LDAP OUs Per Hierarchy
...............................

Large corporations and institutions with multiple domains or agencies may require
more than one LDAP Organizational Unit (OU) to be configured at a hierarchy.

VOSS-4-UC allows for multiple LDAP OUs at a hierarchy by providing 
for a *unique combination* of the following LDAP server properties 
at the hierarchy:

* IP address
* Port
* search base DN

Multiple search base DNs can therefore be configured at the *same hierarchy*
for different organizations within the same company, so
that administrators and self-service users can successfully authenticate.
For example:

LDAP server setup:

+---------+------+---------------------------------------+-------------------+
| IP      | Port | Search base DN                        | Hierarchy         |
+=========+======+=======================================+===================+
| 1.2.3.4 | 389  | ou=SharedOUA,dc=voss-solutions,dc=com | Provider.Customer |
+---------+------+---------------------------------------+-------------------+
| 1.2.3.4 | 389  | ou=SharedOUB,dc=voss-solutions,dc=com | Provider.Customer |
+---------+------+---------------------------------------+-------------------+


Users:

* userA: ou=SharedOUA,dc=voss-solutions,dc=com
* userB: ou=SharedOUB,dc=voss-solutions,dc=com