Cisco Unified Communications Manager End-User Interface

Configure End Users to Access User Website

Starting with the Communications Manager, we can add end users one of two ways. We can either have imported them from something like Active Directory an LDAP-compliant database, or we can add them directly to the database of the Communications Manager. Either way we can then add them to a group which contains one or more roles which allows them to manage their owned end-user web pages and in order for them to get in and gain access we add the ccm user to the end of the IP address or if you’re going to use DNS, you could actually name the server I would highly recommend the IP address, but however, you think its best in your environment, you can go ahead and add that capability and you can then customize your groups and give them certain access to certain features that allow them to manage them.

Once we go into the User Management > End User, select a User, standard CCM end users for example there is a default group and it has read and update permissions. We could actually copy that and manage the permission or we could create a brand new role. Now if we create it from scratch, say brand new role, there’s no privileges there by default, so we are going to have to add each option.

Customize CCMUser Enterprise Parameters

We can manage some of the user permissions Enterprise-wide. So, if we go into the System > Enterprise Parameters. I kind of call this the registry of the Communications Manager. Enterprise-wide means all servers are affected. So if we change the system parameter in here for example, everybody that subscribes to our Communications Manager cluster will be affected by these changes. Now focused in on the users, we can enable or disable parts of the user website. In other words too, maybe there is some features out there that you are not even supporting, so you may as well turn them off so that it does not appear on the user web pages, so there is no confusion.

End-User LDAP Authentication

If we are tied into an external LDAP server, there’s a few things we need to understand about how users authenticate. If we do LDAP Synchronization, and that’s it, then our user’s personal information such as passwords and usernames are going to be managed by the Communications Manager. Basically, all we are doing is pulling over from like Active Directory, user credentials, and user information, but then we have to manage the passwords. If we do LDAP Authentication, then that means that the Active Directory server for example is going to be responsible for maintaining passwords. So for example, if a user attempted to change a password in their Graphical User Interface of the Communications Manager, it’s not going to be successful. If we think about that it would kind be a security breach. If I could use some type of external application to change my Active Directory password that would not be good. But PINs on the other hand, which are not stored in the Active Directory, Active Directory is just the way that we log into our systems, our computers, usually it is just a username and a password, there is no PIN, so the PINs are actually managed locally on the Communications Manager. So if I want to get change my PIN for accessing information on my phone that stored in the Communications Manager, but if I want to log on to my user web page and I am using LDAP Authentication, I am actually authenticating against that LDAP service, such as Active Directory.

Device Settings

In order for a user to log into their web page, they have to have either the IP address or the name of the Communications Manager Server and then they add ccmuser to the end. This is the secured connection, so they have to get used to using HTTPS to access this (https://node-ip/ccmuser). Once they’re in, they’ll see menu options for managing their devices. Maybe they are associated with one or more telephones, so that they can choose, which phone they are managing. They can do things like set their call forwarding, set up their line text labels, message waiting indicator options, manage their speed dials, and any XML services that that particular phone needs to subscribe to we make those available to them. And then they can say, I want to subscribe to that particular service and there is also a service URL which will allow us to edit the service URL mean on the base phone. So, all of these are basic settings that the user can then get in to and manage their phones via the Communications Managers.

User Settings

If they choose the User Setting option, this is where they can get in and set their language selection, manage their PIN, and their password. Remember with the password, if we are using an Active Directory server for authentication they would not be able to change their password here. But if only doing synchronization, then they could change their password. And with our Communications Manager, the system that we create that account in, if it’s local to the Communications Manager, would also allow us to manage that password. So, in other words we kind of have three options; we create user account locally, we can change the password here, we create them via Active Directory with synchronization only, manage the password locally in the user web pages, but if we had chosen authentication, again that is now managed by that LDAP External Server and with that we would not be able to change the password through the users settings.

Directory and Fast Dial

Users can manage on their own their directories, their personal address books, and their fast-dial capabilities. Now just a little interesting note about all of this, you could have end users use the Address Book Synchronization Tool, they call that tab sync, and this will let you synchronize the existing Microsoft Windows address book with your personal address book. Now the personal address book is where the end user can have their own private address entries, which is nice, they can add all their own stuff. And fast dials, which is another feature, allows you to manage a personal address book and save frequently called numbers to a fast-dial extension. So, if you’re calling corporate office often time, you could set up a fast-dial entry for that as a user and now you can just quickly dial them without have to look anything up.

Our Recommended Premium CCNA Training Resources

These are the best CCNA training resources online:

Click Here to get the Cisco CCNA Gold Bootcamp, the most comprehensive and highest rated CCNA course online with a 4.8 star rating from over 30,000 public reviews. I recommend this as your primary study source to learn all the topics on the exam. Cisco CCNA Gold Bootcamp
Want to take your practice tests to the next level? AlphaPreps purpose-built Cisco test engine has the largest question bank, adaptive questions, and advanced reporting which tells you exactly when you are ready to pass the real exam. Click here for your free trial. Cisco CCNA Gold Bootcamp