We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Barracuda Phone System

How do I configure Active Directory Synchronization on my Barracuda Phone System?

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00005383

 

Scope:

Applies to the Barracuda Phone System, firmware versions 2.0 and above.

 

Answer:

Active Directory Synchronization reduces administrative overhead by allowing you to synchronize the Barracuda Phone System to your active Directory Configuration. The Active Directory Synchronization process will synchronize with a selected group within your active directory.

The Active Directory Synchronization process will complete the following steps during each sync process:
  • Create a User account on the Barracuda Phone System
  • Assign the next available extension for any user in the specified sync group
  • Create a group on the Barracuda Phone System for any group which the user belongs to within the Base DN provided (if it does not exist)
  • Assign the next available extension to the group
  • Add the user to the group
  • Remove any users who are no longer listed in the selected Active Directory Synchronization Group and who are not containers for any user accounts on the Barracuda Phone System
  • Remove any groups that are no longer in the Selected Active Directory Synchronization Group as well as any users that exist only within that group

Note - It is important to remember that users and groups MUST be managed via Active Directory once Active Directory Synchronization is being used.


Note - Removing an existing LDAP Synchronization Setup will remove ALL users and groups which it created.


Configuring Active Directory Synchronization:

  1. Navigate to Configuration > Directory Services/LDAP and click on the button labeled Select Server
  2. Supply the necessary domain credentials to access your Active Directory Tree:
    • Domain - This is the domain for which which the Active Directory is authoritative
    • Bind Username - This must be a user with LDAP read access. In most cases, the format should be username@domain
    • Bind Password - This is the password for your selected Username
  3. Click the button labeled Find Servers.
  4. Select your LDAP/Active Directory Server from the drop down list, if available, or select Active Directory (Manual Configuration)
  5. Confirm that the values entered for the server are correct.
    The following fields are required and CANNOT be changed later:
    • Server Address - IP or DNS resolvable name of server
    • LDAP Port - The default value is 389
    • LDAP Encryption - The default value is None
    • UID Attribute - The default is sAMAccountName
    • Base DN - The search root for your Domain (example: DC=example,DC=com)
    • "Member of" Attribute - the default value is memberOf
    • "Group Member" Attribute - the default value is member
  6. The next two fields are optional and can be changed later:
    • Allow User Authentication via Directory Services - Checking this box will switch from using PIN authentication to LDAP credential Authentication (See Note Below).
    • Authorization Domain/Suffix - Enter the user authorization suffix to allow username only (example - for user@example.com enter example.com).
  1. Select Save Server Settings to continue.
  2. Expand the new LDAP tree that appears in the window, and check the box next to the group(s) which you want to synchronize by clicking on them.
  3. Click the button labeled Apply.
  4. Click the button Labeled Synchronize Now.
The Active Directory Synchonization Process will now add the selected groups, all users within the selected groups, and all groups within the selected Base DN of which the selected users are members.


Note - While you can optionally enable LDAP authentication after Active Directory Synchronization has been configured, It is important to remember that this setting replaces PIN authentication with LDAP Credential authentication, disabling pin number authentication for the User Interface.


Link to this page:

https://campus.barracuda.com/solution/50160000000IMtYAAW