Reporting Configuration
To navigate to this page, choose
.This page has these tabs for entering reporting configuration:
-
Configure Active Directory Server
-
Report Scheduler Email Settings
Configure Active Directory Server Settings
Fields on the Active Directory tab configure the Active Directory server to authenticate reporting users as they log in to the Unified Intelligence Center Web application.
Configure Active Directory for the Unified ICM/CC supervisors so that they can sign in as Unified Intelligence Center Reporting users.
Note |
Cisco Unified Intelligence Center uses LDAP V2 which does not support all Unicode characters that are used in the first name or surname of LDAP users. |
Active Directory is not used to authenticate Administration Super Users. These Super Users can only be authenticated through the local database. The first Super User is added during installation. All other Super Users are added through the Admin User Management interface, and their credentials are encrypted into the local database.
To navigate to this page, choose Active Directory tab.
and select the
Field |
Description |
||
---|---|---|---|
Host Address and Port for Primary Active Directory Server |
Provide the hostname or IP address and the port of the Primary Active Directory server. The port defaults to 389. |
||
Host Name and Port for Redundant Active Directory Server |
Provide the hostname or IP address and the port of the Redundant Active Directory server. The port defaults to 389. |
||
Use SSL |
Check these boxes if you want the connection from the Unified device to the Active Directory connection to be encrypted with SSL while doing authentication. |
||
Manager Distinguished Name |
Enter the Manager Distinguished Name used to sign in to the Active Directory server. For example, on a default installation of Microsoft AD:
|
||
Manager Password |
Enter the Active Directory manager password. |
||
Confirm Manager Password |
Confirm the Active Directory manager password. |
||
User Search Base |
Specify the user search base. For example, on a default installation of Microsoft AD,
|
||
Attribute for User ID |
Whenever a user signs in, Unified Intelligence Center searches for that user in the LDAP (Lightweight Directory Access Protocol) using the sign-in attribute specified in the LDAP configuration. After the user is found, the full DNS of the user is extracted and used for authenticating the user. The sign-in attribute specified in the LDAP configuration is the property against which LDAP search is issued to find the matching username. If you do not know which attribute to use, use sAMAccountName, which is the default Microsoft username attribute. Different organizations settle on different LDAP attributes to identify the username across the organization, depending on the tools used to administer LDAP within their organizations. This attribute allows you to customize the sign-in depending on the attribute used. Even a custom attribute can be specified using this dialog. sAMAccountName indicates the user attribute to search the user for is the userPrincipalName. sAMAccountName contains just the short username. For example, jDoe for the user John Doe. userPrincipalName indicates the user attribute to search the user for is the userPrincipalName. This attribute contains the username in the email format, user@compay.com. This entire string becomes the username and not just user. Therefore when this attribute is selected, the user has to type the full email format in as the username in the sign-in box. Custom User Attribute allows you to specify the attribute used for searching the user in LDAP.
Contact your Active Directory Administrator for the correct attribute to use. |
||
User Name Identifiers |
Users are stored in Unified Intelligence Center in the format <UserName Identifier>\<username> The username Identifiers are used to identify the different kinds of users within Unified Intelligence Center. For example, local, LDAP, user-synced user, users from different LDAP domains, nETBIOSName, and so on. Before you can use it, the username identifier has to be declared for use on this page. When LDAP is configured, at least one identifier must be configured and set as default to enable the system to identify LDAP users. UserSychronization brings in users in format <syncdomain>\username and collections have users in the same format. Therefore, these users must sign in to Unified Intelligence Center using the <syncdomain>\user syntax. To enable, add <syncdomain> or @<syncdomain> (if you are using userPrincipalName) to the list of valid identifiers. The maximum allowed length of a username identifier is 128 characters. Example: When nETBIOSName and userPrincipalName are same or different: For sAMAccountName:Configure in Username Identifiers: <UserNameIdentifier> Login in cuic : UserNameIdentifier\user For userPrincipalName:Configure in Username Identifiers: @<UserNameIdentifier> Login in cuic : userPrincipalName This list box is pre-populated with the username Identifiers based on the list of usernames stored in the Unified Intelligence Center database. The most frequently occurring identifier in the list of username is auto-selected as the default.
|
||
Set Default. (Username Identifier) |
Default identifiers allow users to sign-in without typing the full domain identifier (<domain>\user) or the userPrincipalName suffixes to usernames (user <@company.com>) on the sign-in page. It can be set by choosing one of the Identifiers from the list box and by clicking the Set Default button. Users who use any other identifier can still sign-in by typing their full identifier in the sign-in box. For example, domain2\user or netbiosname\user, provided those identifiers are already configured. |
||
Test Connection |
Click to test the connection to the primary and secondary LDAP servers and display the connection status. |
-
Save saves the configuration information you entered for the Active Directory. Clicking Save does not validate the configuration.
-
Refresh rolls back all changes since the last save and reloads the values set during the last save.
Configure Active Directory with SSL
Perform the following steps if you want the connection from the Unified Intelligence Center to the Active Directory server to be encrypted with SSL while doing authentication.
Procedure
Step 1 |
Perform the tasks outlined in the Microsoft Active Directory documentation to set up and generate the Certificate Authority. |
||
Step 2 |
Save the certificate in Base-64 encoded X.509 (CER) file format. |
||
Step 3 |
Log in to the Cisco Unified Operating System Administration User Interface. |
||
Step 4 |
From the Security menu, select Certificate Management. |
||
Step 5 |
Select the
certificate name as
|
||
Step 6 |
Click Browse to browse and select the certificate that you have generated from the AD server.
|
||
Step 7 |
Click Upload File to upload the certificate. |
||
Step 8 |
Use the
|
Configure Email Server to Send Scheduled Reports
Use Report Scheduler Email Settings tab to configure the email server used to email scheduled reports.
The actual schedules for reports (for example, schedule daily at 10AM) are defined and maintained from the Unified Intelligence Center web application. The report scheduler emails scheduled reports at the exact time they are scheduled.
To navigate to this page, choose
and select the Report Scheduler Email Settings tab.
Field |
Description |
---|---|
SMTP Host Name / IP Address |
Enter the Hostname or IP address of the SMTP Server. Leave this field blank if you do not have an SMTP server. |
From email address |
Enter the email address that is to appear in the From field of emails sent by the Scheduler. |
Use email proxy |
Check this if you use a proxy server to reach your SMTP server. The only supported proxy type is http. |
Email proxy hostname |
Enter the Hostname or IP address of the proxy server used to reach the SMTP server. |
Email proxy port |
Enter the port the Unified Intelligence Center will use to connect to the SMTP proxy server. This defaults to 80. |
Use SMTP authentication |
Check this if your SMTP server expects to receive username/password credentials. |
SMTP Username |
If you check the Authenticate check box, enter the username that is to be authenticated. |
SMTP Password |
If you check the Authenticate check box, enter the password that is to be authenticated. |
Test Connection button |
Click to test the connection. Unified Intelligence Center attempts to send an email to check for open connections. The connection status displays next to the button. |
-
Save saves the configuration information you entered for SMTP settings.
Note
Clicking Save does not validate the configuration. Use the Test Configured Connection button to test the connection.
-
Refresh undoes all changes since the last save and reloads the values set at the last save.