ECS and LDAP Karen Krivaa Product Marketing Manager

ECS and LDAP Karen Krivaa Product Marketing Manager

LDAP: Lightweight Directory Access Protocol ¾ LDAP serves as a flexible, scalable user- and securitymanagement infrastructure to store and manage user profiles and to serve as the basis for site-wide user authentication and security ¾ Allows for one central database to be updated for authentication via multiple ECSs on the network ¾ LDAP is an IETF standard defined by the Accessing and Indexing Directories (ASID) working group.

LDAP – Main Features today ¾ Authentication ¾ When an endpoint registers to the ECS, it is authenticated according to its alias/es and or IP address. ¾ Location of Endpoint (using static/online info) ¾ If ECS cannot find the destination in its zone, it searches the static info or the online info directory ¾ Update ¾ The ECS updates the LDAP server with information about online endpoints, such as aliases, call signaling address and RAS address. ¾ Retrieve neighbor GK list ¾ The ECS reads the neighbor list from the LDAP server every fixed time

LDAP – Tree Structure

New LDAP Schema Based on Draft H. 350. x recommendations (February 2003) ¾ Authentication ¾ At registration to the ECS, the endpoint will be authenticated according to its H. 235 sender Id and password ¾ Fixed aliases from LDAP ¾ Successful registration will utilize aliases as defined in LDAP and NOT in the endpoint ¾ Authorization ¾ Different service level groups will be utilized for authorization of the call by the ECS at the ARQ stage