Announcement

Collapse
No announcement yet.
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory Integration with Shoretel 8.1

    Right now we are running Shoretel 7.0 (build 12.5.9303.0) and I am planning an upgrade to Shoretel 8.1 (build 13.23.4801.0). In our current setup we have a big nightmare in maintaining user account usernames, client passwords, and email addresses. As we create a new user we try to get this information correct but there are several errors. We have almost 1100 user accounts and I believe the best way to keep a low maintinence and correct Shoretel database is to link it to our Active Directory Catalog to get these three fields.

    We also have a large Citrix environment and the last time we upgraded Shoretel it caused everyone to have to log in with thier Shoretel user name and password again. This caused a large upgrade problem for us and we do not want it to happen again. I do know that our current database is running on an Access database and after the upgrade 8.1 has it running on a MySQL database. If we do do this we want to first upgrade to 8.1 then implement the AD intregration on the MySQL database.

    Has anyone every tried this?

  • #2
    How do propose to sync the data from AD to the equivalent fields in the MySQL database? Making changes to the underlying data outside of the internal ShoreTel APIs (Director and PCM) will not always have the desired result.

    Comment


    • #3
      I don’t understand why they cannot integrate LDAP/Active Directory login for the PCM. They have it working well for the Conference Bridge product.

      I don’t know if your syncing with AD idea would work though. Even though you have access to the MySql database there are other problems.

      1st you don’t really know what the AD password is. It’s not common to store AD passwords in a reversible manner. That’s also not best practices.

      2nd ShoreTel PCM passwords are encrypted somehow. If you know the password then I guess its possible to reverse it to figure out how its encrypted (maybe a hash of the password?), but not likely without seeing the source.

      So while its possible to make some tools that interact with the database directly (I just did this recently to allow our users to login/logout of their workgroups from a little web app) I don’t see how you could sync ShoreTel login with AD. Its probably best to just wait for them to do it.

      Comment


      • #4
        I have heard AD integration is coming in 9. There is no AD support in 7.x or 8.x.

        Comment


        • #5
          Yes, its in 9, but you dont get much. Single sign-on, name, # and few other fields.

          Comment


          • #6
            Single sing-on? Finally!

            Comment

            Working...
            X