VoIP:LDAP: Difference between revisions
From VTX Public Wiki
(→External LDAP: mailadresse fixed) |
(→LDAP VTX: VTX-LDAP > LDAP VTX) |
||
(5 intermediate revisions by 2 users not shown) | |||
Line 17: | Line 17: | ||
<table> |
<table> |
||
<tr><td> |
<tr><td> |
||
At this point you can choose how you want to enable LDAP: |
At this point you can choose how you want to enable LDAP (or disable) : |
||
* [[VoIP:LDAP#LDAP_VTX|LDAP VTX]] |
|||
* [[VoIP:LDAP#External_LDAP|External LDAP]] |
|||
* [[VoIP:LDAP#LDAP_Neutral|LDAP Neutral]] |
|||
* [[VoIP:LDAP#Inactive_LDAP|Inactive LDAP]] |
|||
</td></tr> |
</td></tr> |
||
</table> |
</table> |
||
Line 33: | Line 38: | ||
==LDAP VTX== |
==LDAP VTX== |
||
This option enables the LDAP server integrated in the Virtual PBX. Each compatible phone will integrate |
This option enables the LDAP server integrated in the Virtual PBX. Each compatible phone will integrate the company directory and the personal directory, managed via Kiosk. |
||
Please note that this works only with the |
Please note that this works only with the LDAP VTX, if you want to use your own LDAP-server, it has to be set up seperately by using [[VoIP:LDAP#External_LDAP|External LDAP]] |
||
<br /> |
<br /> |
||
==External LDAP== |
==External LDAP== |
||
Line 112: | Line 118: | ||
Bind DN: uid=root,ch=users,cd=office,dc=company,dc=ch |
Bind DN: uid=root,ch=users,cd=office,dc=company,dc=ch |
||
ldapsearch -H |
ldapsearch -H [ldap://ldap.company.ch ldap://ldap.company.ch] -D "ldapreader" -w ''password'' -b "dc=company,dc=ch" "(CN=ldapreader)" | grep dn |
||
dn: CN=ldapreader,OU=serviceuser,OU=organisation,DC=company,DC=ch |
dn: CN=ldapreader,OU=serviceuser,OU=organisation,DC=company,DC=ch |
||
Line 118: | Line 124: | ||
<table> |
|||
<tr><td> |
|||
[[File:LDAP example external.png|left|thumb|800x800px]] |
|||
</td></tr> |
|||
</table> |
|||
<br /> |
<br /> |
Latest revision as of 15:45, 16 September 2022
Introduction LDAP[edit | edit source]
We use LDAP to manage a centralized directory that will be automatically updated on on all compatible phones. You can manage it in the VTX-Kiosk.
LDAP is not enabled by default and can only be used on all auto-provisioned phones, not on individual ones. |
Enable LDAP phonebook via Kiosk (autoprovisioning)[edit | edit source]
LDAP can be enabled via VTX-Kiosk, so you don't have to manually input the LDAP-credentials on compatible, auto-provisioned phones.
Go to the "Directory"-menu, under "My Services" and "Telephony", you can than choose the related phone-service and tap "show".
At this point you can choose how you want to enable LDAP (or disable) : |
LDAP VTX[edit | edit source]This option enables the LDAP server integrated in the Virtual PBX. Each compatible phone will integrate the company directory and the personal directory, managed via Kiosk. Please note that this works only with the LDAP VTX, if you want to use your own LDAP-server, it has to be set up seperately by using External LDAP
External LDAP[edit | edit source]This option allows you to activate an external LDAP server (LDAP client) and enter your configuration settings To be compatible with our LDAP, be sure to work with those parameters that are predevined:
Yealink ldap.display_name = %sn %givenName ldap.name_attr = sn givenName ldap.name_filter = (|(givenName=%)(sn=%)) ldap.numb_attr = telephoneNumber mobile homePhone ldap.number_filter = (|(telephoneNumber=%)(telephoneNumber=+%)(mobile=%)(mobile=+%)(homePhone=%)(homePhone=+%))
Snom ldap_display_name = %sn %givenName ldap_name_attributes = sn givenName ldap_number_attributes = telephoneNumber mobile homePhone ldap_number_filter = (|(telephoneNumber=%*)(telephoneNumber=+%*)(mobile=%*)(mobile=+%*)(homePhone=%*)(homePhone=+%*)) ldap_search_filter = (|(givenName=%*)(sn=%*))
Gigaset BS_LDAP_Netdirs.astNetdirProvider[0].DisplayName = %sn %givenName BS_LDAP_Netdirs.astNetdirProvider[0].NameAttributes = sn BS_LDAP_Netdirs.astNetdirProvider[0].NameFilter = (|(givenName=%)(sn=%)) BS_LDAP_Netdirs.astNetdirProvider[0].NumberAttributes = telephoneNumber BS_LDAP_Netdirs.astNetdirProvider[0].NumberFilter = (|(telephoneNumber=%)(telephoneNumber=+%)(mobile=%)(mobile=+%)) BS_LDAP_Netdirs.astNetdirProvider[0].astNetDirDirectoryItems[0].aucItemAttribute[0] = givenName BS_LDAP_Netdirs.astNetdirProvider[0].astNetDirDirectoryItems[1].aucItemAttribute[0] = sn BS_LDAP_Netdirs.astNetdirProvider[0].astNetDirDirectoryItems[2].aucItemAttribute[0] = homePhone BS_LDAP_Netdirs.astNetdirProvider[0].astNetDirDirectoryItems[3].aucItemAttribute[0] = telephoneNumber BS_LDAP_Netdirs.astNetdirProvider[0].astNetDirDirectoryItems[4].aucItemAttribute[0] = mobile BS_LDAP_Netdirs.astNetdirProvider[0].astNetDirDirectoryItems[6].aucItemAttribute[0] = facsimileTelephoneNumber
Server: ldap.company.ch Port: 389 LDAP Root: DC=ldap,DC=company,DC=ch User name: CN=ldapreader,OU=serviceuser,OU=organisation Password: ************ LDAP Root: usually the domain, could also be DC=domain,DC=local User name: never use an emailadresse like for example ldapreader@company.ch User name is built with a user in the ldap or active directory tree CN=ldapreader + usually OU=organisation, could also be CN=ldapreader,OU=organisation Easiest way is to use a openldap tool to get the authentification informations Base DN: dc=ldap,dc=company,dc=ch Bind DN: uid=root,ch=users,cd=office,dc=company,dc=ch ldapsearch -H [ldap://ldap.company.ch ldap://ldap.company.ch] -D "ldapreader" -w password -b "dc=company,dc=ch" "(CN=ldapreader)" | grep dn dn: CN=ldapreader,OU=serviceuser,OU=organisation,DC=company,DC=ch
LDAP Neutral[edit | edit source]This option allows you to maintain the current configuration of your service without affecting the existing settings.
Inactive LDAP[edit | edit source]This option disables the LDAP server. Be carefull, all LDAP configurations and settings will be deleted.
|
FAQ LDAP[edit | edit source]
Use same VTX LDAP Server on different vPBX services[edit | edit source]
You wish to have same LDAP informations on different vPBX within VTX.
- Activate VTX LDAP on one of the vPBX Services
- Get the credentials of the VTX LDAP activated on this Service
- Connect to the Kiosk of the other vPBX Services
- Activate External LDAP on all other vPBX Services and enter the credentials of first VTX LDAP