LDAP

ScopTel / Active Directory : Extension Synchronization

SCOPTEL 2.7
PHONE EXTENSION
ACTIVE DIRECTORY SYNCHRONISATION

DOWNLOAD THIS PROCEDURE : ACTIVE DIRECTORY PHONE EXTENSION SYNCHRONISATION

PREAMBULE

Following is the procedure to synchronize the Active Directory user’s with ScopTel’s phone extension database. We currently support the synchronization of the attributes below:

– Phone extension
– Full name
– Username

PROCEDURE

Login to ScopTel

1

Go to menu “Configuration / Telephony / Configuration”

2

Click on the “Synchronization” tab

3

Click on “Add new sync source”

4

Select the tenant to be synchronized with

5

Follow these steps:
1. Select “Phone Extensions”
2. Type “Active Directory”
3. Click on the “Source”tab

6

Follow these steps:
1. Type the domain controller IP address
2. Type the “Distinguished Name” of your administrator account. Refer to appendix for more explanation
3. Type the account password.
4. Type the base “Distinguished Name” where to synchronize the user account. Refer to appendix for more explanation
5. Type “(objectClass=user)” in the “Filter Prefix”
6. Click the “Attributes”tab

7

Follow these steps:
1. Type “ipPhone” in attribute name of Phone Extension
2. Type “displayName”in attribute name of Full Name
3. Type “samAccountName”in attribute name of Username
4. Click on “Options”tab

8

Follow these steps:
1. Check the “Update existing Extensions?”
2. Check the “Executes a Commit if we detect changes?”
3. Check the “Enable Auto Synchronization” and fill out the schedule of syncronization
4. Click on “Save”button

9

Click on “Commit”button

10

ScopTel is now ready to be synchronized with Active Directory following the schedule configured. Please refer to appendix section for proper user creation and configuration in Active Directory.

APPENDIX

BASE DN
The base DN is where the synchronization will start the search for user’s object. In this case, we created a “test” Organization Unit to store a user object. Therefore the Base DN would be:

OU=test,DC=SCOPSERV,DC=local

11

ADMINISTRATOR ACCOUNT LOGIN DN

The “admin” account is in the Users component under SCOPSERV.local, so my distinguished name would be:

CN=admin,CN=Users,DC=SCOPSERV,DC=local

In Active Directory, “Users” is not an Organization Unit, it’s a common name and sometimes this can be confusing.

12

CONFIGURING USER EXTENSION

Open up the Active Directory User’s and Computer MMC snap-in. Create a user and edit the properties, go under “Telephones” tab. Simply type in the user Extension to be synchronized with ScopTel.

1314

Read More

Setting up an LDAP Directory Server on ScopTEL PBX

What is LDAP ?

LDAP (Lightweight Directory Access Protocol) as its name states it, is a protocol to get access to Directory Service. A well known LDAP is Active Directory that is specific to Windows Server. But for Linux, it is called OpenLDAP.

In order to use LDAP with ScopTEL PBX software, you must configure an LDAP directory server. This server stores the LDAP entries and makes them accessible to supported phones and other applications that need the information.

 

[note color=#ddd]This new functionality is offered in the latest version of Server Management 2.2.0.[/note]

 

ScopTEL integrated LDAP Manager

The LDAP manager integrated in ScopTEL PBX  was designed to make LDAP Server management as easy as possible for the user. It abstracts from the technical details of LDAP and allows persons without technical background to manage a local LDAP server.

  • Management of basic options like DN, Authentication and caching.
  • Manage Schema and dependencies
  • Authentication (User/Password)
  • Access Control (ACL)

 

Configure LDAP Directory Server

Configuring the OpenLDAP server on ScopTEL PBX is very simple:

  • – Log into ScopTEL GUI and go on Server -> LDAP Server
  • – Click on Edit and set basic options like Top-Level DN and Authentication.
  • – Click on Save. The OpenLDAP service configurations will automatically be reloaded.

LDAP Server Configuration

LDAP Server Configuration


Adding Initial Entries via ldapadd and LDIF file

Next we will add some initial entries to the LDAP server. I suggest creating an LDIF file and loading the contents into the database using the ldapadd utility. You must create an LDIF file (ex. server.ldif) . This the content of my initial LDIF file. Remember to replace all information in bold with your own.

 

[note color=#ddd]dn: dc=scopserv,dc=local
objectClass: dcObject
objectClass: organization
dc: scopserv
o: Top Level[/note]


Once this has been written to a file
server.ldif you may import it using the the ldapadd utility. First make sure your OpenLDAP server has been started. Next change directories to the directory containing the ldap file you just created and run the ldapadd utility. 

[note color=#ddd]ldapadd -x -W -D 'cn=manager,dc=scopserv,dc=local' -f server.ldif -c[/note]

You will be prompted for the rootpw (Bind Password). Enter the password and the utility should dump you to a command prompt if no errors are encountered.

 

Add entries to Directory

To add person entries to the directory, go on Organizer -> Address Book and click on New Contact. You can select in which directory (Shared and Personal Directory) you want to include the new entry.

 

Organizer -> Addressbook

Organizer -> Addressbook

 

Configure Phone Provisioning

The following phones allow to use an LDAP server for Company Directory and CallerID Lookup :

  • AudioCodes
  • Bria (softphone)
  • Polycom (A license from Polycom is required to use this feature)
  • Sipura (SPA30x and SPA50x)
  • Snom

You can enable internal LDAP support on ScopTEL PBX Phone Provisioning from Telephony -> Provisioning -> LDAP.

 

Phone Provisioning -> Internal LDAP Server

Phone Provisioning -> Internal LDAP Server

Browse LDAP Directory

On ScopTEL PBX, we include a tool that allow to browse data from any LDAP Directory. You must click on Tools -> Server -> LDAP Explorer and browse across entries.

 

Tools -> LDAP Explorer

Tools -> LDAP Explorer

 

 

External Links:

Wikipedia: http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol

OpenLDAP: http://www.openldap.org

 

Read More