|
|
(42 intermediate revisions not shown) |
Line 1: |
Line 1: |
- | == Introduction ==
| + | This page has been moved to https://service.snom.com/display/wiki/LDAP+Directory |
- | If LDAP is properly configured, the phone performs a lookup on the LDAP server for any entries with a telephoneNumber attribute set each time you start entering a number or name on the phone keypad.
| + | |
- | | + | |
- | If you type in digits then the phone displays all entries where the telephoneNumber begins with the same number entered so far.
| + | |
- | If you are typing in a name then the phone displays all entries where the displayName (or whatever name filter is set) begins with what has been entered so far. (This is not case-sensitive.)
| + | |
- | | + | |
- | Use the up and down arrows of the button [[Image:Navigation.png|20px]] to scroll through results and dial a highlighted entry by pressing [[Image:Ok_key.png|20px]].
| + | |
- | | + | |
- | == Usage ==
| + | |
- | [[Category:HowTo:Directory:LDAP#Example_1:_LDAP_name_filter]]
| + | |
- | There are two ways to perform a LDAP search on your phone:
| + | |
- | | + | |
- | #Simply start a search against LDAP by '''pressing a number'''. All corresponding entries will be shown accordingly to your query setup. Default edit mode is numeric.
| + | |
- | #Allocate the [[Settings/F_DIRECTORY_SEARCH|Directory Search function]] to one of the function keys. To do so take the following steps:
| + | |
- | ## Navigate to the "Function Keys" Web User Interface page
| + | |
- | ##* Firmware Version [[Image:Fw-version-6.gif]] [[Web Interface/V6/Function Keys#Free Function Keys|Free Function Keys Section]]
| + | |
- | ##* Firmware Version [[Image:Fw-version-7.gif]] [[Web Interface/V7/Function Keys#Free Function Keys|Free Function Keys Section]]
| + | |
- | ##* Firmware Version [[Image:Fw-version-8.gif]] [[Web Interface/V8/Function Keys#Free Function Keys|Free Function Keys Section]]
| + | |
- | ## Choose one of the free function keys and select the "[[Settings/fkey_context|Context]]", i.e. the SIP identity.
| + | |
- | ## Choose the "[[Settings/fkey|Type]]" [[Settings/fkey/keyevent|"Key Event"]]
| + | |
- | ## Enter the value '''F_DIRECTORY_SEARCH''' in the "Number" field and press "Save".
| + | |
- | | + | |
- | [[Image:03_ldap_fkey.png|600px]]
| + | |
- | | + | |
- | == Configuration ==
| + | |
- | | + | |
- | The internal LDAP client can be configured at the [[Web_Interface/V7/Advanced#LDAP|LDAP Section]] of your phone's Web User Interface (WUI).
| + | |
- | In your snom phone you will see something like the following screenshot, For more details and comprehension see examples 1 to 6:
| + | |
- | | + | |
- | [[Image:screenshot-ldap1.png]]
| + | |
- | | + | |
- | === Example Configuration===
| + | |
- | | + | |
- | You can use the below settings as a starting point and adjust the filter and display attributes according to your needs.
| + | |
- | | + | |
- | ;[[Settings/ldap_search_filter|LDAP name filter]]
| + | |
- | : (&(telephoneNumber=*)(sn=%)) --> [[Features/LDAP#Example_1:_LDAP_name_filter|Example 1]]
| + | |
- | ;[[Settings/ldap_number_filter|LDAP number filter]]
| + | |
- | : (&(telephoneNumber=%)(sn=*)) --> [[Features/LDAP#Example_2:_LDAP_number_filter|Example 2]]
| + | |
- | ;[[Settings/ldap_server|Server Address]]
| + | |
- | :[IP address or domain]. Examples: 192.168.1.100, ldap.uno.edu, ldap.company.com
| + | |
- | ;[[Settings/ldap_port|Port]]:
| + | |
- | :[blank or specified LDAP port]
| + | |
- | ;[[Settings/ldap_base|Base]]
| + | |
- | : DC=domain,DC=com --> [[Features/LDAP#Example_3:_LDAP_Base|Example 3]]
| + | |
- | ;[[Settings/ldap_username|Username]]
| + | |
- | :Admin
| + | |
- | ;[[Settings/ldap_password|Password]]
| + | |
- | : PASSWORD
| + | |
- | ;[[Settings/ldap_max_hits|Max.Hits]]
| + | |
- | :50
| + | |
- | ;[[Settings/ldap_name_attributes |LDAP Name Attributes]]
| + | |
- | : cn sn displayName --> [[Features/LDAP#Example_4:_LDAP_name_attributes|Example 4]]
| + | |
- | ;[[Settings/ldap_number_attributes|LDAP Number Atrributes]]
| + | |
- | : Mobile telephoneNumber ipPhone --> [[Features/LDAP#Example_5:_LDAP_number_attributes|Example 5]]
| + | |
- | ;[[Settings/ldap_display_name|LDAP display Name]]
| + | |
- | : %displayName --> [[Features/LDAP#Example_6:_LDAP_display_name|Example 6]]
| + | |
- | ;[[Settings/country_code|Countrycode]]
| + | |
- | : +49
| + | |
- | ;[[Settings/area_code|Areacode]]
| + | |
- | : 030
| + | |
- | | + | |
- | *Make also sure, that the [[Settings/display_method|Number Display Style]] is set accordingly to return either name, number or both.
| + | |
- | | + | |
- | ===Example 1: LDAP name filter===
| + | |
- | | + | |
- | Here you have to specify your search criteria for name look ups.
| + | |
- | *When you type in this field :'''(&(telephoneNumber=*)(sn=%))'''
| + | |
- | the result of your search will be all LDAP records which have the “telephoneNumber” field set and the (“sn”-->surname) field starts with the entered prefix.
| + | |
- | *When you type in this field : '''(|(cn=%)(sn=%))'''
| + | |
- | the result of your search will be all LDAP records which have the (“cn”-->CommonName) OR (“sn”-->Surname) field starting with the entered prefix.
| + | |
- | * When you type in this field: '''(!(cn=%))'''
| + | |
- | the result of your search will be all LDAP records which “do not” have the “cn” field starting with the entered prefix.
| + | |
- | | + | |
- | ===Example 2: LDAP number filter===
| + | |
- | Here you have to specify your search criteria for number look ups.
| + | |
- | *When you type in this field for example:'''(|(telephoneNumber=%)(Mobile=%)(ipPhone=%))'''
| + | |
- | the result of your search will be all LDAP records which have the “telephoneNumber” OR “Mobile” OR “ipPhone”field starting with the entered prefix.
| + | |
- | * When you type in this field: '''(&(telephoneNumber=%)(sn=*))'''
| + | |
- | the result of your search will be all LDAP records which have the “sn” field set and the “telephoneNumber” field starts with the entered prefix.
| + | |
- | ===Example 3: LDAP Base===
| + | |
- | Here are some examples of what you cound enter for the [[Settings/ldap_base|ldap_base]] setting
| + | |
- | o=UNIVERSITY OF NEW ORLEANS,c=US
| + | |
- | o=SFU,c=CA
| + | |
- | dc=telesec,dc=de
| + | |
- | | + | |
- | ===Example 4: LDAP name attributes===
| + | |
- | The LDAP name attributes setting can be used to specify the “name” attributes of each record which are to be returned in the LDAP search results.
| + | |
- | *When you type in this field for example:'''cn sn displayName'''
| + | |
- | this requires to specify “cn”-->commonName means Full name of the user, “sn”-->Surname, last name or family name and “displayName” fields for each LDAP record.
| + | |
- | | + | |
- | See the following screenshot example of an Active Directory:
| + | |
- | | + | |
- | [[Image:name-attri.png|700px]]
| + | |
- | | + | |
- | ;Further Examples
| + | |
- | cn sn displayName
| + | |
- | Requires “cn”, “sn” and “displayName” fields for each LDAP record.
| + | |
- | givenName
| + | |
- | Requires “givenName” field for each LDAP record.
| + | |
- | vorName nachName
| + | |
- | Requires “vorName” and “nachName” fields for each LDAP record.
| + | |
- | | + | |
- | ===Example 5: LDAP number attributes===
| + | |
- | | + | |
- | The LDAP number attributes setting can be used to specify the “number” attributes of each record which are to be returned in the LDAP search results.
| + | |
- | *When you type in this field for example:'''Mobile telephoneNumber ipPhone'''
| + | |
- | this requires to specify “Mobile”, “telephoneNumber” and “ipPhone” fields for each LDAP record.
| + | |
- | | + | |
- | See this screenshot example of an Active Directory:
| + | |
- | [[Image:numberattri.png|700px]]
| + | |
- | | + | |
- | ;Further examples:
| + | |
- | Mobile telephoneNumber ipPhone
| + | |
- | Requires “Mobile”, “telephoneNumber” and “ipPhone” fields for each LDAP record.
| + | |
- | Home Private Office
| + | |
- | Requires “Home”, “Private” and “Office” fields for each LDAP record.
| + | |
- | | + | |
- | ===Example 6: LDAP display name===
| + | |
- | | + | |
- | This setting specifies the format in which the “name, e.g. here Mike Black” of each returned search result is to be displayed on the snom phone.
| + | |
- | *When you type in this field for example:'''%sn, %givenName'''
| + | |
- | the displayed returned result should be “Black, John”
| + | |
- | *When you type in this field for example:'''%cn'''
| + | |
- | the displayed returned result should be “Mike Black”.
| + | |
- | *When you type in this field for example:'''%givenName'''
| + | |
- | the displayed returned result should be “Mike Black"
| + | |
- | *When you type in this field for example:'''%givenName - %sn '''
| + | |
- | the displayed returned result should be “Mike - Black"
| + | |
- | | + | |
- | | + | |
- | === Common attributes ===
| + | |
- | | + | |
- | Most common attributes used to configure LDAP lookup in your phone with:
| + | |
- | | + | |
- | {|border="0" cellpadding="7" cellspacing="0" valign="top" style="width: 75%; text-align: left; border:1px solid #C0C0C0"
| + | |
- | |-
| + | |
- | ! Abbrevation
| + | |
- | ! Name
| + | |
- | ! Description
| + | |
- | |-
| + | |
- | | cn
| + | |
- | | commonName
| + | |
- | | Full name of the user.
| + | |
- | |-
| + | |
- | | company
| + | |
- | | company
| + | |
- | | Company or organisation name
| + | |
- | |-
| + | |
- | | gn
| + | |
- | | givenName
| + | |
- | | Firstname also called Christian name
| + | |
- | |-
| + | |
- | | homePhone
| + | |
- | | homeTelephoneNumber
| + | |
- | | Home Phone number
| + | |
- | |-
| + | |
- | | mobile
| + | |
- | | mobileTelephoneNumber
| + | |
- | | Mobile or cellular phone number
| + | |
- | |-
| + | |
- | | o
| + | |
- | | organizationName
| + | |
- | | Organization name or even organizational name
| + | |
- | |-
| + | |
- | | ou
| + | |
- | | organizationalUnitName
| + | |
- | | Usually department or any sub entity of larger entity
| + | |
- | |-
| + | |
- | | pager
| + | |
- | | pagerTelephoneNumber
| + | |
- | | pager telephone number
| + | |
- | |-
| + | |
- | | sn
| + | |
- | | surname
| + | |
- | | Surname, last name or family name
| + | |
- | |-
| + | |
- | | -
| + | |
- | | telephoneNumber
| + | |
- | | Office phone number
| + | |
- | |}
| + | |
- | | + | |
- | == Troubleshooting ==
| + | |
- | | + | |
- | A good method to troubleshoot problems with LDAP implementation is to do a [[Web_Interface/V7/PCAP_Trace|PCAP trace]] while performing a lookup.
| + | |
- | By tracing the search requests you can check if the phone connects and authenticates correctly and determine which requests are being sent from phone to LDAP server.
| + | |
- | | + | |
- | | + | |
- | Below you can see an example of a successful LDAP lookup:
| + | |
- | | + | |
- | [[Image:01_ldap_trace.png|600px]]
| + | |
- | | + | |
- | [[Image:02_ldap_trace.png|500px]]
| + | |
- | | + | |
- | [[Category:HowTo]][[Category:Directory:LDAP]]
| + | |