[Freeswitch-users] LDAP Integration
Leon de Rooij
leon at scarlet-internet.nl
Mon Feb 2 03:42:05 PST 2009
On Jan 31, 2009, at 4:15 AM, John Skopis (Lists) wrote:
> Leon de Rooij wrote:
>> Hi John,
>>
>> I've been trying to get your mod_xml_ldap module running, but didn't
>> get very far yet..
>>
>> What is the official way to get the module built ?
>>
>
> The official way to build all fs modules is to uncomment the entry in
> modules.conf.
>
> If you want to build a specific module there are targets
>
> make mod_name-clean
> make mod_name-install
Thanks, I'll try that.
> as for mod_xml_ldap, I really do not feel that it is as quality as I
> would expect a production quality module to be.
I understand, it's just that I'm very interested in it as we're using
ldap everywhere over here.
>> I tried modifying trunk/freeswitch.spec so that
>>
>> XML_INT_MODULES contains xml_int/mod_xml_ldap
>>
>> There's also a directories/mod_ldap in DISABLED_MODULES in the same
>> file, but I don't suppose it's necessary to enable it, or is it ?
>>
>
> mod_ldap is a separate module, implementing the directory interface,
> not
> to be confused with the "directory", which is queried for user +
> domain
> configuration (e.g., conf/directory/default.xml).
>
> perhaps it should be renamed to mod_dbi?
>
>> The mod_xml_ldap doesn't get built by running make make or dpkg-
>> buildpackage from trunk/
>>
>> Also I tried building it from the module directory itself, but then I
>> get the following error:
>>
>> fsbuilder at sv:~/trunk/src/mod/xml_int/mod_xml_ldap$ make
>> Compiling mod_xml_ldap.c...
>> cc1: warnings being treated as errors
>> mod_xml_ldap.c: In function 'xml_ldap_search':
>> mod_xml_ldap.c:356: warning: cast from pointer to integer of
>> different
>> size
>> make[1]: *** [mod_xml_ldap.o] Error 1
>> make: *** [all] Error 1
>>
>
>
>
> I have been working on a new module called mod_entity that works off a
> simple description of an xml entitiy (domain, user, extension,
> condition, action, anti-action currently) querying a db backend via
> the
> directory interface for fields used to build the entity. It still
> needs
> a bit of work but I am hoping to get a patch together this weekend. I
> will post it to the freeswitch-dev list asking for comments.
>
> Off the top of my head at least the wishlist TODO is:
>
> implement connection pooling for mod_directory
>
> implement a cache either as a module used by an xml_int mod or in
> switch_xml to cache a switch_xml_t
>
>
>> (Also I had to apt-get install libsasl2 libsasl2-dev, otherwise make
>> from this dir errored with missing sasl/sasl.h)
>>
>> Can you see what I'm doing wrong ?
>>
>> (I'm using svn rev 11560)
>>
>> thanks & regards,
>>
>> Leon
>>
>> On Jan 6, 2009, at 4:55 AM, John Skopis (Lists) wrote:
>>
>>> Vinicius Kobashi wrote:
>>>> hi ppl.
>>>>
>>>> i tried hard to make it work, but still i couldnt find a complete
>>>> openldap scheme that provides these information, and i still
>>>> could't
>>>> find out where to put these configuration...
>>>>
>>>> can anyone help me?
>>>>
>>>> thankz!
>>>>
>>>> vinicius escreveu:
>>>>> thankz!
>>>>>
>>>>> ill set my openldap to provide these information..
>>>>>
>>>>> but these about these binding settings... where should i set them?
>>>>>
>>>>> best regards
>>>>>
>>>>> John Skopis (Lists) wrote:
>>>>>> vinicius wrote:
>>>>>>
>>>>>>> hi ppl.. i tried to find something at google, but i couldnt
>>>>>>> manage to find
>>>>>>> anything.
>>>>>>> i still dont know what to do to make the mod_xml_ldap work.
>>>>>>> i couldnt find information about how to build a config file for
>>>>>>> the
>>>>>>> module, and where to store it...
>>>>>>>
>>>>>>> can anyone give me a help?
>>>>>>>
>>>>>>>
>>>>>> Be advised mod_xml_ldap is probably not production quality and
>>>>>> will
>>>>>> undoubtedly change, eventually at least.
>>>>>>
>>>>>> Here is what I used once:
>>>>>>
>>>>>> <bindings>
>>>>>>
>>>>>>
>>>>>> <binding name="directory">
>>>>>> <!--%s is populated with the extension -->
>>>>>> <param name="filter" value="(FSid=%s)" bindings="directory"/>
>>>>>> <!--basedn for the searches %s is replaced with domain-->
>>>>>> <param name="basedn" value="ou=people,dc=example" />
>>>>>> <param name="url" value="ldap://172.16.75.129" />
>>>>>> <param name="binddn" value="cn=admin,dc=example" />
>>>>>> <param name="bindpass" value="secret" />
>>>>>>
>>>>>> <trans>
>>>>>> <!-- we need to translate these attrs into FS attrs -->
>>>>>> <tran name="id" mapfrom="FSid" />
>>>>>> <tran name="mailbox" mapfrom="FSmailbox" />
>>>>>> <tran name="password" mapfrom="FSPassword" />
>>>>>> <tran name="vm-password" mapfrom="FSvm-password" />
>>>>>> <tran name="email-addr" mapfrom="FSemail-addr" />
>>>>>> <tran name="vm-email-all-messages" mapfrom="FSvm-email-all-
>>>>>> messages" />
>>>>>> <tran name="vm-delete-file" mapfrom="FSvm-delete-file" />
>>>>>> <tran name="vm-attach-file" mapfrom="FSvm-attach-file" />
>>>>>> </trans>
>>>>>> </binding>
>>>>>>
>>>>>> <binding name="configuration">
>>>>>> <param name="filter" value="(%s=%s)"
>>>>>> bindings="configuration"/>
>>>>>> <param name="basedn" value="name=%s,dc=example" />
>>>>>> <param name="url" value="ldap://172.16.75.129" />
>>>>>> <param name="binddn" value="cn=admin,dc=example" />
>>>>>> <param name="bindpass" value="secret" />
>>>>>> </binding>
>>>>>> </bindings>
>>>>>>
>>>>>>
>>>>>> which should/probably/might work with ldap objects like these:
>>>>>>
>>>>>> dn: cn=John Skopis,ou=people,dc=example
>>>>>> objectClass: person
>>>>>> objectClass: inetOrgPerson
>>>>>> objectClass: organizationalPerson
>>>>>> objectClass: FreeSWITCH-Exten-Object
>>>>>> objectClass: top
>>>>>> cn: John Skopis
>>>>>> sn: Skopis
>>>>>> givenName: John
>>>>>> FSid: 1001
>>>>>> FSmailbox: 1001
>>>>>> FSpassword: 1234
>>>>>> FSvm-password: 1001
>>>>>> FSemail-addr: john+fs at skopis.com
>>>>>> FSvm-email-all-messages: TRUE
>>>>>> FSvm-delete-file: TRUE
>>>>>> FSvm-attach-file: TRUE
>>>>>>
>>>>>> dn: SIPIdentityUserName=1001,ou=h350,dc=example
>>>>>> objectClass: person
>>>>>> objectClass: SIPIdentity
>>>>>> objectClass: top
>>>>>> cn: 1001
>>>>>> sn: 1001
>>>>>> SIPIdentitySIPURI: sip:1001 at 172.16.75.129
>>>>>> SIPIdentityRegistrarAddress: 172.16.75.128
>>>>>> SIPIdentityProxyAddress: 172.16.75.128
>>>>>> SIPIdentityPassword: 1234
>>>>>> SIPIdentityUserName: 1001
>>>>>> SIPIdentityServiceLevel: premium
>>>>>>
>>>>>>
>>> Again, the module is not production quality. Hopefully I will
>>> conjurer
>>> the time and know-how to put something decent together eventually.
>>>
>>> To load configuration for any fs module you need to define the XML
>>> configuration element under the section "configuration".
>>>
>>> A good starting point is the file
>>> $PREFIX/conf/freeswitch.xml
>>>
>>> http://wiki.freeswitch.org/wiki/Freeswitch.xml
>>>
>>> Also take a look at $PREFIX/logs/freeswitch.xml.fsxml
>>>
>>> to load mod_xml_ldap you would need to add something like this to
>>> modules.conf.xml
>>>
>>> <load module="mod_xml_ldap" />
>>>
>>> and create an xml_ldap.conf.xml in
>>> $PREFIX/autoload_configs/xml_ldap.conf.xml
>>>
>>> <configuration name="xml_ldap.conf">
>>> ...
>>> </configuration>
>>>
>>> The ITU is doing some work called h.350:
>>> http://www.itu.int/ITU-T/studygroups/com16/h350/index.html
>>>
>>> Here is what I was working with:
>>> attributetype ( 1.3.6.1.4.1.65535.2.1.1 NAME 'FSid'
>>> DESC 'FreeSWITCH Extension ID'
>>> EQUALITY caseIgnoreIA5Match
>>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>>>
>>> attributetype ( 1.3.6.1.4.1.65535.2.1.2 NAME 'FSmailbox'
>>> DESC 'FreeSWITCH Extension Mailbox'
>>> EQUALITY caseIgnoreIA5Match
>>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>>>
>>> attributetype ( 1.3.6.1.4.1.65535.2.1.3 NAME 'FSpassword'
>>> DESC 'FreeSWITCH Password'
>>> EQUALITY caseExactIA5Match
>>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
>>> SINGLE-VALUE )
>>>
>>> attributetype ( 1.3.6.1.4.1.65535.2.1.4 NAME 'FSa1hash'
>>> DESC 'FreeSWITCH Crypted Password'
>>> EQUALITY caseExactIA5Match
>>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
>>> SINGLE-VALUE )
>>>
>>> attributetype ( 1.3.6.1.4.1.65535.2.1.5 NAME 'FSvm-password'
>>> DESC 'FreeSWITCH VoiceMail Password'
>>> EQUALITY integerMatch
>>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
>>> SINGLE-VALUE )
>>>
>>> attributetype ( 1.3.6.1.4.1.65535.2.1.6 NAME 'FSemail-addr'
>>> DESC 'E-mail address to send voicemail'
>>> EQUALITY caseIgnoreIA5Match
>>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>>>
>>> attributetype ( 1.3.6.1.4.1.65535.2.1.7 NAME 'FSvm-email-all-
>>> messages'
>>> DESC 'FreeSWITCH Email All Mesages'
>>> EQUALITY booleanMatch
>>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
>>> SINGLE-VALUE )
>>>
>>> attributetype ( 1.3.6.1.4.1.65535.2.1.8 NAME 'FSvm-delete-file'
>>> DESC 'FreeSWITCH VoiceMail Delete File'
>>> EQUALITY booleanMatch
>>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
>>> SINGLE-VALUE )
>>>
>>> attributetype ( 1.3.6.1.4.1.65535.2.1.9 NAME 'FSvm-attach-file'
>>> DESC 'FreeSWITCH VoiceMail Attach file'
>>> EQUALITY booleanMatch
>>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
>>> SINGLE-VALUE )
>>>
>>>
>>>
>>>
>>>
>>> objectclass ( 1.3.6.1.4.1.65535.2.2.1 NAME 'FreeSWITCH-Exten-Object'
>>> SUP top AUXILIARY
>>> DESC '%obj_desc%'
>>> MUST ( FSid $ FSpassword )
>>> MAY ( FSmailbox $ FSa1hash $ FSvm-password $ FSemail-addr $
>>> FSvm-email-all-messages $ FSvm-delete-file $ FSvm-attach-file ) )
>>>
>>> hth
>>>
>>> _______________________________________________
>>> Freeswitch-users mailing list
>>> Freeswitch-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>
>>
>> _______________________________________________
>> Freeswitch-users mailing list
>> Freeswitch-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
More information about the Freeswitch-users
mailing list