[Freeswitch-users] LDAP Integration

John Skopis (Lists) jlists at skopis.com
Fri Jan 30 19:15:36 PST 2009


Leon de Rooij wrote:
> Hi John,
> 
> I've been trying to get your mod_xml_ldap module running, but didn't  
> get very far yet..
> 
> What is the official way to get the module built ?
> 

The official way to build all fs modules is to uncomment the entry in
modules.conf.

If you want to build a specific module there are targets

make mod_name-clean
make mod_name-install

as for mod_xml_ldap, I really do not feel that it is as quality as I
would expect a production quality module to be.

> I tried modifying trunk/freeswitch.spec so that
> 
> XML_INT_MODULES contains xml_int/mod_xml_ldap
> 
> There's also a directories/mod_ldap in DISABLED_MODULES in the same  
> file, but I don't suppose it's necessary to enable it, or is it ?
> 

mod_ldap is a separate module, implementing the directory interface, not
to be confused with the "directory", which is queried for user + domain
configuration (e.g., conf/directory/default.xml).

perhaps it should be renamed to mod_dbi?

> The mod_xml_ldap doesn't get built by running make make or dpkg- 
> buildpackage from trunk/
> 
> Also I tried building it from the module directory itself, but then I  
> get the following error:
> 
> fsbuilder at sv:~/trunk/src/mod/xml_int/mod_xml_ldap$ make
> Compiling mod_xml_ldap.c...
> cc1: warnings being treated as errors
> mod_xml_ldap.c: In function 'xml_ldap_search':
> mod_xml_ldap.c:356: warning: cast from pointer to integer of different  
> size
> make[1]: *** [mod_xml_ldap.o] Error 1
> make: *** [all] Error 1
> 



I have been working on a new module called mod_entity that works off a
simple description of an xml entitiy (domain, user, extension,
condition, action, anti-action currently) querying a db backend via the
directory interface for fields used to build the entity. It still needs
a bit of work but I am hoping to get a patch together this weekend. I
will post it to the freeswitch-dev list asking for comments.

Off the top of my head at least the wishlist TODO is:

implement connection pooling for mod_directory

implement a cache either as a module used by an xml_int mod or in
switch_xml to cache a switch_xml_t


> (Also I had to apt-get install libsasl2 libsasl2-dev, otherwise make  
> from this dir errored with missing sasl/sasl.h)
> 
> Can you see what I'm doing wrong ?
> 
> (I'm using svn rev 11560)
> 
> thanks & regards,
> 
> Leon
> 
> On Jan 6, 2009, at 4:55 AM, John Skopis (Lists) wrote:
> 
>> Vinicius Kobashi wrote:
>>> hi ppl.
>>>
>>> i tried hard to make it work, but still i couldnt find a complete
>>> openldap scheme that provides these information, and i still could't
>>> find out where to put these configuration...
>>>
>>> can anyone help me?
>>>
>>> thankz!
>>>
>>> vinicius escreveu:
>>>> thankz!
>>>>
>>>> ill set my openldap to provide these information..
>>>>
>>>> but these about these binding settings... where should i set them?
>>>>
>>>> best regards
>>>>
>>>> John Skopis (Lists) wrote:
>>>>> vinicius wrote:
>>>>>
>>>>>> hi ppl.. i tried to find something at google, but i couldnt  
>>>>>> manage to find
>>>>>> anything.
>>>>>> i still dont know what to do to make the mod_xml_ldap work.
>>>>>> i couldnt find information about how to build a config file for  
>>>>>> the
>>>>>> module, and where to store it...
>>>>>>
>>>>>> can anyone give me a help?
>>>>>>
>>>>>>
>>>>> Be advised mod_xml_ldap is probably not production quality and will
>>>>> undoubtedly change, eventually at least.
>>>>>
>>>>> Here is what I used once:
>>>>>
>>>>>  <bindings>
>>>>>
>>>>>
>>>>>    <binding name="directory">
>>>>> 		<!--%s is populated with the extension -->
>>>>> 		<param name="filter" value="(FSid=%s)" bindings="directory"/>
>>>>> 		<!--basedn for the searches %s is replaced with domain-->
>>>>> 		<param name="basedn" value="ou=people,dc=example" />
>>>>> 		<param name="url" value="ldap://172.16.75.129" />
>>>>> 		<param name="binddn" value="cn=admin,dc=example" />
>>>>> 		<param name="bindpass" value="secret" />
>>>>>
>>>>> 		<trans>
>>>>> 			<!-- we need to translate these attrs into FS attrs -->
>>>>> 			<tran name="id" mapfrom="FSid" />
>>>>> 			<tran name="mailbox" mapfrom="FSmailbox" />
>>>>> 			<tran name="password" mapfrom="FSPassword" />
>>>>> 			<tran name="vm-password" mapfrom="FSvm-password" />
>>>>> 			<tran name="email-addr" mapfrom="FSemail-addr" />
>>>>> 			<tran name="vm-email-all-messages" mapfrom="FSvm-email-all- 
>>>>> messages" />
>>>>> 			<tran name="vm-delete-file" mapfrom="FSvm-delete-file" />
>>>>> 			<tran name="vm-attach-file" mapfrom="FSvm-attach-file" />
>>>>> 		</trans>
>>>>>    </binding>
>>>>>
>>>>>    <binding name="configuration">
>>>>>        <param name="filter" value="(%s=%s)"  
>>>>> bindings="configuration"/>
>>>>>        <param name="basedn" value="name=%s,dc=example" />
>>>>>        <param name="url" value="ldap://172.16.75.129" />
>>>>>        <param name="binddn" value="cn=admin,dc=example" />
>>>>>        <param name="bindpass" value="secret" />
>>>>>    </binding>
>>>>> </bindings>
>>>>>
>>>>>
>>>>> which should/probably/might work with ldap objects like these:
>>>>>
>>>>> dn: cn=John Skopis,ou=people,dc=example
>>>>> objectClass: person
>>>>> objectClass: inetOrgPerson
>>>>> objectClass: organizationalPerson
>>>>> objectClass: FreeSWITCH-Exten-Object
>>>>> objectClass: top
>>>>> cn: John Skopis
>>>>> sn: Skopis
>>>>> givenName: John
>>>>> FSid: 1001
>>>>> FSmailbox: 1001
>>>>> FSpassword: 1234
>>>>> FSvm-password: 1001
>>>>> FSemail-addr: john+fs at skopis.com
>>>>> FSvm-email-all-messages: TRUE
>>>>> FSvm-delete-file: TRUE
>>>>> FSvm-attach-file: TRUE
>>>>>
>>>>> dn: SIPIdentityUserName=1001,ou=h350,dc=example
>>>>> objectClass: person
>>>>> objectClass: SIPIdentity
>>>>> objectClass: top
>>>>> cn: 1001
>>>>> sn: 1001
>>>>> SIPIdentitySIPURI: sip:1001 at 172.16.75.129
>>>>> SIPIdentityRegistrarAddress: 172.16.75.128
>>>>> SIPIdentityProxyAddress: 172.16.75.128
>>>>> SIPIdentityPassword: 1234
>>>>> SIPIdentityUserName: 1001
>>>>> SIPIdentityServiceLevel: premium
>>>>>
>>>>>
>> Again, the module is not production quality. Hopefully I will conjurer
>> the time and know-how to put something decent together eventually.
>>
>> To load configuration for any fs module you need to define the XML
>> configuration element under the section "configuration".
>>
>> A good starting point is the file
>> $PREFIX/conf/freeswitch.xml
>>
>> http://wiki.freeswitch.org/wiki/Freeswitch.xml
>>
>> Also take a look at $PREFIX/logs/freeswitch.xml.fsxml
>>
>> to load mod_xml_ldap you would need to add something like this to
>> modules.conf.xml
>>
>> <load module="mod_xml_ldap" />
>>
>> and create an xml_ldap.conf.xml in
>> $PREFIX/autoload_configs/xml_ldap.conf.xml
>>
>> <configuration name="xml_ldap.conf">
>> ...
>> </configuration>
>>
>> The ITU is doing some work called h.350:
>> http://www.itu.int/ITU-T/studygroups/com16/h350/index.html
>>
>> Here is what I was working with:
>> attributetype ( 1.3.6.1.4.1.65535.2.1.1 NAME 'FSid'
>>    DESC 'FreeSWITCH Extension ID'
>>    EQUALITY caseIgnoreIA5Match
>>    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>>
>> attributetype ( 1.3.6.1.4.1.65535.2.1.2 NAME 'FSmailbox'
>>    DESC 'FreeSWITCH Extension Mailbox'
>>    EQUALITY caseIgnoreIA5Match
>>    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>>
>> attributetype ( 1.3.6.1.4.1.65535.2.1.3 NAME 'FSpassword'
>>    DESC 'FreeSWITCH Password'
>>    EQUALITY caseExactIA5Match
>>    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
>> 	SINGLE-VALUE )
>>
>> attributetype ( 1.3.6.1.4.1.65535.2.1.4 NAME 'FSa1hash'
>>    DESC 'FreeSWITCH Crypted Password'
>>    EQUALITY caseExactIA5Match
>>    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
>> 	SINGLE-VALUE )
>>
>> attributetype ( 1.3.6.1.4.1.65535.2.1.5 NAME 'FSvm-password'
>>    DESC 'FreeSWITCH VoiceMail Password'
>> 	EQUALITY integerMatch
>> 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
>> 	SINGLE-VALUE )
>>
>> attributetype ( 1.3.6.1.4.1.65535.2.1.6 NAME 'FSemail-addr'
>>    DESC 'E-mail address to send voicemail'
>>    EQUALITY caseIgnoreIA5Match
>>    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
>>
>> attributetype ( 1.3.6.1.4.1.65535.2.1.7 NAME 'FSvm-email-all-messages'
>>    DESC 'FreeSWITCH Email All Mesages'
>> 	EQUALITY booleanMatch
>> 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
>> 	SINGLE-VALUE )
>>
>> attributetype ( 1.3.6.1.4.1.65535.2.1.8 NAME 'FSvm-delete-file'
>>    DESC 'FreeSWITCH VoiceMail Delete File'
>> 	EQUALITY booleanMatch
>> 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
>> 	SINGLE-VALUE )
>>
>> attributetype ( 1.3.6.1.4.1.65535.2.1.9 NAME 'FSvm-attach-file'
>>    DESC 'FreeSWITCH VoiceMail Attach file'
>> 	EQUALITY booleanMatch
>> 	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
>> 	SINGLE-VALUE )
>>
>>
>>
>>
>>
>> objectclass ( 1.3.6.1.4.1.65535.2.2.1 NAME 'FreeSWITCH-Exten-Object'
>>    SUP top AUXILIARY
>>    DESC '%obj_desc%'
>> 	MUST ( FSid $ FSpassword )
>>    MAY ( FSmailbox $ FSa1hash $ FSvm-password $ FSemail-addr $
>> FSvm-email-all-messages $ FSvm-delete-file $ FSvm-attach-file ) )
>>
>> hth
>>
>> _______________________________________________
>> Freeswitch-users mailing list
>> Freeswitch-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
> 
> 
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org




More information about the Freeswitch-users mailing list