[Freeswitch-users] LDAP Integration
John Skopis (Lists)
jlists at skopis.com
Mon Jan 5 19:55:57 PST 2009
Vinicius Kobashi wrote:
> hi ppl.
>
> i tried hard to make it work, but still i couldnt find a complete
> openldap scheme that provides these information, and i still could't
> find out where to put these configuration...
>
> can anyone help me?
>
> thankz!
>
> vinicius escreveu:
>> thankz!
>>
>> ill set my openldap to provide these information..
>>
>> but these about these binding settings... where should i set them?
>>
>> best regards
>>
>> John Skopis (Lists) wrote:
>>> vinicius wrote:
>>>
>>>> hi ppl.. i tried to find something at google, but i couldnt manage to find
>>>> anything.
>>>> i still dont know what to do to make the mod_xml_ldap work.
>>>> i couldnt find information about how to build a config file for the
>>>> module, and where to store it...
>>>>
>>>> can anyone give me a help?
>>>>
>>>>
>>>
>>> Be advised mod_xml_ldap is probably not production quality and will
>>> undoubtedly change, eventually at least.
>>>
>>> Here is what I used once:
>>>
>>> <bindings>
>>>
>>>
>>> <binding name="directory">
>>> <!--%s is populated with the extension -->
>>> <param name="filter" value="(FSid=%s)" bindings="directory"/>
>>> <!--basedn for the searches %s is replaced with domain-->
>>> <param name="basedn" value="ou=people,dc=example" />
>>> <param name="url" value="ldap://172.16.75.129" />
>>> <param name="binddn" value="cn=admin,dc=example" />
>>> <param name="bindpass" value="secret" />
>>>
>>> <trans>
>>> <!-- we need to translate these attrs into FS attrs -->
>>> <tran name="id" mapfrom="FSid" />
>>> <tran name="mailbox" mapfrom="FSmailbox" />
>>> <tran name="password" mapfrom="FSPassword" />
>>> <tran name="vm-password" mapfrom="FSvm-password" />
>>> <tran name="email-addr" mapfrom="FSemail-addr" />
>>> <tran name="vm-email-all-messages" mapfrom="FSvm-email-all-messages" />
>>> <tran name="vm-delete-file" mapfrom="FSvm-delete-file" />
>>> <tran name="vm-attach-file" mapfrom="FSvm-attach-file" />
>>> </trans>
>>> </binding>
>>>
>>> <binding name="configuration">
>>> <param name="filter" value="(%s=%s)" bindings="configuration"/>
>>> <param name="basedn" value="name=%s,dc=example" />
>>> <param name="url" value="ldap://172.16.75.129" />
>>> <param name="binddn" value="cn=admin,dc=example" />
>>> <param name="bindpass" value="secret" />
>>> </binding>
>>> </bindings>
>>>
>>>
>>> which should/probably/might work with ldap objects like these:
>>>
>>> dn: cn=John Skopis,ou=people,dc=example
>>> objectClass: person
>>> objectClass: inetOrgPerson
>>> objectClass: organizationalPerson
>>> objectClass: FreeSWITCH-Exten-Object
>>> objectClass: top
>>> cn: John Skopis
>>> sn: Skopis
>>> givenName: John
>>> FSid: 1001
>>> FSmailbox: 1001
>>> FSpassword: 1234
>>> FSvm-password: 1001
>>> FSemail-addr: john+fs at skopis.com
>>> FSvm-email-all-messages: TRUE
>>> FSvm-delete-file: TRUE
>>> FSvm-attach-file: TRUE
>>>
>>> dn: SIPIdentityUserName=1001,ou=h350,dc=example
>>> objectClass: person
>>> objectClass: SIPIdentity
>>> objectClass: top
>>> cn: 1001
>>> sn: 1001
>>> SIPIdentitySIPURI: sip:1001 at 172.16.75.129
>>> SIPIdentityRegistrarAddress: 172.16.75.128
>>> SIPIdentityProxyAddress: 172.16.75.128
>>> SIPIdentityPassword: 1234
>>> SIPIdentityUserName: 1001
>>> SIPIdentityServiceLevel: premium
>>>
>>>
Again, the module is not production quality. Hopefully I will conjurer
the time and know-how to put something decent together eventually.
To load configuration for any fs module you need to define the XML
configuration element under the section "configuration".
A good starting point is the file
$PREFIX/conf/freeswitch.xml
http://wiki.freeswitch.org/wiki/Freeswitch.xml
Also take a look at $PREFIX/logs/freeswitch.xml.fsxml
to load mod_xml_ldap you would need to add something like this to
modules.conf.xml
<load module="mod_xml_ldap" />
and create an xml_ldap.conf.xml in
$PREFIX/autoload_configs/xml_ldap.conf.xml
<configuration name="xml_ldap.conf">
...
</configuration>
The ITU is doing some work called h.350:
http://www.itu.int/ITU-T/studygroups/com16/h350/index.html
Here is what I was working with:
attributetype ( 1.3.6.1.4.1.65535.2.1.1 NAME 'FSid'
DESC 'FreeSWITCH Extension ID'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.65535.2.1.2 NAME 'FSmailbox'
DESC 'FreeSWITCH Extension Mailbox'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.65535.2.1.3 NAME 'FSpassword'
DESC 'FreeSWITCH Password'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.65535.2.1.4 NAME 'FSa1hash'
DESC 'FreeSWITCH Crypted Password'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.65535.2.1.5 NAME 'FSvm-password'
DESC 'FreeSWITCH VoiceMail Password'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.65535.2.1.6 NAME 'FSemail-addr'
DESC 'E-mail address to send voicemail'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.65535.2.1.7 NAME 'FSvm-email-all-messages'
DESC 'FreeSWITCH Email All Mesages'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.65535.2.1.8 NAME 'FSvm-delete-file'
DESC 'FreeSWITCH VoiceMail Delete File'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.65535.2.1.9 NAME 'FSvm-attach-file'
DESC 'FreeSWITCH VoiceMail Attach file'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
objectclass ( 1.3.6.1.4.1.65535.2.2.1 NAME 'FreeSWITCH-Exten-Object'
SUP top AUXILIARY
DESC '%obj_desc%'
MUST ( FSid $ FSpassword )
MAY ( FSmailbox $ FSa1hash $ FSvm-password $ FSemail-addr $
FSvm-email-all-messages $ FSvm-delete-file $ FSvm-attach-file ) )
hth
More information about the FreeSWITCH-users
mailing list