[asterisk-users] ldap usage in 1.6.0

Mon Oct 6 17:12:10 CDT 2008

2008/10/6 Brendan Martens <brendan.martens at crosscomm.net>

> Hello, I'm trying to figure out how to implement 1.6.0 with some ldap
> integration, but it's hard to figure out if I can do what I want.
> Basically I want to do only some lookup of values from ldap, as
> opposed to storing everything related to my sip users in ldap.
>
> For instance, would there be a way to lookup only certain context
> items from an ldap attribute in extensions.conf? Or in sip.conf?
>
> Something like this:
>
> <user.conf>
> [6000]
> hassip = yes
> hasiax = yes
> userfrom = ldapattribute
> insecure = route
> secret = anotherldapattribute
> type = friend
> context = ldapattrib3
>
>
> It's looking to me like the way that ldap with 1.6.0 is meant to be
> used is more as a replacement for certain .conf files, like how odbc
> is used, and not really for referencing occasionally. I'm pretty new
> to asterisk so any guidance on this issue would be welcomed.
>
>
> Maybe if I explain a little overview of my end goal someone can help
> me more efficiently.
> I have an ldap directory on an OSX server, I want to create asterisk
> extensions for all of those users based on the extension, name, and
> password held in the ldap database. But I do not want to store
> whole .configs in ldap.
>
> Any ideas on how to go about this would be great.
>
> Brendan Martens
>
>
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> AstriCon 2008 - September 22 - 25 Phoenix, Arizona
> Register Now: http://www.astricon.net
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users

Hi,

I don't have much experience with LDAP and Asterisk, but here are some
thoughts about it :

1. I would provide Asterisk its own LDAP directory and synchronize it with
entreprise directory as I think it should be simpler to synchronize 2 LDAP
directories than coordinate Asterisk and Active Directory evolutions.

2. IMHO, many people are confusing SIP secrets (from sip.conf) which somehow
authenticate hardware with user passwords which authenticate persons. I
wouldn't try to make those 2 values equal.

3. Asterisk's LDAP directory should be the reference for anything related to
telephony. Changes could be automatically propagated from Asterisk to
corporate directory.

4. Corporate directory should be the reference for user management. Changes
should be manually propagated from corporate directory to Asterisk as I
don't believe it could be easy to allocate nor free telephony resources
whenever a user is created or deleted in corporate directory.

Hope this helps ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20081007/616f44f4/attachment.htm 