Scribd
Upload
20 views21 pages

LDAP Configuration Guide

Uploaded by

tecnologiahipermoreira
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
20 views21 pages

LDAP Configuration Guide

Uploaded by

tecnologiahipermoreira
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

Grandstream Networks, Inc.

LDAP Configuration Guide


Table of Contents

SUPPORTED DEVICES ................................................................................................. 4

INTRODUCTION ............................................................................................................. 5

INSTALLING AND CONFIGURING LDAP SERVER ...................................................... 6


Installing ApacheDS LDAP Server ............................................................................................................ 6
Prerequisites .......................................................................................................................................... 6
Download and Install ApacheDS ........................................................................................................... 6
Configuring ApacheDS .............................................................................................................................. 7
Create New LDAP Connection .............................................................................................................. 7
Add New Entry ..................................................................................................................................... 10

LDAP CLIENT CONFIGURATION ................................................................................ 14

GXP21xx/17xx/16xx Series ..................................................................................................................... 14


GXV32xx Series ...................................................................................................................................... 15
DP750/DP720 Series .............................................................................................................................. 15
GVC3200/GAC2500 Series ..................................................................................................................... 16
LDAP Client Parameters ......................................................................................................................... 17

LDAP OPERATIONS .................................................................................................... 20


LDAP Search ........................................................................................................................................... 20
Match Incoming Call ................................................................................................................................ 20
Making Calls using LDAP Contacts ......................................................................................................... 21

LDAP Configuration Guide Page | 2


Table of Figures
Figure 1: LDAP Tree ..................................................................................................................................... 5
Figure 2: ApacheDS First Start ..................................................................................................................... 6
Figure 3: LDAP Servers Tab ......................................................................................................................... 7
Figure 4: Create LDAP Server ...................................................................................................................... 7
Figure 5: Start The LDAP Server .................................................................................................................. 8
Figure 6: Create New LDAP Connection ...................................................................................................... 8
Figure 7: New LDAP Connection - Network Parameters .............................................................................. 9
Figure 8: New LDAP Connection - Authentication ...................................................................................... 10
Figure 9: Create New Entry......................................................................................................................... 11
Figure 10: New Entry - Object Classes ....................................................................................................... 11
Figure 11: New Entry - Distinguished Name ............................................................................................... 12
Figure 12: New Entry Attributes .................................................................................................................. 12
Figure 13: New Attribute - Attribute Type .................................................................................................... 13
Figure 14: Contact List ................................................................................................................................ 13
Figure 15: LDAP Settings on GXP21xx/17xx/16xx Series .......................................................................... 14
Figure 16: LDAP Settings on GXV32xx Series ........................................................................................... 15
Figure 17: LDAP Settings on DP750........................................................................................................... 16
Figure 18: LDAP Settings on GVC3200/GAC2500 Series ......................................................................... 17
Figure 19: LDAP Search ............................................................................................................................. 20
Figure 20: LDAP Matching Contacts ........................................................................................................... 20
Figure 21: LDAP Calls ................................................................................................................................. 21

LDAP Configuration Guide Page | 3


SUPPORTED DEVICES
Following table shows Grandstream IP-Phones supporting LDAP/LDAPS client feature:

Model LDAP Supported LDAPS Supported Firmware

Small Business IP Phones


GXP16xx Series
GXP1610/1615

GXP1620/1625
Yes No 1.0.4.6 or higher
GXP1628

GXP1630

Mid-Range IP Phones
GXP17XX Series

GXP1760
Yes No 1.0.0.37 or higher
GXP1780/1782

Enterprise IP Phones
GXP21xx Series

GXP2130/2140/2160
Yes Yes 1.0.7.25 or higher
GXP2135/2170

IP Video Phones for Android


GXV32xx Series

GXV3240
Yes Yes 1.0.3.92 or higher
GXV3275

Cordless IP Phones
DP750/DP720 Series

DP750/720 Yes Yes 1.0.2.16 or higher

Full HD Video Conferencing System


GVC3200 Series

GVC3200/3202 Yes Yes 1.0.1.74 or higher

Audio Conferencing System


GAC2500 Series

GAC2500 Yes Yes 1.0.1.44 or higher

LDAP Configuration Guide Page | 4


INTRODUCTION

LDAP (Lightweight Directory Access Protocol) is a client/server protocol used to access and manage
directory information over Internet Protocol, the core LDAP specifications are defined in RFC4511.

Just as a Database Management System is used to process queries and updates to a database, an LDAP
server behave the same way. In other words, an LDAP information directory is a type of database, unlike
databases that are designed for processing hundreds or thousands of changes per minute, LDAP
directories are heavily optimized for read performance.

The LDAP information model is based on entries. An entry is a collection of attributes that has a globally-
unique Distinguished Name (DN). The DN is used to refer to the entry. Each of the entry's attributes has
a type and one or more values. The types are typically mnemonic strings, like "cn" for Common Name, or
"mail" for Email Address. The syntax of values depends on the attribute type.

In LDAP directory, entries are arranged in a hierarchical tree-like structure. Traditionally, this structure
reflects geographic and/or organizational boundaries. Entries representing countries appear at the top of
the tree, followed by entries representing states and national organizations, then entries representing
organizational units, people, printers, documents…

Figure below shows an example of LDAP directory tree.

Figure 1: LDAP Tree

LDAP Configuration Guide Page | 5


INSTALLING AND CONFIGURING LDAP SERVER
In this tutorial, we will use “ApacheDirectoryStudio” which is a free LDAP server.

Installing ApacheDS LDAP Server


Prerequisites

JDK needs to be installed on PC to run ApacheDS, it can be downloaded from the link: Download JDK

Download and Install ApacheDS

The ApacheDS server software can be downloaded for free from below link:
http://directory.apache.org/studio/download/download-windows.html

1. Download the Software from above link.


2. Follow the default steps for installation.
3. Launch the application.

Following first start page will be visible when launching the application.

Figure 2: ApacheDS First Start

LDAP Configuration Guide Page | 6


Configuring ApacheDS
Create New LDAP Connection

1. In Workbench, go to the LDAP Servers tab and click on New Server (If no server is created) then
select a Server from the list and click Finish.

Figure 3: LDAP Servers Tab

Figure 4: Create LDAP Server

LDAP Configuration Guide Page | 7


2. Once the Server is created, click on Start Button to launch it.

Figure 5: Start The LDAP Server

3. In Workbench, go to Connections tab and press create new connection button as shown below:

Figure 6: Create New LDAP Connection

LDAP Configuration Guide Page | 8


4. Once you click on the LDAP new connection button the “Network Parameter” window pops up.

Figure 7: New LDAP Connection - Network Parameters

a) Enter Hostname value with IP address or FQDN of the machine where ApacheDS is installed.
b) The default connection port for LDAP on ApacheDS is 10389.
c) Set Encryption method to “No encryption”.
d) Keep Provider field with default value “Apache Directory LDAP Client API”.

Note: If LDAPS is requested for secure connection, set Port to “10636” (default LDAPS port on
ApacheDS) and Encryption method to “Use SSL encryption(ldaps://)”.
5. After filling the fields, click Next, the following window will be shown.

LDAP Configuration Guide Page | 9


Figure 8: New LDAP Connection - Authentication

a) Choose the Authentication Method desired. In this example, “Simple Authentication”.


b) Enter the Bind DN or user. By default, “uid=admin, ou=system”.
c) Set Bind password. Default password is “secret”

6. Click Finish after completing connection information page.

Add New Entry

At this level our connection with the LDAP server is created successfully, we can add now users to
“dc=example,dc=com” which by default has no entries. Administrator can create another domain instead of
using dc=example,dc=com.

1. Under dc=example,dc=com, right click and select New  New Entry

LDAP Configuration Guide P a g e | 10


Figure 9: Create New Entry

2. Select Create entry from scratch and click Next.


3. Select inetOrgPerson from available object classes, then press Add followed by Next button.

Figure 10: New Entry - Object Classes

LDAP Configuration Guide P a g e | 11


4. In the Distinguished Name window, enter a name for UserID. In this example, Grandstream2 is
used. Keep Parent and RDN (Relative DN) with default values; in this example,
dc=example,dc=com and uid respectively, then click Next button. (Refer to next figure).

Figure 11: New Entry - Distinguished Name

5. In Attributes window, create contacts and enter their details: First Name (cn) and Last Name (sn).

Figure 12: New Entry Attributes

LDAP Configuration Guide P a g e | 12


The table below shows common attributes:

Attribute Description
cn Full name of the entry
sn First Name
gn Last Name or family name
telephoneNumber Office phone number
homePhone Home phone number
mobile Mobile phone number
Company Company name
o Organization name
ou Organization Unit. Usual department or any sub entity of larger entity

6. To add new fields for contacts such as Mobile, Email… Press Add New Field button as shown in
previous figure and specify the new Attribute type. Press Next to add another attribute or Finish
if no more attribute will be added.

Figure 13: New Attribute - Attribute Type

A summary of contact details will be displayed showing all contact details as illustrated in below figure.

Figure 14: Contact List

LDAP Configuration Guide P a g e | 13


LDAP CLIENT CONFIGURATION
This section shows client configuration associated with previously configured LDAP server.

GXP21xx/17xx/16xx Series
LDAP client configuration can be found on the web GUI under Phonebook  LDAP. Configure LDAP client
settings as show in below figure:

Figure 15: LDAP Settings on GXP21xx/17xx/16xx Series

LDAP Configuration Guide P a g e | 14


GXV32xx Series
LDAP client configuration can be found on the web GUI under Maintenance  LDAP phonebook.
Configure LDAP client settings as show in below figure

Figure 16: LDAP Settings on GXV32xx Series

DP750/DP720 Series
LDAP client configuration can be found on the web GUI under Phonebook > Global Phonebook LDAP
Settings.
Configure LDAP client settings as show in below figure:

LDAP Configuration Guide P a g e | 15


Figure 17: LDAP Settings on DP750

GVC3200/GAC2500 Series
LDAP client configuration can be found on the web GUI under Contacts > LDAP.
Configure LDAP client settings as show in below figure:

LDAP Configuration Guide P a g e | 16


Figure 18: LDAP Settings on GVC3200/GAC2500 Series

LDAP Client Parameters


Following table shows LDAP Client parameters on Grandstream products:

LDAP Configuration Guide P a g e | 17


Fields Description

Connection Mode Option to choose secured or non-secured LDAP connection.


(GXV32xx/GVC320x/GAC2500) LDAPS (LDAP Secured) uses SSL/TLS to encrypt LDAP traffic.
LDAP Protocol In this guide:
(GXP21xx/DP750) • LDAP
IP address or FQDN of the LDAP server.
In this guide:
Server Address
• 192.168.5.131

Listening port for LDAP connections on the server side.


Port In this guide:
• 10389
Location in the directory where the search is requested to begin.
It narrows the search scope and decreases directory lookup time.
Base DN
In this guide:
• dc=example, dc=com
“Username” to bind for querying LDAP servers.
Most LDAP servers allow anonymous binds, in this case, this field can be left
User Name blank.
In this guide:
• Blank (no value to enter)
“Password” to bind for querying LDAP servers.
Most LDAP servers allow anonymous binds, in this case, this field can be left
Password blank.
In this guide:
• Blank (no value to enter)
Name attributes of each record to be returned in the LDAP search result. This field
allows users to configure multiple space separated name attributes.
LDAP Name Attributes
In this guide:
• cn sn
Number attributes of each record to be returned in the LDAP search result. This
LDAP Number field allows the users to configure multiple space separated number attributes.
Attributes In this guide:
• mobile
LDAP Mail Attributes Mail attributes of each record to be returned in the LDAP search result.
(GXV32xx/GVC320x/GAC2500 In this guide:
only) • mail
Search filter for name lookup. Its format is compliant with RFC4514.
LDAP Name Filter In this guide:
• (|(cn=%)(sn=%))
Search filter for number lookup. Its format is compliant with RFC4514.
LDAP Number Filter In this guide:
• (mobile=%)

LDAP Configuration Guide P a g e | 18


LDAP Mail Filter Search filter for mail lookup. Its format is compliant with RFC4514.
(GXV32xx/GVC320x/GAC2500 In this guide:
only) • (mail=%)

Entry information to be shown on phone's LCD. Up to 3 fields can be displayed.


LDAP Display Name In this guide:
• sn cn mobile

Maximum number of results to be returned by the LDAP server.


Max. Hits
If set to 0, server will return all search results. The default setting is 50.

Interval (in seconds) for the server to process the request and return search
Search Timeout
results to the client. The default setting is 30 seconds.

Sort Results
(GXP21xx/17xx/16xx/DP750 Sort returned results. The default setting is No.
only)

Contact LDAP server to look up number when dialing.


LDAP Lookup For Dial
The default setting is No.

LDAP Lookup For Contact LDAP server to look up incoming caller number.
Incoming Call The default setting is No.

Lookup Display Entry information when LDAP looks up the name for incoming call or outgoing call.
Name This field must be a subset of the LDAP Name Attributes.
(GXP21xx/17xx/16xx/DP750 In this guide:
only) • cn sn
LDAP Dialing Default
Default account to use when dialing contact from LDAP directory. Users may
Account
choose from Account 1 to 6. The default setting is Default.
(GXV32xx/GAC2500 only)

LDAP Configuration Guide P a g e | 19


LDAP OPERATIONS
After configuring the LDAP server and the device(s), users can search LDAP contacts, dial using LDAP
contacts and display matching name of caller/callee while receiving/making calls.

Following LDAP operations screenshots are using GXV32xx series, same operations are available in all
models.

LDAP Search
Access LDAP contacts from Phone LCD Menu  Contacts  LDAP Contacts, and type the name or
number you want to search. The result will be as follow:

Figure 19: LDAP Search

Match Incoming Call


When receiving a call from a number that exist on our LDAP server the phone will automatically display the
number and name of the callee on the LCD screen like bellow.

Note: The option “LDAP Lookup For Incoming Call” needs to be enabled from the webGUI under
“Maintenance  LDAP Phonebook” so that the phone can match the incoming calls.

Figure 20: LDAP Matching Contacts

LDAP Configuration Guide P a g e | 20


Making Calls using LDAP Contacts
Users can make search on the LDAP contacts and then dial the desired number by clicking on the Dial
button next to the contact name.

Figure 21: LDAP Calls

LDAP Configuration Guide P a g e | 21

You might also like