meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
7.ip_phone:features_and_configurations:how_to_stup_ldap_phonebook [2019/01/23 16:31]
inn
— (current)
Line 1: Line 1:
-====== How to setup LDAP ====== 
-===== 1.Introduction ===== 
-<fs medium><​ff sans-serif>​LDAP can be treated as a special phonebook. The main feature of LDAP is quick contacts lookup.Compared with remote phonebook that downloads the entire phonebook from server, LDAP performs contacts lookup in server. Unlike typical approach that send back all results after the entire search is completed. In LDAP, once the server finds the target contact, it will post back the results to IP phone immediately,​ which makes look-up operation more efficient. ​ 
-For instant, the contacts of LDAP server is like a tree structure. Root is related to a company, and some departments gather under the root. Below the departments ,you can search some employees. As shown below.</​ff></​fs> ​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap1.png?​nolink |}} 
  
-<ff sans-serif>​T<​fs medium>​he below picture shows the relationship among the client, server and IP phone in term of LDAP:</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap2.png?​nolink |}} 
-<fs medium><​ff sans-serif>​**Server:​** Store data, Perform look-up, Post back the results to phones.\\ 
-**\\ 
-Client:** Submit data operation(Add,​ Edit, delete) to the server.\\ 
-\\ 
-**IP Phone:** Send the Search request to the server; Receive the results from server.</​ff></​fs>​ \\ 
-\\ 
-<fs medium><​ff sans-serif>​Generally,​ LDAP server and the client are installed by the administrator of a company. Not every user needs to install the server and client.</​ff></​fs>​ \\ 
-\\ 
- 
-===== 2.Configuration on web ===== 
-<fs medium><​ff sans-serif>​Open the web browser, enter the phone IP into the address bar. Input user name and password(default :admin ,admin),go to Phonebook->​LDAP,​ configure LDAP feature as follow:</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap3.png?​nolink&​600 |}} 
- 
-<ff sans-serif><​fs medium>​**LDAP name filter:**Namely the search condition for name, the server performs the name look-up based on the condition. \\ 
-\\ 
-For example,​(|(cn=#​)(sn=#​)),​ cn is related to first name, sn is related to surname.“#​” can be replaced with the name you want to search on server.\\ 
-\\ 
-**LDAP number filter:**Namely the search condition for number, the server performs the number look-up based on the condition.\\ ​ 
-For example, (|(telephoneNumber=#​)(mobile=#​)(ipPhone=#​)),​ telephoneNumber,​ mobile and ipPhone are related to the contact number in phonebook. “#” can be replaced with the number you want to search on server. \\ 
-\\ 
-**Server Address:** LDAP server address. It can be IP address or domain name.\\ 
-\\ 
-**Port:** LDAP server port,default port number is 389.\\ 
-\\ 
-**Base DN:** Configure root node on the server. Can be treat as a group or department. \\ 
-\\ 
-**Username:​** Username to login the server.\\ 
-\\ 
-**Password:**Password for login.\\ 
-\\ 
-**Max. Hits:**Specify the maximum number of results posted back to IP phone. If the number of results exceeds the maximum number, the rest of results will no be posted back.(Default value is 50) \\ 
-\\ 
-**Name Attribute:**Specify the name attribute returned back from server for name searching, there are many name attributes available such as sn, cn.Sometimes no all the attributes are required, you can specify sn, cn in this field so that only sn and cn attributes are returned to IP phone as results . \\ 
-\\ 
-**Number Attribute:**Specify the number attributes posted back from server for number searching, there are many number attributes available such as telephoneNumber,​ mobile and ipPhone. Sometimes no all the attributes are required, you can specify mobile in this field so that only mobile attributes are returned to IP phone as results. \\ 
-\\ 
-**LDAP display name:**Specify the LDAP display name on the device’s LCD.\\ 
-\\ 
-**Protocol:**Protocol version on server. \\ 
-\\ 
-**SearchDelay Time:**Specify the delay period to receive the results.</​fs></​ff>​\\ 
- 
- 
-===== 3.Operation on IP Phone ===== 
-<fs medium><​ff sans-serif>​1.Pick up the handset or use Handfree key,enter Select->​LDAP. After connect to server successfully,​ users can choose the contact showed up in the screen. As shown below:</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap4.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​2.Enter some characters into the search box, press Search or stop inputting, it will post back the result after SearchDelay Time. 1aB softkey is for switching input method. Delete softkey is for deleting. As shown below.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap5.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​3.Inputting more characters into the search box for further searching.\\ 
-\\ 
-4.Use UP or Down key to choose the contact you want , then press Dial softkey or OK button to make a call. As shown below.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap6.png?​nolink |}} 
- 
-===== 4.LDAP Server introduce ===== 
-<fs medium><​ff sans-serif>​Since LDAP is an open standard protocol, all the information needed to create an LDAPv3-compliant server is freely avaiable. As such, many organizations offer commercial LDAP server software or open source. This page provides a list of some of the most significant commerical and open source LDAP server implementations. It is not intended to be a comprehensive list, so you should investigate the available options before seclecting a product for your deployment.\\ 
-Some of the most notable commerical LDAP server implementations include:\\ 
-UnboundID Directory Server/​Oracle Internet Directory/​Oracle Unified Directory/​Microsoft Active Directory/​IBM Security Directory Server(formerly known as IBM Tivoli Directory Server and IBM SecureWay Directory Server)/​NetIQ eDirectory(formerly known as Novell eDirectory)/​CA Directory(formerly known as CA eTrust Directory).\\ 
-Some of the most notable open source LDAP server implementations include:\\ 
-OpenLDAP/​ForgeRock OpenDJ/​Apache DS/389 Directory Server(formerly Fedora Directory Server).</​ff></​fs>​ 
-<​note>​Akuvox ip phone has been tested on Microsoft Active Directory server and OpenLDAP server.</​note>​ 
- 
- 
-===== 5.LDAP client introduce ===== 
-<fs medium><​ff sans-serif>​In order for LDAP servers to be of any use, there must be clients to access them. There is a wide range of commercial and open source software that can interact with LDAP servers.</​ff></​fs>​ 
- 
- 
-===== 6.OpenLDAP server installation ===== 
-<fs medium><​ff sans-serif>​The following shows user how to install an OpenLDAP server on Microsoft Windows System. The openldap server software package download address is: http://​www.userbooster.de/​download/​openldap-for-windows.aspx</​ff></​fs>​ 
-<​note>​If you need install an OpenLDAP server on Linux system, you can go to the openldap official website to download the openldap server software package, the download address is: http://​www.openldap.org/​software/​download/​. </​note>​ 
-  
- 
-<ff sans-serif><​fs medium>​**Environment:​**\\ 
-Windows 7-64bits\\ 
-Openldap version: 2.4.42.0</​fs></​ff>​ \\ 
-\\ 
-<fs medium><​ff sans-serif>​**Installation process overview:​**\\ 
-*Install the OpenLDAPforWindows_x64.exe \\ 
-*Deploying slapd.conf file\\ 
-*Activating the slapd service\\ 
-*Initial Entry to the LDAP Directory via LDIF file\\ 
-*LDAP client- LDAPExplore Tool\\ 
-*Adding entries for the LDAP server via ldap client</​ff></​fs>​ 
- 
-==== 6.1 Install the OpenLDAPforWindows_x64.exe ==== 
-<fs medium><​ff sans-serif>​1.Double click the OpenLDAP server application-OpenLDAPforWindows_x64.exe,​ chose Yes option.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap7.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​2.Click Next option to enter next item.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap8.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​3.The next screen is the End User License Agreement for OpenLDAP for Windows, which allows you to use the software for free under Common Public License (CPL). You must accept the terms of the agreement to enter the next screen.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap9.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​4.The Destination Folder screen enables you to select the location the software will be installed. You need to remember the installation path (e.g., C:​\OpenLDAP).</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap10.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​5.The Customize Setup allows you to choose features to be installed. Click Next to enter the next page.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap11.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​The below table contains the features and prerequisites and their descriptions.</​ff></​fs>​ 
-^ Feature/​Prerequisite ^ Optional ^ Description ^ 
-| VC Redistribution Package | No | Microsoft Visual C++ 2005 Redistributable Installer Package | 
-| OpenLDAP Client Tools | No | Command line utilites (ldapsearch,​ ldapcompare,​ ldapexop, etc.) for working with LDAP entries. | 
-| OpenLDAP Server | Yes | OpenLDAP server components with different backend modules like LDIF, BDB, SQL, DATABASE, etc. | 
-| BDB Backend Tools | No | Berkeley Database tools | 
-| OpenLDAP Service | Yes | Configures and starts the OpenLDAP daemon | 
-| DejaVu Sans Mono Font for Windows Console | Yes | Installs a DejaVu Mono font and add it to the lists of fonts available to the console. The font provides a wide range of Unicode characters. | 
- 
-<fs medium><​ff sans-serif>​6.For this page, you can chose BDB database. Then chose Next untill finish installation.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap12.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​The below table contains the available modules and the descriptions.</​ff></​fs>​ 
- ​^ Module ^ Description ^ 
-| BDB | Berkeley Database Backend | 
-| LDAP | Proxy-Server in front of the LDAP Server | 
-| LDIF | This module saves the results in LDIF files | 
-| SQL Server | Microsoft SQL Server 2005/2008 | 
- 
- 
-==== 6.2 Deploying the slapd.conf file ==== 
-<fs medium><​ff sans-serif>​1.After the OpenLDAPforWindows_x64.exe installation is complete, you should access the slapd.conf at the OpenLDAP installation path. Open the slapd.conf file with the text editor.</​ff></​fs>​\\ 
-\\ 
-<fs medium><​ff sans-serif>​The** source slapd.conf** file shown as below:</​ff></​fs>​ 
-<​file>​ 
-# BDB Backend configuration file 
-# See slapd.conf(5) for details on configuration options. 
-# This file should NOT be world readable. 
-ucdata-path ./​ucdata 
-include ./​schema/​core.schema 
-include ./​schema/​cosine.schema 
-include ./​schema/​nis.schema 
-include ./​schema/​inetorgperson.schema 
-include ./​schema/​openldap.schema 
-include ./​schema/​dyngroup.schema 
- 
- 
-pidfile ./​run/​slapd.pid 
-argsfile ./​run/​slapd.args 
- 
- 
-# Enable TLS if port is defined for ldaps 
- 
- 
-TLSVerifyClient never 
-TLSCipherSuite HIGH:​MEDIUM:​-SSLv2 
-TLSCertificateFile ./​secure/​certs/​server.pem 
-TLSCertificateKeyFile ./​secure/​certs/​server.pem 
-TLSCACertificateFile ./​secure/​certs/​server.pem 
- 
- 
- 
- 
-#######################################################################​ 
-# bdb database definitions 
-#######################################################################​ 
- 
- 
-database bdb 
-suffix "​dc=maxcrc,​dc=com"​ 
-rootdn "​cn=Manager,​dc=maxcrc,​dc=com"​ 
-# Cleartext passwords, especially for the rootdn, should 
-# be avoid. ​ See slappasswd(8) and slapd.conf(5) for details. 
-# Use of strong authentication encouraged. 
-rootpw ​   {SSHA}E4HjInbpTURyLAVT8G/​HTg1JrMFfQcUD 
- 
-# The database directory MUST exist prior to running slapd AND 
-# should only be accessible by the slapd and slap tools. 
-# Mode 700 recommended. 
-directory ./data 
-dirtyread 
-searchstack 20 
-# Indices to maintain 
-index mail pres,eq 
-index objectclass pres 
-index default eq,sub 
-index sn eq,​sub,​subinitial 
-index telephonenumber 
-index cn 
-</​file>​ 
- 
-<fs medium><​ff sans-serif>​2.Then find the manager information for LDAP phonebook. Replace the new information for them.</​ff></​fs>​ 
-<fs medium><​ff sans-serif>​suffix "​dc=maxcrc,​dc=com"​\\ 
-rootdn "​cn=Manager,​dc=maxcrc,​dc=com"​\\ 
-rootpw ​   {SSHA}E4HjInbpTURyLAVT8G/​HTg1JrMFfQcUD\\ 
-suffix defines the components of the domain name. It must be unique identification on the local network. \\ 
-rootdn defines the manager as a managerment user for accessing the LDAP server.\\ 
-rootpw defines the password for the managerment user.\\ 
-\\ 
-Eg: \\ </​ff></​fs>​ 
-<​file>​ 
- ​suffix "​dc=ak,​dc=cn"​ 
- ​rootdn "​cn=Manager,​dc=AK,​dc=cn"​ 
- ​rootpw admin 
-The suffix line stands for that the domain name of the LDAP phonebook is AK.cn. 
-The rootdn line means that the managerment user is AK.cn. 
-The rootpw line defines the password “admin” for the managermsant user. 
-</​file>​ 
- 
-<fs medium><​ff sans-serif>​Eg:​\\ 
-The new slapd.conf file shown as below: </​ff></​fs> ​ 
-<​file>​ 
-# BDB Backend configuration file 
-# See slapd.conf(5) for details on configuration options. 
-# This file should NOT be world readable. 
-ucdata-path ./​ucdata 
-include ./​schema/​core.schema 
-include ./​schema/​cosine.schema 
-include ./​schema/​nis.schema 
-include ./​schema/​inetorgperson.schema 
-include ./​schema/​openldap.schema 
-include ./​schema/​dyngroup.schema 
- 
- 
-pidfile ./​run/​slapd.pid 
-argsfile ./​run/​slapd.args 
- 
- 
-# Enable TLS if port is defined for ldaps 
- 
- 
-TLSVerifyClient never 
-TLSCipherSuite HIGH:​MEDIUM:​-SSLv2 
-TLSCertificateFile ./​secure/​certs/​server.pem 
-TLSCertificateKeyFile ./​secure/​certs/​server.pem 
-TLSCACertificateFile ./​secure/​certs/​server.pem 
- 
- 
-#######################################################################​ 
-# bdb database definitions 
-#######################################################################​ 
- 
- 
-database bdb 
-suffix "​dc=ak,​dc=cn"​ 
-rootdn "​cn=Manager,​dc=AK,​dc=cn"​ 
-# Cleartext passwords, especially for the rootdn, should 
-# be avoid. ​ See slappasswd(8) and slapd.conf(5) for details. 
-# Use of strong authentication encouraged. 
-rootpw ​   admin 
- 
-# The database directory MUST exist prior to running slapd AND 
-# should only be accessible by the slapd and slap tools. 
-# Mode 700 recommended. 
-directory ./data 
-dirtyread 
-searchstack 20 
-# Indices to maintain 
-index mail pres,eq 
-index objectclass pres 
-index default eq,sub 
-index sn eq,​sub,​subinitial 
-index telephonenumber 
-index cn 
-</​file>​ 
- 
- 
-==== 6.3 Activating the slapd service ==== 
- 
-<fs medium><​ff sans-serif>​1.Before you start the slapd service, you should enter openldap installation path, find the folder->​schame. Make sure all files in schame folder save as UFC-8 encoding format. Operation: open the specify schame file(eg.,​core.schame),​ then save as UFC-8 encoding format.\\ 
-\\ 
-2.Click **Start -> Run**, enter the **cmd** dialog box. Enter the command:** cd c:​\OpenLDAP** to locate the server installation path.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap13.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​3.Enter the command **slapd -d 1 -f ./​slapd.conf** to initiate the slapd service.\\ 
-\\ 
-If the slapd service runs successfully,​ you can find the information “slapd starting”. Please do not close this window to make sure the LDAP server keeps running</​ff>​.</​fs>​ 
- 
-{{ :​7.ip_phone:​features_and_configurations:​ldap14.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​4.Then press “**Ctrl + c**” button on the keypard to stop the** slapd service**. In order for the next step to import the initial entry.</​fs></​ff>​ 
-<​note>​ you can also enter the command net stop OpenLDAP-slapd to stop the slapd service. Or open task manager to end the slapd.exe process.</​note>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap15.png?​nolink |}} 
- 
- 
-==== 6.4 Adding initial Entry to the LDAP Directory via LDIF file ==== 
-<ff sans-serif><​fs medium>​You need to add a initial entry to the LDAP directory by LDIF file. Create a new text document, then change the filename extension as “ldif” and put the file to the OpenLDAP installation path. For example, create a new text file named as “test.ldif”,​ then open the test.ldif with text editor and add the content. Like the below shows the content of test.ldif file: 
-</​ff></​fs>​ 
-<​file>​ 
-dn: dc=ak,dc=cn 
-objectclass:​ dcobject 
-objectclass:​ organization 
-o: xmak 
-dc: ak 
-</​file>​ 
- 
- 
-<fs medium><​ff sans-serif>​*** To add the initial entry via test.ldif file**</​ff></​fs>​\\ 
-<ff sans-serif><​fs medium>​a.Click **Start->​Run**. enter the cmd dialog box. Enter the command: **cd c:​\OpenLDAP** to locate the server installation path.\\ 
-\\ 
-b.Enter the command **slapadd -v -l ./​test.ldif** to add the initial entry. Before excute this command, make sure **slapd service** be stopped. The correct shown as below:</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap16.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​c.After finishing the initial entry, you need to start slapd service for next step-connection test. Enter command **net start OpenLDAP-slapd**.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap17.png?​nolink |}} 
- 
- 
-==== 6.5 LDAP client- LDAPExplore Tool ==== 
-<fs medium><​ff sans-serif>​LDAP Explorer is a multi platform, graphical LDAP tool that enables user to browse, modify and manage LDAP server. The LDAP explorer can be download from https://​sourceforge.net/​projects/​ldaptool/​.\\ 
-\\ 
-**To establish connection with LDAP server** </​ff></​fs>​ 
-\\ 
-<fs medium><​ff sans-serif>​1.Double click the ldapexplorergtool.exe to start the software.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap18.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​2.Click next to enter the next item. Until the page shown as below.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap19.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​3.Click **File->​Configurations**. Click New to start a new configuration. It will enter the Configuration option page. Then enter a name in Configuration name area.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap20.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​4.Then chose the **Server** option. Enter the domain name or IP address of the LDAP server in the **Server name or IP** area. The other points shows as below.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap21.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​5.Chose Connection option. Then input the user DN and password. The user DN and password is separately corresponding with rootdn and rootpw in the slapd.conf file. For example, this article defined in the slapd.conf for roodn and rootpw:</​ff></​fs>​ 
-<​file>​ 
-rootdn "​cn=Manager,​dc=ak,​dc=cn"​ 
-rootpw admin 
-</​file>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap22.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​6.Click **Guess value** to automatically display the **Base DN**.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap23.png?​nolink |}} 
- 
- 
-<fs medium><​ff sans-serif>​7.Click **Test connection** label to test the connection for the LDAP server. The test result as below. Then click** OK** label to exit the creating page.</​ff></​fs>​ 
- 
-{{ :​7.ip_phone:​features_and_configurations:​ldap24.png?​nolink |}} 
- 
- 
-==== 6.6 Adding entries for the LDAP server via ldap client ==== 
-<fs medium><​ff sans-serif>​User can add more entries via ldap client for ldap server.\\ 
-\\ 
-1.Open** ldapexplorertool 2**, click **File->​Configurations**. Click **Open label**. Then the page shows as below.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap25.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​2.Right click the left side root entry, then chose **Add** option. The **Parent DN** will be automatically full according the LDAP server settings. You need to enter a unique identifier on the **Entry RDN**, the format is cn=XXX. For example: **cn=dora**.</​ff></​fs> ​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap26.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​Command attributes description:</​ff></​fs>​ 
-^ Attribute ^ Name ^ Description ^ 
-| cn | Common name | Full name of the entry | 
-| gn | Given name | First name called Christian name | 
-| sn | surname | Surname,​ last name or family name | 
-| telephoneNumber | TelephoneNumber | Office phone number | 
-| homePhone | homeTelephoneNumber | Home phone number | 
-| mobile | MobileTelephoneNumber | Mobile phone number | 
-| pager | pagerTelephoneNumber | Pager telephone number | 
- 
-<fs medium><​ff sans-serif>​3.Then choose the structure class for the each entry. For example, chose person from the pull-down list. Each structure class has its own **must attributes** and **may attributes**. First, double click the **attributes** on the **must attributes** list to add them to the entry node. Shown as the below.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap27.png?​nolink |}} 
- 
-<​note>​Must attributes list must be added and must be set value.</​note>​ 
- 
-<fs medium><​ff sans-serif>​4.Double click the **attributes** on the **may attributes** list to add them to the entry node. The may attributes list are optional.\\ 
-\\ 
-5.Left click to select sn then right click to chose **Add value**. Enter the value then click OK to save.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap28.png?​nolink |}} 
-<​note>​ the cn value must be the same as Entry RDN field.</​note>​ 
- 
-<fs medium>​6<​ff sans-serif>​.After finish the setting, click Save to save the configuration.\\ 
-\\ 
-7.If you want to add more contact entries, follow steps 2 to steps 5.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap29.png?​nolink |}} 
-{{ :​7.ip_phone:​features_and_configurations:​ldap30.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​8.Enter the phone website, go to the path: Phonebook->​LDAP. Configure LDAP feature as follow:</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap31.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​The related settings is:</​ff></​fs>​ 
-<​file>​ 
-Name Filter: (|(cn=#​)(sn=#​))\\ 
-Number Filter: (|(telephoneNumber=#​)(mobile=#​)(homePhone=#​))\\ 
-Server: 192.168.10.139\\ 
-Port: 389\\ 
-Base DN: dc=ak,​dc=cn\\ 
-User name: cn=manager,​dc=ak,​dc=cn\\ 
-Password: admin\\ 
-Name Attribute: cn sn\\ 
-Number Attribute: telephoneNumber mobile homePhone\\ 
-Display Name: cn sn\\ 
-</​file>​ 
- 
-<ff sans-serif>​ 
-<fs medium>​9.Pick up the handset or use Handfree key, chose Select soft key, then press down button to chose LDAP. As shown below:</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap32.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​10.Enter some characters into the search box, it will show the result.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap33.png?​nolink |}} 
- 
- 
-===== 7.Microsoft Active Directory LDAP server ===== 
-<fs medium><​ff sans-serif>​Environment:​ \\ 
-Microsoft Windows Server 2008 R2 Enterprise 64-bit system.\\ 
-\\ 
-Installation process overview:\\ 
-*Setup the Microsoft Active Directory Domain services\\ 
-*Setup Active Directory Lightweight Directory Services Role\\ 
-*Add an entry to Active Directory\\ 
-*Add multiple entries to Active Directory via ldifde Tool (optional)\\ 
-*Add multiple entries to Active Directory via CSVde Tool (optional)\\ 
-*Setup User Account</​ff></​fs>​ 
- 
-<fs medium><​ff sans-serif>​7.1 Setup the Microsoft Active Directory Domain services</​ff></​fs>​ 
-<ff sans-serif><​fs medium>​1.Click Start->​Run,​ then enter dcpromo.exe on the box and click Ok. The Active Directory Domain Services Installation Wizard will appear later. Shown as below.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap34.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​2.Click Next to read the associated information,​ then click Next.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap35.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​3.Chose Create a new domain in a new forest, then click Next.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap36.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​4.Type the fully applicable domain name for the forest root domain (eg. : ladp.akuvox001.com),​ then click Next.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap37.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​5.The wizard will check if the domain name is used on the local network</​ff>​.</​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap38.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​6.Select the forest functional level. Windows Server 2003 by default.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap39.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​7.The wizard will check if the DNS was already setup on the local network. Before the step make sure the DNS server was installed.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap40.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​8.Chose NDS server for domain controller and click Next. It will pop-up a warning that the server has dynamic IP address, it is better to use static IP for the server.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap41.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​9.The wizard will pop-up the prompt. Click Yes to enter next item.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap42.png?​nolink |}} 
- 
-<fs medium> 
-<ff sans-serif>​10.Specify the location for the database, log files and SYSVOL. Click Next to enter next item.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap43.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​11.Setup the password for the directory services restore mode. For more information,​ click Directory Services Restore Mode password. The length of the password should be at least 7 characters.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap44.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​12.Check the setting, then click Next.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap45.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​13.Then the wizard will prompt the system is configuring Active Directory Services.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap46.png?​nolink |}} 
- 
-<ff sans-serif>​1<​fs medium>​4.When completed the installation,​ click Finish to exit the wizard.</​fs></​ff>​\\ 
-\\ 
- 
-==== 7.2 Setup Active Directory Lightweight Directory Services Role ==== 
- 
-<fs medium><​ff sans-serif>​1.click Start, chose Administrative Tools, then chose Server Manger.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap47.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​2.Right click Roles, select Add Roles. It will pop-up Add Roles Wizard, then click Next.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap48.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​3.Chose the Active Directory Lightweight Directory Services, then click Next.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap49.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​4.Then click Next to complete the installation. After finished the installation,​ the Active Directory Lightweight Directory Services was listed in Roles of the server manager.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap50.png?​nolink |}} 
- 
-==== 7.3 Add an entry to Active Directory ==== 
-<fs medium><​ff sans-serif>​This way show you add the entry to active directory one by one.\\ 
-\\ 
-1.Double click **Active Directory Domain Services**, then double click** Active Directory Users and Computers**. Right click the **domain name** (eg., **ldap.akuvox001.com**) and chose** New**, then selet** Organization Unit**.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap51.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​2.Type the name of Organization unit. For example: akuvox001. Then click OK the accept modify.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap52.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​3.The new organization unit entry (eg.,​**akuvox001**) adds to Active directory (eg.,​**ldap.akuvox001.com**). Right click the **organization unit** (eg.,​akuvox001),​ then click **New** and chose **contact**.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap53.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​4.Enter the First name, Initials, Last name, full name, Display name information to creat a contact for akuvox001. Click OK to finish the modify.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap54.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​5.Double click the contact to setup more properties for the contact.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap55.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​6.The more properties shown as below. Click OK to exit modify.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap56.png?​nolink |}} 
- 
-==== 7.4 Add multiple entries to Active Directory via ldifde Tool ==== 
-<fs medium><​ff sans-serif>​You can add multiple entries to the active directory by LDIF file. Create a new text document, then change the filename extension as “ldif” . For example, create a new text file named as “test2.ldif”,​ then open the test2.ldif with text editor and add the content. Like the below shows the content of test2.ldif file:</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap57.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​a.Put the ldif file (eg.,​test2.ldif) to the location c:\Windows directory. Click Start->​Run. Enter the cmd in the dialog box, then click OK to enter the command line interface. Enter cd c:\Windows command to access the location of ldif file.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap58.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​b.Execute ldifde -i -f tests.ldif command to import the ldif file. If the entries are added succesfully,​ the prompt “n entries modified successfully”. “n” means the number of entries added.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap59.png?​nolink |}} 
- 
-==== 7.5 Add the multiple entries to Active Directory via CSVde Tool ==== 
-<fs medium><​ff sans-serif>​You can add multiple entries to the active directory by CSV file. Create a new excel document (eg., Microsift excel), then save the document as “*.csv” format. For example, create a new excel document named as “test4.xlsx”,​ then save the test4.xlsx as test4.csv. Open the CSV file with spreadsheet application,​ then type the associated content. Like the below shows the content of test4.csv file:</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap60.png?​nolink |}} 
-<​note>​the first line is the arrtibutes of the entries. The second line is the values of an organization unit. The other lines are the values of contacts. Put the test4.csv file to the location c:​\Windows.</​note>​ 
- 
-<ff sans-serif><​fs small>​1.Click Start->​Run. Type cmd in the dialog box to enter the command line interface. Enter the **cd c:​\Windows** command to access the the path of test4.csv file.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap61.png?​nolink |}} 
- 
-<fs medium> 
-<ff sans-serif>​2.Execute **csvde -i -f test4.csv** command to import the file. If the entries are added succesfully,​ the prompt “**n entries modified successfully**”.</​ff></​fs> ​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap62.png?​nolink |}} 
- 
- 
-==== 7.6 Setup User Account ==== 
-<ff sans-serif><​fs medium>​You can create user accounts to allow access to resources on the active directory. ​ \\ 
-\\ 
-1.Click **Start->​Administrative Tools->​Server Manager**. Double click **Server Manager->​Roles->​Active Directory Domain Services**. Double click **Active Directory Domain Services** then chose** Active Directory Users and Computers**.\\ 
-\\ 
-2.Click domain name (eg., **ldap.akuvox001.com**),​ then chose Users, chose** New**, then select user.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap63.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​3.Enter First name, Initials, **Last name, Full name, User logon name**, then click **Next**.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap64.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​4.Setup the password for the user. Select the appropriate options and click **Next**. For example, set the password: **123456AAaa**.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap65.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​5.Click **finish** to save the modify.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap66.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​6.The user account created successful. Shown as below.</​fs></​ff> ​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap67.png?​nolink |}} 
- 
-<ff sans-serif><​fs medium>​7.For example, the one of organization unit -**akuvox001**,​ shown as below.</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap68.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​8.Enter the phone website, go to the path: **Phonebook->​LDAP**. Configure LDAP feature as follow:</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap69.jpg?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​The related settings is:</​ff></​fs>​ 
-<​file>​ 
-Name Filter: (|(displayName=#​)) 
-Number Filter: (|(telephoneNumber=#​)(mobile=#​)(homePhone=#​)) 
-Server: 192.168.10.174 ​   
-Port: 389 
-Base DN: OU=akuvox001,​DC=ldap,​DC=akuvox001,​DC=com 
-User name: user001@ldap.akuvox001.com 
-Password: 123456AAaa 
-Name Attribute: displayName 
-Number Attribute: telephoneNumber mobile homePhone 
-Display Name:​ displayName 
-</​file>​ 
- 
- 
-<ff sans-serif><​fs medium>​9.Pick up the handset or use Handfree key, chose Select soft key, then press down button to chose LDAP. As shown below:</​fs></​ff>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap70.png?​nolink |}} 
- 
-<fs medium><​ff sans-serif>​10.Enter some characters into the search box, it will show the result.</​ff></​fs>​ 
-{{ :​7.ip_phone:​features_and_configurations:​ldap71.png?​nolink |}}