Active Directory LDAP
From Taridium
(→Active Directory) |
(→Authentication) |
||
| (One intermediate revision not shown) | |||
| Line 10: | Line 10: | ||
In order to use the Active Directory integration you will need to make sure this service is active on your Windows Domain Controller. We recommend that you use SSL to connect to your server. To enable LDAP over SSL follow this guide [http://support.microsoft.com/default.aspx?scid=kb;en-us;321051 How to enable LDAP over SSL with a third-party certification authority]. | In order to use the Active Directory integration you will need to make sure this service is active on your Windows Domain Controller. We recommend that you use SSL to connect to your server. To enable LDAP over SSL follow this guide [http://support.microsoft.com/default.aspx?scid=kb;en-us;321051 How to enable LDAP over SSL with a third-party certification authority]. | ||
| + | |||
| + | In the ipbx AD/LDAP dialog select the primary LDAP type '''Active Directory''' and complete all required fields. The '''Match Extension To''' field needs to be set to the extension data you wish to use for provisioning and end user panel authentication. | ||
=== Standard LDAP === | === Standard LDAP === | ||
| + | |||
| + | In the ipbx AD/LDAP dialog select the primary LDAP type '''Standard LDAP''' and complete all required fields. The '''Match Extension To''' field needs to be set to the extension data you wish to use for provisioning and end user panel authentication. | ||
== Using the Module == | == Using the Module == | ||
=== Provisioning === | === Provisioning === | ||
| + | |||
| + | Provisioning is provided for adding users to your system. Enter the username or part of the user name to look up the complete account details. | ||
| + | |||
=== Directory === | === Directory === | ||
| + | |||
| + | Directory lookup is available in the End User Panel as well as on phone XML applications. | ||
| + | |||
=== Name Lookup === | === Name Lookup === | ||
| + | |||
| + | Name lookup on inbound calls is available if enabled under '''Configuration''' → '''Directory''' → '''Advanced''' by checking '''Perform Lookups against AD/LDAP Directory on all inbound calls'''. | ||
| + | |||
=== Authentication === | === Authentication === | ||
| + | |||
| + | Authentication is available for the End User Panel as well as for the administrator interface. '''Match Extension To''' or '''Match Extension To Attribute''' need to match the correct field in our LDAP directory. | ||
| + | |||
| + | For administrator authentication a one-to-one mapping, based on the '''User Name''' needs be to created. Both '''LDAP''' and '''Active Directory''' services can be used simultaneously for this feature. | ||
Latest revision as of 23:09, 29 November 2010
This optional ipbx module is installed under Advanced Setup → Modules. Registered modules are displayed with registered module.
The ipbx AD/LDAP module allows you to integrate your ipbx system with an existing Microsoft Active Directory server or a standard LDAP server. This module is available from ipbx 2.2.0 onwards.
Contents |
Configuration
To configure your directory server, go to Configuration → Directory → AD/LDAP
Active Directory
In order to use the Active Directory integration you will need to make sure this service is active on your Windows Domain Controller. We recommend that you use SSL to connect to your server. To enable LDAP over SSL follow this guide How to enable LDAP over SSL with a third-party certification authority.
In the ipbx AD/LDAP dialog select the primary LDAP type Active Directory and complete all required fields. The Match Extension To field needs to be set to the extension data you wish to use for provisioning and end user panel authentication.
Standard LDAP
In the ipbx AD/LDAP dialog select the primary LDAP type Standard LDAP and complete all required fields. The Match Extension To field needs to be set to the extension data you wish to use for provisioning and end user panel authentication.
Using the Module
Provisioning
Provisioning is provided for adding users to your system. Enter the username or part of the user name to look up the complete account details.
Directory
Directory lookup is available in the End User Panel as well as on phone XML applications.
Name Lookup
Name lookup on inbound calls is available if enabled under Configuration → Directory → Advanced by checking Perform Lookups against AD/LDAP Directory on all inbound calls.
Authentication
Authentication is available for the End User Panel as well as for the administrator interface. Match Extension To or Match Extension To Attribute need to match the correct field in our LDAP directory.
For administrator authentication a one-to-one mapping, based on the User Name needs be to created. Both LDAP and Active Directory services can be used simultaneously for this feature.
