Using LDAP in Yealink IP Phones

LDAP is an application protocol for accessing and providing information services for a distributed directory over an IP network. Phones can be configured to communicate with a corporate directory server that supports LDAP version 2 or 3 to use the directory as the company’s corporate phone book.

LDAP setup

First make sure the LDAP server is running and the phone can access it.

To check the availability of the server, you can, for example, ping the server using the command pinglaunched from the OSD menu or the phone’s web interface.

OSD: Menu -> Options -> Diagnostics -> Network -> Ping
Web interface: Network -> Diagnostics -> Command [выбрать Ping в выпадающем меню]

ping command example

Connecting and configuring the directory

Go to the web interface of the phone.

Web interface: Contacts -> LDAP

Complete the LDAP directory parameter fields.

Parameter value LDAP Status/LDAP Enable change to Included.

LDAP Options – TLS Mode, LDAP Server Address, Port, LDAP Username, LDAP Password, LDAP Base, Protocol, LDAP Name Atributes, LDAP Number Atributes – says the LDAP server administrator. LDAP options such as Label, Max hits, LDAP Sorting Results, are filled according to the preferences of the company. Options LDAP Display Name, LDAP Name Filter, LDAP Number Filter filled in according to the preferences of the company in accordance with the parameters LDAP Name Attributes, LDAP Number Attributes.

If you want incoming/outgoing calls in the LDAP directory to be searched for a matching subscriber number, enable the option LDAP search on incoming/outgoing call.

After filling in all the parameters, click the button Save. If everything is done correctly, the book will be displayed in the list of phone books in the OSD menu of the phone.

Example of LDAP phone book settings (old version of the web interface)
Example of LDAP phone book settings (new version of the web interface)

View contacts, search by contacts

To view the list of contacts and search for contacts, select LDAP Directorypress Entrance. If the server requires authorization and it was not performed automatically (parameters LDAP username and LDAP password), when entering the directory, authorization may be required.

OSD: Menu -> Contacts -> LDAP Directory Name

List of parameters for manual configuration and auto provisioning, their location and description

All of the following parameters can be configured through the web interface along the path Contacts -> LDAP and cannot be configured through the unit’s OSD menu.

LDAP Enable – enable/disable LDAP.
Parameter in .cfg:
ldap.enable = value,
where value 0 is disabled, 1 is enabled.
Example: ldap.enable = 1

LDAP Label is the display name of the directory.
Parameter in .cfg:
ldap.customize_label = value,
where value is the directory name.
Example: ldap.customize_label = book1

LDAP Name Filter – filter option for searching contacts on the server.
Parameter in .cfg:
ldap.name_filter = value,
where value is a list of filter parameters;
the * character denotes any attribute character;
the % character denotes the name of the attribute.
Example: ldap.name_filter = (&(cn=*)(sn=%))

LDAP Number Filter – A filter option for displaying a list of the contact’s phone numbers.
Parameter in .cfg:
ldap.number_filter = value,
where value is a list of filter parameters;
the symbol * denotes any number;
the % character denotes a number entered by the user.
Example: ldap.number_filter = telephoneNumber=*

LDAP TLS mode – a parameter that configures the type of secure connection to the LDAP server.
Parameter in .cfg:
ldap.tls_mode = value,
where value is 0, 1, 2,
0 – LDAP; 1 – LDAP TLS start; 2 – LDAPs.
Example: ldap.tls_mode = 2

LDAP server address — address of the server where the directory is located.
Parameter in .cfg:
ldap.host = value,
where value is the address of the server.
Example: ldap.host = 192.168.205.5

Port – Port of the LDAP server.
Parameter in .cfg:
ldap.port = value,
where value is the port used to access the service. By default, when connecting without TLS, port 389 is used; when connecting with TLS, port 636 is used.
Example: ldap.port=389

LDAP username – username used for authorization on the LDAP server.
Parameter in .cfg:
ldap.user = value,
where value is the username.
Example: ldap.user = ldap.user = cn=manager,dc=yealink,dc=cn

LDAP password — password used for authorization on the LDAP server.
Parameter in .cfg:
ldap.password = value,
where value is the user’s password.
Example: ldap.password = qwerty123

LDAP Base – base directory for directory search.
Parameter in .cfg:
ldap.base = value,
where value is the location of the directory.
Example: ldap.base = ldap.base = dc=yealink,dc=cn

Max Hits – the maximum number of contacts returned by the server when searching (default – 50, allowed – 1-1000). Please note that if the value of this parameter is large, the LDAP directory search may take a long time.
Parameter in .cfg:
ldap.max_hits = value,
where value is quantity.
Example: ldap.max_hits = 50

LDAP Name Atributes – Determines which name attributes will be returned by the server when processing a request. Can contain multiple values ​​separated by spaces.
Parameter in .cfg:
ldap.name_attr = value,
where value is a list of attributes.
Example: ldap.name_attr = cn sn

LDAP Number Atributes – determines which number attributes will be returned by the server when processing a request. Can contain multiple values ​​separated by spaces.
Parameter in .cfg:
ldap.numb_attr = value,
where value is a list of attributes.
Example: ldap.numb_attr = telephoneNumber mobile ipPhone

LDAP Display Name – Configures the name attributes displayed on the screen. Each value must start with a %.
Parameter in .cfg:
ldap.display_name = value,
where value is a list of attributes.
Example: ldap.display_name = %cn

Protocol – version of the LDAP protocol.
Parameter in .cfg:
ldap.version = value,
where value is the protocol version (2 or 3).
Example: ldap.version=3

Outgoing LDAP Search — Performs an LDAP lookup for outgoing calls.
Parameter in .cfg:
ldap.call_out_lookup = value,
where value 0 is disabled, 1 is enabled.
Example: ldap.call_out_lookup = 1

Incoming LDAP Search — Performs an LDAP lookup for incoming calls.
Parameter in .cfg:
ldap.call_in_lookup = value,
where value 0 is disabled, 1 is enabled.
Example: ldap.call_in_lookup = 1

LDAP Sorting Results – Enable or disable sorting of search results in alphabetical or numeric order.
Parameter in .cfg:
ldap.ldap_sort = value,
where value 0 is disabled, 1 is enabled.
Example: ldap.ldap_sort = 0

List of the most common LDAP attributes

Abbreviation

Full title

Description

gn

givenName

Name

cn

common name

LDAP attribute consisting of first and last name

sn

surname

Surname

dn

distinguishedName

Unique record identifier

dc

dc

Domain Component

company

Name of the organization

telephoneNumber

work number

mobile

mobilephoneNumber

Mobile number

ipPhone

IPphoneNumber

home number

For information about the attributes of the LDAP server used by the company, contact the administrator of that server.

Manual editing and loading of the configuration file

The configuration file is imported from the phone’s web interface.

Web interface: Settings -> Configurations -> .cfg configuration file -> Export configuration file (with All settings option).

The imported file must be opened with a text editor (Notepad, Notepad ++, etc.), its editing is carried out by adding, changing or deleting lines.

The configuration file is imported back to the phone.

Web interface: Settings -> Configurations -> .cfg config file -> Import config file.

Editing the configuration file (old version of the web interface)
Editing the configuration file (new version of the web interface)

To be continued

107

Similar Posts

Leave a Reply Cancel reply