Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

With this driver Asterisk, using the Realtime Database Configuration, can access and update information in an LDAP directory. Asterisk can configure SIP/IAX2 users, extensions, queues, queue members, and entire configuration files. This guide assumes you have a working knowledge of LDAP and have an LDAP server with authentication already setup. Asterisk requires read and write permissions to update the directory.

See configs/res_ldap.conf.sample for a configuration file sample.
See contrib/scripts for the LDAP schema and ldif files needed for the LDAP server.

...

From within your Asterisk source directory:

Code Block

cd contrib/scripts
sudo cp asterisk.ldap-schema /etc/ldap/schema/
sudo service slapd restart
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f ./asterisk.ldif

Let's edit the extconfig.conf file to specify LDAP as our realtime storage engine and where Asterisk will look for data.

Code Block

sippeers = ldap,"ou=sip,dc=example,dc=domain",sip
sipusers = ldap,"ou=sip,dc=example,dc=domain",sip
extensions = ldap,"ou=extensions,dc=example,dc=domain",extensions

...

Basic sip users record layout which will need to be saved to a file (we'll use 'createduser.ldif' here as an example). This example record is for sip user '1000'. This example record is for sip user '1000'.

Code Block

dn: cn=1000,ou=sip,dc=digium,dc=internal
objectClass: AsteriskAccount
objectClass: AsteriskExtension
objectClass: AsteriskSIPUser
objectClass: top
AstAccountName: sip user
cn: 1000
AstAccountDefaultUser: 0
AstAccountExpirationTimestamp: 0
AstAccountFullContact: 0
AstAccountHost: dynamic
AstAccountIPAddress: 0
AstAccountLastQualifyMilliseconds: 0
AstAccountPort: 0
AstAccountRegistrationServer: 0
AstAccountType: 0
AstAccountUserAgent: 0
AstExtension: 1000

Let's add the record to the LDAP server:

Code Block

sudo ldapadd -D "cn=admin,dc=example,dc=domain" -x -W -f createduser.ldif

...

For AstAccountRealmedPassword authentication use this.

Code Block

printf "<secret composed of username, realm, and password goes here>" | md5sum

For AstMD5secret authentication use this.

Code Block

printf "password" | md5sum