Nervi Roberto

Consulente Informatico

Small notes to solve this. Assumes centos5 (elastix) on server side + webmin.

Install modules:

yum -y install openldap-servers openldap-clients  nss_ldap php-ldap phpldapadmin php5-ldap

If phpldapadmin does not installs via yum

open http://phpldapadmin.sourceforge.net/wiki/index.php/Main_Page

goto download

save locally the zip file

upload the zip file to pbx in /var/www/html under a subdir called phpldapadmin

goto into config subdir.

copy the config.php.example to config.php

goto perl and install module : Net::LDAP

open webmin and install these modules: ldap-server ldap-client  (one per time !)

open firewall ports:

iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT
iptables -I INPUT 2 -m state --state NEW -m tcp -p tcp --dport 626 -j ACCEPT
iptables -I INPUT 3 -m state --state NEW -m tcp -p tcp --dport 9830 -j ACCEPT
service iptables save

(if lines has to be hand added to file, then nano /etc/sysconfig/iptables and append them all BEFORE the 1st INPUT directive!)

open and configure the ldap configuration file. Fom tty (same task can be done by webmin ldap server module):

- create a ldap password and write down. from a tty: slappasswd

(this example is for 1234 as password) write it down (copy) the password hash e.g. {SSHA}sfe6R5C4Gz5lqRNQKYGxelt+fNiA+i+z

you can also use a "clear password" e.g. 1234 by typiyng it directly into ldap config file e.g. rootpw 1234

pay double attention to coloured items !

nano /etc/openldap/slapd.conf

suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"

rootpw {SSHA}sfe6R5C4Gz5lqRNQKYGxelt+fNiA+i+z

access to dn=uid=Manager,dc=my-domain,dc=com by * read by * write by * search
access to * by * read
access to * by * write

start ldap server and put it into autostart:

service ldap start && chkconfig ldap on

Open webmin ldap server module and read topline: one or two messages can appear and webmin will fix them easily.

 

The LDAP server data directory /var/lib/ldap contains files not owned by the correct user ldap, which means that it is unlikely to start up properly. However, Webmin can fix this for you by clicking the button below.

Press the button "fix ownership"

Your LDAP server's database does not contain the root DN dc=my-domain,dc=com yet, which means that no data can be added until you create it.
However, Webmin can do this for you by clicking the button below.

Press the button "create root dn" and wait some seconds.

=== end of server config

Open  ServerIP/phpldapadmin. check if the httpd ldap extension is on --> no message on page top. If message then

yum install php5-ldap

service httpd restart

We can now add names to our database.

Open  ServerIP/phpldapadminwith a browser, press "autenticate" on left side

type login credentials:

AccessDN: cn=Manager,dc=my-domain,dc=com

password: 1234 (or whatever you used)

Press the start near to "create a child object"

as template choose "generic Address Book Entry"

fill the form and save

======================== end of name input

 

Fanvil's X5 configuration:

Log into phone with admin account

phone book -> cloud phonebook -> LDAP Settings >

choose the ldap position

Display Title  --> what will appears into phone

Server Address  -> type your ldap server IP

Authentication -> simple

username -> cn=Manager,dc=my-domain,dc=com

password -> 1234 (or whatever else)

search base -> dc=my-domain,dc=com

Enable Calling Search -> ON

dont touch other cells as them are WHAT the phone searchs for attributes

cn --> displayname

telephonenumber
mobile
home

 

 

NOTE: Thunderbird and phones can ONLY READ the directory ! Any edit / update must be performed via PHP amdin interface or with more sophisticated software e.g.

http://www.ldapadmin.org/download/ldapadmin.html