This section instructs you to access the system address book of the Abilis LDAP server and keep synchronised the voip users.

Add and active the LDAP resource as explained in the chapter: "activating the LDAP resource".

Create a LDAP account.

[21:44:12] ABILIS_CPX:a user:test act:yes pwd:test ldap:yes

COMMAND EXECUTED

If anonymous authentication is required, the guest user must be active and its LDAP parameter enabled.

[21:44:12] ABILIS_CPX:s user:guest act:yes ldap:yes

COMMAND EXECUTED

	Note
	By default the anonymous user has access just to the "published" address book, so use the command s ldap rights id:3 user:anonymous grants:r to allow anonymous to access the system address book. You may also want to limit the access of LDAP client to the LAN then use the command s p res:ldap ip-src:192.168.0.0/16 and execute the initialization command init res:ldap.

Check the users to be kept synchronised, in this example let's created a few users.

[00:18:51] ABILIS_CPX:a user:frank iax:yes iax-number:2222

COMMAND EXECUTED

[00:18:56] ABILIS_CPX:a user:anne sip:yes sip-number:3333

COMMAND EXECUTED

[00:19:29] ABILIS_CPX:a user:george ctip:101

COMMAND EXECUTED

[00:23:56] ABILIS_CPX:a cticl clus:myclus

COMMAND EXECUTED

[00:24:05] ABILIS_CPX:s cticl clus:myclus num:7777

COMMAND EXECUTED

[00:24:08] ABILIS_CPX:a user:jack clus:myclus

COMMAND EXECUTED

Enable LDAP-USER-SYNC in each user you want to keep synchronised in the system address book and specify the phone interface via the LDAP-NUMBER user parameter.

[00:18:51] ABILIS_CPX:s user:frank addrbook-sync:ldap addrbook-number:ctiiax

COMMAND EXECUTED

[00:18:56] ABILIS_CPX:s user:anne addrbook-sync:yes addrbook-number:ctisip

COMMAND EXECUTED

[00:19:29] ABILIS_CPX:s user:george addrbook-sync:yes addrbook-number:ctip

COMMAND EXECUTED

[00:24:08] ABILIS_CPX:s user:jack addrbook-sync:yes addrbook-number:clus

COMMAND EXECUTED

You may set USER-SYNC:YES in LDAP resource port but you should not use this way in most cases. You may errouneusly synchronize users you want to keep hidden. Moreover if this parameter is switched from YES to NO you risk to lost part of saved data (non synchronised attributes of synchronised contacts).

You may also modify, via macros, the number provided to LDAP via LDAP-NUM parameter in CTIIAX/CTISIP/CTIP/CLUSTER interfaces.

[21:47:12] ABILIS_CPX:s user:frank iax-addrbook-num:02'IAX-NUMBER'

COMMAND EXECUTED

[21:47:33] ABILIS_CPX:s user:anne sip-addrbook-num:'SIP-NUMBER.s2'

COMMAND EXECUTED

[21:48:44] ABILIS_CPX:s ctip:101 addrbook-num:02'NUM'

COMMAND EXECUTED

[21:48:55] ABILIS_CPX:s cticl clus:myclus addrbook-num:'NUM'123

COMMAND EXECUTED

[21:49:00] ABILIS_CPX:init res:ctisys

INIT CTI SYSTEM IN PROGRESS, THIS MAY TAKE FEW MINUTES...

COMMAND EXECUTE

	Note
	Any modfication to CTI ports or Clusters need the CTI system initialization via the command init res:ctisys.

Hide the address books you are not interested in via the LDAP rights table. The following commands allow just the system address book will be visible to the user named "test".

[21:49:08] ABILIS_CPX:a ldap rights id:1 user:test grants:-r

COMMAND EXECUTED

[21:49:28] ABILIS_CPX:a ldap rights id:2 user:test grants:-r

COMMAND EXECUTED

The user may now access LDAP server via LDAP client or via Abilis web interface. To access web pages provide the LDAP accont with additional HTTP rights.

[21:49:08] ABILIS_CPX:s user:test http:yes

COMMAND EXECUTED

[21:49:35] ABILIS_CPX:a http rights id:2 user:test file:r dir:l

COMMAND EXECUTED

To know how to read/modify/create/remove contacts via the web interface or via a LDAP client check the chapter "handling contacts".

Advanced VoIP phones include a LDAP client able to translate the number of an incoming call to the corresponding contact name. The task of this section is to configure the Abilis LDAP server to provide its contacts to VoIP phones.

Add and active the LDAP resource as explained in the chapter: "activating the LDAP resource".

You may also want to limit the access of LDAP client to the LAN (i.e. 192.168.X.X) via the ipsrc and ipsrclist parameters.

[20:09:28] ABILIS_CPX: s p ldap ipsrc:192.168.0.0

COMMAND EXECUTED

[20:11:12] ABILIS_CPX:list create ldap_allow ir

COMMAND EXECUTED

[20:11:20] ABILIS_CPX:a list:ldap_allow 192.168.0.0:192.168.0.254

COMMAND EXECUTED

[20:14:26] ABILIS_CPX:s p res:ldap ipsrclist:ldap_allow

COMMAND EXECUTED

[20:15:01] ABILIS_CPX:d p res:ldap

RES:Ldap ----------------------------------------------------------------------
Run    DESCR:Lightweight_Directory_Access_protocol
       LOG:NO           mxps:2048    TOS:0-N
       - LDAP Server ----------------------------------------------------------
       SRV-ACT:YES                   srv-sesnum:10       tcp-locport:389
       IPSRC:192.168.000.000         IPSRCLIST:ldap_allow
       SRV-SIZE-LIMIT:NO             SRV-TIME-LIMIT:NO   SRV-DT:60
       max-entries:1000              DN-FIRST-ATTR:cn
       root:dc=abilis,dc=net
       wdir:C:\APP\LDAP\
       - LDAP Client ----------------------------------------------------------
       CLI-ACT:YES                   cli-sesnum:5        MAX-REFERRALS:10
       CLI-SIZE-LIMIT:NO             CLI-TIME-LIMIT:NO   CLI-DT:60
       CLI-REM-ACCOUNT-PERMANENT:YES CLI-MAX-TOUT:60
       CLI-PERMANENT-RETRY-DELAY:60

	Caution
	To activate the changes made on the upper case parameters, execute the initialization command init res:ldap; while to activate the changes made on the lowercase parameters a save conf and an Abilis restart are required (i.e. with warm start command).

Create a LDAP account.

[21:44:12] ABILIS_CPX:a user:test act:yes pwd:test ldap:yes

COMMAND EXECUTED

The user automatically gains the reading right over all the main address books.

If the anonymous authentication is required, the guest user must be active and its LDAP parameter enabled.

[21:44:12] ABILIS_CPX:s user:guest act:yes ldap:yes

COMMAND EXECUTED

The guest by default has not the right to access the system address book and the contacts address book so let's grant it.

[13:15:27] ABILIS_CPX:s ldap rights id:1 user:guest grants:r

COMMAND EXECUTED

[13:15:27] ABILIS_CPX:s ldap rights id:3 user:guest grants:r

COMMAND EXECUTED

Let's configure a Snom 300 VoIP phone to display the LDAP attribute "common name" instead of displaying just the calling number.

Via the web interface of the SNOM open the Advanced section page and set the following parameters:

	Note
	Changing the "Base" parameter you may change the scope of contacts, i.e. to access only the contacts address book set "Base" as addressBook=contacts,dc=addressBooks,dc=abilis,dc=net.

The SNOM web interface should look in this way:

Figure 42.2. SNOM 300 Advanced web page

Now the phone will display the Common Name provided by the Abilis LDAP server instead of any known calling number.

Figure 42.3. SNOM 300 LCD when the calling number is known to LDAP server

To know how to read/modify/create/remove contacts via the web interface or via a LDAP client check the chapter "handling contacts".

The goal of this section is to configure a mail client (Thunderbird) to enable autocompletion when editing the recipient of a message.

Add and active the LDAP resource as explained in the chapter: "activating the LDAP resource".

You may also want to limit the access of LDAP clients to the LAN (i.e. 192.168.X.X) via the ipsrc and ipsrclist parameters.

[20:09:28] ABILIS_CPX: s p ldap ipsrc:192.168.0.0

COMMAND EXECUTED

[20:11:12] ABILIS_CPX:list create ldap_allow ir

COMMAND EXECUTED

[20:11:20] ABILIS_CPX:a list:ldap_allow 192.168.0.0:192.168.0.254

COMMAND EXECUTED

[20:14:26] ABILIS_CPX:s p res:ldap ipsrclist:ldap_allow

COMMAND EXECUTED

[20:15:01] ABILIS_CPX:d p res:ldap

RES:Ldap ----------------------------------------------------------------------
Run    DESCR:Lightweight_Directory_Access_protocol
       LOG:NO           mxps:2048    TOS:0-N
       - LDAP Server ----------------------------------------------------------
       SRV-ACT:YES                   srv-sesnum:10       tcp-locport:389
       IPSRC:192.168.000.000         IPSRCLIST:ldap_allow
       SRV-SIZE-LIMIT:NO             SRV-TIME-LIMIT:NO   SRV-DT:60
       max-entries:1000              DN-FIRST-ATTR:cn
       root:dc=abilis,dc=net
       wdir:C:\APP\LDAP\
       - LDAP Client ----------------------------------------------------------
       CLI-ACT:YES                   cli-sesnum:5        MAX-REFERRALS:10
       CLI-SIZE-LIMIT:NO             CLI-TIME-LIMIT:NO   CLI-DT:60
       CLI-REM-ACCOUNT-PERMANENT:YES CLI-MAX-TOUT:60
       CLI-PERMANENT-RETRY-DELAY:60

	Caution
	To activate the changes made on the upper case parameters, execute the initialization command init res:ldap; while to activate the changes made on the lowercase parameters a save conf and an Abilis restart are required (i.e. with warm start command).

Thunderbird doesn't support LDAP user authentication so let's enable the anonymous user in Abilis (guest) and set its LDAP right to allow him to access the contacts address book.

[17:50:23] ABILIS:s user:guest act:yes ldap:yes

COMMAND EXECUTED

[17:51:16] ABILIS_CPX:d user

- Not Saved (SAVE CONF) -------------------------------------------------------
USER:            PWD: ACT: CTIP: CLUS:    PPP: FTP: HTTP: MAIL: IAX: SIP: LDAP:
--------------------------------+--------------+-------------------------------
admin            ***  YES  #     #        YES  YES  YES   YES   NO   NO   YES
guest                 YES  #     #        NO   NO   NO    NO    NO   NO   YES

[17:51:24] ABILIS:s ldap rights id:1 user:anonymous grants:r

COMMAND EXECUTED

[17:52:07] ABILIS:d ldap rights

- Not Saved (SAVE CONF) -------------------------------------------------------
-------------------------------------------------------------------------------
ID: ADDRESSBOOK:
       USER:                            GRANTS:
-------------------------------------------------------------------------------
  1 contacts
       admin                            rwcd
       anonymous                        r---
-------------------------------------------------------------------------------
  2 published
       admin                            rwcd
       anonymous                        r---
-------------------------------------------------------------------------------
  3 system
       admin                            rw--
       anonymous                        ----
-------------------------------------------------------------------------------

In Thunderbird open the Account Settings dialog (select Tools ->Account Settings) then select your account and click the Composition & Addressing tab, finally add a new LDAP dir.

Figure 42.4. Account Settings Dialog / Composition & Addressing Tab

Click the Add button and use the following parameters.

	Note
	Changing the "Base DN" parameter you may change the scope of contacts, i.e. to access all main address books set base as dc=addressBooks,dc=abilis,dc=net and execute the command s ldap rights id:3 user:anonymous grants:r

The dialog should appear in this way:

Figure 42.5. LDAP properties

Set the Abilis LDAP server as the current LDAP for this account.

Then you may try to write a mail using the "common name" of a person and Thunderbird will autocomplete the mail address for you. In the example the "Contacts" address book include the contact of "Clark Kent", the tooltip will appear as soon as you write a few chars.

Figure 42.6. Autocompletion

To know how to read/modify/create/remove contacts via the web interface or via a LDAP client check the chapter "handling contacts".