Вопрос по интеграции Asterisk'а с Active Directory посредством LDAP.Вот что накопано в дебрях документации и на просторах Интернета:
1. extconfig.conf:
sipusers = ldap, "dc=domain,dc=tld",sip
sippeers = ldap, "dc=domain,dc=tld",sip2. res_ldap.conf
[_general]
url = ldap://domain.tld:3268/
basedn = dc=domain,dc=tld
user = cn=asterisk,ou=Services,dc=domain,dc=tld
pass = ********[sip]
name = sAMAccountName
callerid = cn
mailbox = mail
regexten = ipPhone
host = info
type = facsimileTelephoneNumber
additionalFilter = (objectClass=person)3. sip.conf
[general]
context = default
regcontext = default
nat = yes
rtcachefriends = yes
rtupdate = noПримечания:
1. domain.tld - пароли и явки изменены.
2а. Почему-то поиск в LDAP (AD) успешен только при поиске в глобальном каталоге (порт 3268), несмотря на аутентификацию...
2б. В AD в поле "IP phone" - ipPhone указан номер экстеншена, в поле "Notes" - info указано "dynamic", а в поле "Fax" - facsimileTelephoneNumber указано "friend". Умнее ничего пока не придумал...
Результат:
CLI> sip show peers
Name/username Host Dyn Forcerport ACL Port Status Realtime
user/user 192.168.x.y D N 12723 Unmonitored Cached RT
otheruser/otheruser 192.168.x.z D N 5060 Unmonitored Cached RTРегистрация проходит успешно, но
CLI> dialplan show default
[ Context 'default' created by 'SIP' ]
'1001' => 1. Noop(user) [SIP]
'1002' => 1. Noop(otheruser) [SIP]
Include => 'demo' [pbx_config]
Alt. Switch => 'Realtime/@' [pbx_config]И, соответсвенно, получаем при звонке с одного экстеншена на другой:
== Using SIP RTP CoS mark 5
-- Executing [1001@default:1] NoOp("SIP/otheruser-0000000c", "user") in new stack
-- Auto fallthrough, channel 'SIP/otheruser-0000000c' status is 'UNKNOWN'Собственно вопрос - как добиться нормальных звонков с/на такие экстеншены?
P.S. Пример рабочего экстеншена, созданный TrixBox'ом (dialplan show):
'1001' => hint: SIP/1001&Custom:DND1001 [pbx_config]
1. Macro(exten-vm,novm,1001) [pbx_config]
2. Goto(${IVR_CONTEXT},return,1) [pbx_config]
'user' => 1. Goto(from-internal,1001,1) [pbx_config]
Т.е. экстеншены, создаваемые res_ldap'ом тоже должны иметь "Macro(exten-vm,novm,1001)"
Если в res_ldap.conf заменить поле regexten на defaultuser, получается даже интереснее:
[_general]
url = ldap://domain.tld:3268/
basedn = dc=domain,dc=tld
user = cn=asterisk,ou=Services,dc=domain,dc=tld
pass = ********[sip]
name = sAMAccountName
callerid = cn
mailbox = mail
defaultuser = ipPhone
host = info
type = facsimileTelephoneNumber
additionalFilter = (objectClass=person)
CLI> sip show peers
Name/username Host Dyn Forcerport ACL Port Status Realtime
user/1001 192.168.x.y D N 12723 Unmonitored Cached RT
otheruser/1002 192.168.x.z D N 5060 Unmonitored Cached RT
CLI> dialplan show default
[ Context 'default' created by 'SIP' ]
'user' => 1. Noop(user) [SIP]
'otheruser' => 1. Noop(otheruser) [SIP]
Include => 'demo' [pbx_config]
Alt. Switch => 'Realtime/@' [pbx_config]И со звонками, соответсвенно, ещё хуже (или не лучше):
== Using SIP RTP CoS mark 5
[Mar 25 12:46:54] NOTICE[28288]: chan_sip.c:21364 handle_request_invite: Call from '1002' to extension '1001' rejected because extension not found in context 'default'.
Очень нужна помощь по данному вопросу, не проходит регистрация пиров.
Конек к базе по LDAP есть.
Вот что есть
pbx100*CLI> realtime show ldap status
Connected to 'ldap://dcn.test.local:3268/', baseDN dc=test,dc=local with
username test\ldapuser for 37 minutes, 34 seconds.Делаем
pbx100*CLI> sip show peer 1141 load
Peer 1141 not found.А вот кусочек лога
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: disti
nguishedName value: CN=Nipuser Fipuser,CN=Users,DC=test,DC=local
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: insta
nceType value: 4
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: whenC
reated value: 20130129085716.0Z
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: whenC
hanged value: 20130129120551.0Z
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: displ
ayName value: Nipuser Fipuser
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: uSNCr
eated value: 590827
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: uSNCh
anged value: 591060
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: name
value: Nipuser Fipuser
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: objec
tGUID value: .e.?w.O......s.
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: userA
ccountControl value: 66048
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: prima
ryGroupID value: 513
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: objec
tSid value: ..
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: sAMAc
countName value: ipuser
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: sAMAc
countType value: 805306368
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: userP
rincipalName value: ipuser@test.local
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: regex
ten value: 1141
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: objec
tCategory value: CN=Person,CN=Schema,CN=Configuration,DC=test,DC=local
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: dSCor
ePropagationData value: 20130129095637.0Z
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: dSCor
ePropagationData value: 20130129095637.0Z
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: dSCor
ePropagationData value: 20130129095637.0Z
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(488) attribute_name: dSCor
ePropagationData value: 16010108151056.0Z
[Jan 30 12:08:36] DEBUG[4997] res_config_ldap.c: LINE(522) Added to vars - non s
tatic
[Jan 30 12:08:36] DEBUG[4997] chan_sip.c: -REALTIME- peer built. Name: 1141. Pee
r objects: 1
[Jan 30 12:08:36] DEBUG[4997] db.c: Unable to find key 'Nipuser Fipuser' in fami
ly 'SIP/Registry'
[Jan 30 12:08:36] DEBUG[4997] chan_sip.c: Bah, we're expired (1359533316/0/13595
33316)!
[Jan 30 12:08:36] DEBUG[4997] db.c: Unable to find key 'Nipuser Fipuser' in fami
ly 'SIP/Registry'
[Jan 30 12:08:36] DEBUG[4997] chan_sip.c: -REALTIME- loading peer from database
to memory. Name: Nipuser Fipuser. Peer objects: 1
[Jan 30 12:08:36] DEBUG[4997] chan_sip.c: Destroying SIP peer Nipuser Fipuser
[Jan 30 12:08:36] DEBUG[4997] chan_sip.c: -REALTIME- peer Destroyed. Name: Nipus
er Fipuser. Realtime Peer objects: 0
Как на счет интеграции elastix и Active Directory
Там надо читать домен доставать из него samsacautname, telephonenumber писать в базу и далее пихать в конфиги астера