pascom Cloud Phone System Documentation and Release Notes
Users from LDAP Directory
Synchronise and Authenticate your Users against LDAP
The “Lightweight Directory Access Protocol” (LDAP) is a network protocol for processing of queries and alterations in a shared directory service. LDAP itself is not a directory, but rather the protocol, via which one can use a specific syntax to query information from a LDAP directory.
In order to be allowed to read data from LDAP, a user with the appropriate permissions is required. Enter this user a password and check the password never expires option.
pascom phone system authenticates itself against LDAP for each connector run. If you wish to change the password, you must change it in both LDAP and within the pascom Connector profile:
“Users from LDAP” Connector Profile
Create a new connector profile by navigating to the following options within the pascom admin Web UI: > and click .
Select the template Users from LDAP and enter the following information:
Connector profile name
URL to the LDAP directory
BaseDN specifies the position within the LDAP directory which should be read
User with LDAP directory access permissions (LDAP bindDN)
Password for LDAP Authentication
Filter for more detailed LDAP directory searches
Enable User Authentication
NO: Users will be imported and the authenticated against the pascom server. YES: Users will be imported and can be authenticated against LDAP. In this case, the authentication will be setup and you can modify it to your requirements under > im Reiter .
(optional) You can enter the field name from which the to be imported users' username should be read. Default: samAccountName
Create pascom Softphone
YES: Automatically adds a pascom softphone for every imported user. NO: No pascom softphones will be added for imported users.
Create mobile phone
YES: Creates a mobile phone device for every imported user. NO: No mobile devices will be added for imported users.
After saving, the template can be modified according to requirements under the tab .
Use multiple LDAP URIs from your authentication servers.
Click > from the menu and go to the tab. Here you can specify multiple LDAP(S) URIs, which are separated by a space. If one LDAP server fails, we simply use the second server entered.
Per default, the template will import all users from the LDAP directory. Using the tab you can restrict the import according to certain factors e.g. displayName is populated. Simply replace “return true;” with the following code:
return array_key_exists('displayName', $row);
User Fields in LDAP
Via the tab, in the Source column it is possible to define from which LDAP user fields the information can be read from. The Variables in the left column define which information sets can be imported into the pascom phone system.
The preset fields are suggestions for the template. It is possible to add, modify and remove fields i.e. completely alter the import structure to match your requirements.
Test and Activate the Import Process
After you have finalised your configuration, you can test the connector profile to determine which datasets will be imported using the button. Once you are satisfied with the results, it is possible to either perform a one off import using the > option or automate the import to be performed at regular intervals by clicking the button.
If you have configured the template using the Configure authenticationYES option, it is now possible to test the user authentication process using the following menu options > under the tab and finally using the button.
Do you want to make changes to source variables or the Connector structure? Then follow the links below to the appropriate instructions: