Small notes to solve this. Assumes centos5 (elastix) on server side + webmin.
Install modules:
yum -y install openldap-servers openldap-clients nss_ldap php-ldap phpldapadmin php5-ldap
If phpldapadmin does not installs via yum
open http://phpldapadmin.sourceforge.net/wiki/index.php/Main_Page
goto download
save locally the zip file
upload the zip file to pbx in /var/www/html under a subdir called phpldapadmin
goto into config subdir.
copy the config.php.example to config.php
goto perl and install module : Net::LDAP
open webmin and install these modules: ldap-server ldap-client (one per time !)
open firewall ports:
iptables -I INPUT 1 -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT
iptables -I INPUT 2 -m state --state NEW -m tcp -p tcp --dport 626 -j ACCEPT
iptables -I INPUT 3 -m state --state NEW -m tcp -p tcp --dport 9830 -j ACCEPT
service iptables save
(if lines has to be hand added to file, then nano /etc/sysconfig/iptables and append them all BEFORE the 1st INPUT directive!)
open and configure the ldap configuration file. Fom tty (same task can be done by webmin ldap server module):
- create a ldap password and write down. from a tty: slappasswd
(this example is for 1234 as password) write it down (copy) the password hash e.g. {SSHA}sfe6R5C4Gz5lqRNQKYGxelt+fNiA+i+z
you can also use a "clear password" e.g. 1234 by typiyng it directly into ldap config file e.g. rootpw 1234
pay double attention to coloured items !
nano /etc/openldap/slapd.conf
suffix "dc=my-domain,dc=com"
rootdn "cn=Manager,dc=my-domain,dc=com"
rootpw {SSHA}sfe6R5C4Gz5lqRNQKYGxelt+fNiA+i+z
access to dn=uid=Manager,dc=my-domain,dc=com by * read by * write by * search
access to * by * read
access to * by * write
start ldap server and put it into autostart:
service ldap start && chkconfig ldap on
Open webmin ldap server module and read topline: one or two messages can appear and webmin will fix them easily.
The LDAP server data directory /var/lib/ldap contains files not owned by the correct user ldap, which means that it is unlikely to start up properly. However, Webmin can fix this for you by clicking the button below.
Press the button "fix ownership"
Your LDAP server's database does not contain the root DN dc=my-domain,dc=com yet, which means that no data can be added until you create it.
However, Webmin can do this for you by clicking the button below.
Press the button "create root dn" and wait some seconds.
=== end of server config
Open ServerIP/phpldapadmin. check if the httpd ldap extension is on --> no message on page top. If message then
yum install php5-ldap
service httpd restart
We can now add names to our database.
Open ServerIP/phpldapadminwith a browser, press "autenticate" on left side
type login credentials:
AccessDN: cn=Manager,dc=my-domain,dc=com
password: 1234 (or whatever you used)
Press the start near to "create a child object"
as template choose "generic Address Book Entry"
fill the form and save
======================== end of name input
Fanvil's X5 configuration:
Log into phone with admin account
phone book -> cloud phonebook -> LDAP Settings >
choose the ldap position
Display Title --> what will appears into phone
Server Address -> type your ldap server IP
Authentication -> simple
username -> cn=Manager,dc=my-domain,dc=com
password -> 1234 (or whatever else)
search base -> dc=my-domain,dc=com
Enable Calling Search -> ON
dont touch other cells as them are WHAT the phone searchs for attributes
cn --> displayname
telephonenumber
mobile
home
NOTE: Thunderbird and phones can ONLY READ the directory ! Any edit / update must be performed via PHP amdin interface or with more sophisticated software e.g.
http://www.ldapadmin.org/download/ldapadmin.html