Code Monkey home page Code Monkey logo

freepbx-ldap's Introduction

FreePBX LDAP Directory

A simple LDAP server to serve a searchable address book of internal extensions from the FreePBX DB

How it works

It starts the LDAP service on port 10389 and responds to directory search requests by translating them into a SQL query against the "asterisk.users" table in MySQL.

Since we aren't working with sensitive information or trying to implement authentication, but most phones require a bind request with a username & password before they'll search, it'll respond as success to any bind request without checking credentials.

This means the address list will always be up-to-date, as there is no import/export.

Two fields are returned for each result, "displayName" and "telephoneNumber".

MySQL to LDAP mapping is:

  • "name" in MySQL maps to "displayName" in LDAP
  • "extension" in MySQL maps to "telephoneNumber" in LDAP

Build & Usage

To build, you will need the Go runtime and to build you just need to run:

go build

Recommended Install Procedure

# mkdir -p /opt/freepbx-ldap
# cp <freepbx-ldap binary location> /opt/freepbx-ldap/freepbx-ldap
# chown -R asterisk:asterisk /opt/freepbx-ldap
# chmod +x /opt/freepbx-ldap/freepbx-ldap
# cp <systemd/freepbx-ldap.service location> /etc/systemd/system/freepbx-ldap.service
# systemctl daemon-reload
# systemctl enable freepbx-ldap
# systemctl start freepbx-ldap

Phone Configuration

You'll need to configure your IP phones to look up against the LDAP server.

See examples below:

Snom720 - snom720-main.htm

<?xml version="1.0" encoding="utf-8"?>
<settings>
        <phone-settings>
                *** Other Settings ***

                <ldap_server perm="">***server_ip***</ldap_server>
                <ldap_port perm="">10389</ldap_port>
                <ldap_base perm="">dc=asterisk</ldap_base>
                <ldap_username perm="">asterisk</ldap_username>
                <ldap_max_hits perm="">100</ldap_max_hits>
                <ldap_search_filter perm="">(&(telephoneNumber=*)(displayName=%))</ldap_search_filter>
                <ldap_number_filter perm="">(&(telephoneNumber=%)(displayName=*))</ldap_number_filter>
                <ldap_name_attributes perm="">displayName</ldap_name_attributes>
                <ldap_number_attributes perm="">telephoneNumber</ldap_number_attributes>
                <ldap_display_name perm="">%displayName</ldap_display_name>

                <gui_fkey1 perm="">keyevent F_DIRECTORY_SEARCH</gui_fkey1>
        </phone-settings>
</settings>

Snom300 - snom300-main.htm

<?xml version="1.0" encoding="utf-8"?>
<settings>
        <phone-settings>
                *** Other Settings ***

                <ldap_server perm="">***server_ip***</ldap_server>
                <ldap_port perm="">10389</ldap_port>
                <ldap_base perm="">dc=asterisk</ldap_base>
                <ldap_username perm="">asterisk</ldap_username>
                <ldap_max_hits perm="">25</ldap_max_hits>
                <ldap_search_filter perm="">(&(telephoneNumber=*)(displayName=%))</ldap_search_filter>
                <ldap_number_filter perm="">(&(telephoneNumber=%)(displayName=*))</ldap_number_filter>
                <ldap_name_attributes perm="">displayName</ldap_name_attributes>
                <ldap_number_attributes perm="">telephoneNumber</ldap_number_attributes>
                <ldap_display_name perm="">%displayName</ldap_display_name>

                <idle_cancel_key_action perm="">keyevent F_DIRECTORY_SEARCH</idle_cancel_key_action>
        </phone-settings>
        <functionKeys e="2">
                <fkey idx="3" context="active" label="" perm="">keyevent F_DIRECTORY_SEARCH</fkey>
        </functionKeys>
</settings>

Polycom SoundPoint IP - sip.cfg (must be firmware UC 4+)

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<localcfg>
  *** Other Settings ***

  <dir>
      <dir.corp
          dir.corp.address="ldap://***server_ip***"
          dir.corp.port="10389"
          dir.corp.transport="TCP"
          dir.corp.baseDN="dc=asterisk"
          dir.corp.scope="sub"
          dir.corp.filterPrefix=""
          dir.corp.user="uid=asterisk,dc=asterisk"
          dir.corp.pageSize="32"
          dir.corp.password="supersecret"
          dir.corp.cacheSize="128"
          dir.corp.leg.pageSize="8"
          dir.corp.leg.cacheSize="32"
          dir.corp.autoQuerySubmitTimeout="1"
          dir.corp.viewPersistence="0"
          dir.corp.leg.viewPersistence="0"
          dir.corp.sortControl="0">
          <dir.corp.attribute
              dir.corp.attribute.1.name="displayName"
              dir.corp.attribute.1.label="Display Name"
              dir.corp.attribute.1.type="first_name"
              dir.corp.attribute.1.searchable="1"
              dir.corp.attribute.1.filter=""
              dir.corp.attribute.1.sticky="0"
              dir.corp.attribute.2.name="telephoneNumber"
              dir.corp.attribute.2.label="phone number"
              dir.corp.attribute.2.type="phone_number"
              dir.corp.attribute.2.filter=""
              dir.corp.attribute.2.sticky="0"
              dir.corp.attribute.2.searchable="1">
          </dir.corp.attribute>
          <dir.corp.backGroundSync
              dir.corp.backGroundSync.period="3600">
          </dir.corp.backGroundSync>
          <dir.corp.vlv
              dir.corp.vlv.allow="1"
              dir.corp.vlv.sortOrder="displayName telephoneNumber">
          </dir.corp.vlv>
      </dir.corp>
  </dir>

  <feature feature.corporateDirectory.enabled="1"/>
  <softkey softkey.feature.directories="1"/>
</localcfg>

freepbx-ldap's People

Contributors

iamacarpet avatar marrold avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

Forkers

tatumza jcattan pxpxltd kaeferfreund 112358aalexx donfanning hsmm marrold l4b4r4b4b4 xvmvx webudogt iamacarpet

freepbx-ldap's Issues

Add license

Hi, if possible could you add a license to the project?

Thanks

Gigaset Problems

Hi everyone,

I just wanted to point out, that the "new" Gigaset DECT base-stations do not send a query-size when you want to see the details of a specific contact. This results in the querry size being 0 and the sql querry being empty...

Just in case someone is having the same issue.

freepbx-ldap should fail immediatly if it cannot connect to the database

sql.Open() doesn't actually attempt to open the Database, it only creates the object More info which means if credentials are wrong it will only fail the first time it tries to connect, i.e a phone queries the LDAP directory.

It looks like there is a small bug when calling sql.Ping() which should fail if it cannot connect immediately rather than waiting for an actual query.

PR incoming

structure error: superfluous leading zeros in length

Hello, I am not sure where to begin debugging this. However, when I am attempting to use an LDAP viewer on my computer, or connect my phones (two fanvil and two grandstream) I am getting the following output:
image

Text Version of Error

2021/04/16 19:38:39 Listening on :10389
2021/04/16 19:38:45 Connection client [1] from 192.168.4.25:57077 accepted
2021/04/16 19:38:45 Error reading Message : ReadLDAPMessage:
ReadSubBytes:
ParseTagAndLength: asn1: structure error: superfluous leading zeros in length
30840000004402011463840000003b04000a01000a0100020100020178010100870b6f626a656374636c6173733084000000170415737570706f727465644361706162696c6974696573
2021/04/16 19:40:45 Error reading Message : ReadLDAPMessage:
ReadSubBytes:
ParseTagAndLength: asn1: structure error: superfluous leading zeros in length
308400000006020115500114
2021/04/16 19:40:45 Error reading Message : ReadLDAPMessage:
ReadSubBytes:
ParseTagAndLength: asn1: structure error: superfluous leading zeros in length
30840000004602011663840000003d04000a01000a0100020100020178010100870b6f626a656374636c6173733084000000190417737570706f727465645341534c4d656368616e69736d73
2021/04/16 19:42:45 Error reading Message : ReadLDAPMessage:
ReadSubBytes:
ParseTagAndLength: asn1: structure error: superfluous leading zeros in length
308400000006020117500116
2021/04/16 19:42:45 Error reading Message : ReadLDAPMessage:
ReadSubBytes:
ParseTagAndLength: asn1: structure error: superfluous leading zeros in length
3084000000050201184200
2021/04/16 19:42:45 Error readMessagePacket: EOF
2021/04/16 19:42:45 client 1 close()
2021/04/16 19:42:45 client 1 close() - stop reading from client
2021/04/16 19:42:45 client 1 close() - Abandon signal sent to processors
2021/04/16 19:42:45 client [1] request processors ended
2021/04/16 19:42:45 client [1] connection closed

Steps used to debug:
  • I am using asterisk for the username as the password (since it doesn't matter according to the readme).
  • I have set the base as both asterisk and dc=asterisk
  • I have set LDAP version to both 2 and 3.
  • I have used both Simple and GSS-API authentication
  • SSL and TLS are both disabled
  • I am always using port 10389 and the firewall has been set to allow all connections to that port

Is this a setup issue or a software issue? What can I do to fix it?

ssh-bastion

Hi there,

checking the recommended install procedure, it states:

cp <ssh-bastion binary location> /opt/freepbx-ldap/freepbx-ldap

Is that correct? Is ssh-bastion required to be built? Or should it read freepbx-ldap binary?

Regards

Understanding the filters

Hi,

I'd love to be able to merge contacts from a CSV (Feature codes, external numbers etc).

I've got as far as reading from the file and inserting into the list returned to the phones, but I need to filter them based on the search query.

Could you provide any insight on the various filters in the code? In my mind it would be almost exclusively ((&(telephoneNumber=*)(displayName=%))) AND but the current code supports GE, LE etc. What are these used for?

Thanks

Mysql query does not works

Hello, good work.
I tested it on a raspbx. The ldap server works but the ldap query (with ldapsearch) does not return any result.
I tried to analize with wireshark the query executed by freebpx-ldap to mysql to localhost on localhost. Seems to be an answer without extensions.
Same query executed in mysql commad line client return a complete set.

This is the ldapsearch query:
ldapsearch -h 192.168.12.100:10389 -x -b 'dc=asterisk'

This is the output of freepbx-ldap:
2020/03/26 14:45:19 Listening on :10389
2020/03/26 14:45:21 Connection client [1] from : accepted
2020/03/26 14:45:21 <<< 1 - BindRequest - hex=&{300c020101600702010304008000}
2020/03/26 14:45:21 >>> 1 - BindResponse - hex=300c02010161070a010004000400
2020/03/26 14:45:21 <<< 1 - SearchRequest - hex=&{3030020102632b040b64633d617374657269736b0a01020a0100020100020100010100870b6f626a656374636c6173733000}
2020/03/26 14:45:21 
2020/03/26 14:45:21  ROUTE MATCH ; Search - Generic
2020/03/26 14:45:21 
2020/03/26 14:45:21 Request BaseDn=dc=asterisk
2020/03/26 14:45:21 Request Filter="objectclass"
2020/03/26 14:45:21 Request FilterString=(objectclass=*)
2020/03/26 14:45:21 Request Attributes=[]
2020/03/26 14:45:21 Request TimeLimit=0
2020/03/26 14:45:21 Request SizeLimit=0
2020/03/26 14:45:21 Searching without filter...
2020/03/26 14:45:21 Query SQL: SELECT name, extension FROM users ORDER BY name ASC LIMIT 0, ? []interface {}{0}
2020/03/26 14:45:21 >>> 1 - SearchResultDone - hex=300c02010265070a010004000400
2020/03/26 14:45:21 <<< 1 - UnbindRequest - hex=&{30050201034200}
2020/03/26 14:45:21 client 1 close()
2020/03/26 14:45:21 client 1 close() - stop reading from client
2020/03/26 14:45:21 client 1 close() - Abandon signal sent to processors
2020/03/26 14:45:21 client [1] request processors ended
2020/03/26 14:45:21 client [1] connection closed

And this is what I see in wireshark:
00000000 62 00 00 00 0a 35 2e 35 2e 35 2d 31 30 2e 31 2e b....5.5 .5-10.1.
00000010 33 38 2d 4d 61 72 69 61 44 42 2d 30 2b 64 65 62 38-Maria DB-0+deb
00000020 39 75 31 00 7d 03 00 00 3b 32 28 72 2a 76 37 4d 9u1.}... ;2(r*v7M
00000030 00 ff f7 2d 02 00 3f a0 15 00 00 00 00 00 00 00 ...-..?. ........
00000040 00 00 00 5c 68 74 30 30 40 2f 6c 52 38 5e 51 00 ...\ht00 @/lR8^Q.
00000050 6d 79 73 71 6c 5f 6e 61 74 69 76 65 5f 70 61 73 mysql_na tive_pas
00000060 73 77 6f 72 64 00 sword.
00000000 45 00 00 01 8d a2 0a 00 00 00 00 00 2d 00 00 00 E....... ....-...
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00000020 00 00 00 00 72 6f 6f 74 00 00 61 73 74 65 72 69 ....root ..asteri
00000030 73 6b 00 6d 79 73 71 6c 5f 6e 61 74 69 76 65 5f sk.mysql native
00000040 70 61 73 73 77 6f 72 64 00 password .
00000066 07 00 00 02 00 00 00 02 00 00 00 ........ ...
00000049 3e 00 00 00 16 53 45 4c 45 43 54 20 6e 61 6d 65 >....SEL ECT name
00000059 2c 20 65 78 74 65 6e 73 69 6f 6e 20 46 52 4f 4d , extens ion FROM
00000069 20 75 73 65 72 73 20 20 20 4f 52 44 45 52 20 42 users ORDER B
00000079 59 20 6e 61 6d 65 20 41 53 43 20 4c 49 4d 49 54 Y name A SC LIMIT
00000089 20 3f ?
00000071 0c 00 00 01 00 01 00 00 00 02 00 01 00 00 00 00 ........ ........
00000081 17 00 00 02 03 64 65 66 00 00 00 01 3f 00 0c 3f .....def ....?..?
00000091 00 00 00 00 00 fd 80 00 00 00 00 05 00 00 03 fe ........ ........
000000A1 00 00 02 00 30 00 00 04 03 64 65 66 08 61 73 74 ....0... .def.ast
000000B1 65 72 69 73 6b 05 75 73 65 72 73 05 75 73 65 72 erisk.us ers.user
000000C1 73 04 6e 61 6d 65 04 6e 61 6d 65 0c 2d 00 c8 00 s.name.n ame.-...
000000D1 00 00 fd 00 00 00 00 00 3a 00 00 05 03 64 65 66 ........ :....def
000000E1 08 61 73 74 65 72 69 73 6b 05 75 73 65 72 73 05 .asteris k.users.
000000F1 75 73 65 72 73 09 65 78 74 65 6e 73 69 6f 6e 09 users.ex tension.
00000101 65 78 74 65 6e 73 69 6f 6e 0c 2d 00 50 00 00 00 extensio n.-.P...
00000111 fd 09 40 00 00 00 05 00 00 06 fe 00 00 02 00 ..@..... .......
0000008B 16 00 00 00 17 01 00 00 00 00 01 00 00 00 00 01 ........ ........
0000009B 08 00 00 00 00 00 00 00 00 00 ........ ..
00000120 01 00 00 01 02 30 00 00 02 03 64 65 66 08 61 73 .....0.. ..def.as
00000130 74 65 72 69 73 6b 05 75 73 65 72 73 05 75 73 65 terisk.u sers.use
00000140 72 73 04 6e 61 6d 65 04 6e 61 6d 65 0c 2d 00 c8 rs.name. name.-..
00000150 00 00 00 fd 00 00 00 00 00 3a 00 00 03 03 64 65 ........ .:....de
00000160 66 08 61 73 74 65 72 69 73 6b 05 75 73 65 72 73 f.asteri sk.users
00000170 05 75 73 65 72 73 09 65 78 74 65 6e 73 69 6f 6e .users.e xtension
00000180 09 65 78 74 65 6e 73 69 6f 6e 0c 2d 00 50 00 00 .extensi on.-.P..
00000190 00 fd 09 40 00 00 00 05 00 00 04 fe 00 00 02 00 ...@.... ........
000001A0 05 00 00 05 fe 00 00 02 00 ........ .
000000A5 05 00 00 00 19 01 00 00 00 ........ .

There is no extension namber/name in the answers.

I'm not very confident with go lang. How could I try to debug?

Thank you

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.