Configurando o Asterisk com autenticação LDAP

O Asterisk é um PBX VoIP capaz de integrar-se com a telefonia convencional. Esse tutorial tem como finalidade auxiliar na configuração do Asterisk utilizando como base de dados o serviço de diretórios LDAP.

[ Hits: 65.050 ]

Por: Fabrício Rodrigo em 22/06/2010


Configurando LDAP



6) Criando o schema:

Para adaptar o LDAP ao Asterisk é necessário a inclusão do schema Asterisk. Para isso deve ser criado o arquivo asterisk.schema dentro do diretório "/etc/ldap/schema/" e adicionado o conteúdo abaixo:

Obs.: O arquivo pode ser encontrado dentro do código fonte do Asterisk (asterisk-1.6.2.7/contrib/scripts/asterisk.ldap-schema). Versões anteriores do asterisk.schema estão incompletas e podem apresentar problemas de incompatibilidade.

# #
# #
# Copyright (c) 2007-2009 Suretec Systems Ltd. - <http://www.suretecsystems.com/>
#
# Version: 3.2.2
#
# Changes:

# - Added AsteriskDialplan, AsteriskAccount and AsteriskMailbox objectClasses
#   to allow standalone dialplan, account and mailbox entries (STRUCTURAL)
# - Added new Fields
#   * AstAccountLanguage, AstAccountTransport, AstAccountPromiscRedir,
#   * AstAccountAccountCode, AstAccountSetVar, AstAccountAllowOverlap,
#   * AstAccountVideoSupport, AstAccountIgnoreSDPVersion    
#   Removed redundant IPaddr (there's already IPAddress)
# - Fixed typo - 13/08/2009
# - https://issues.asterisk.org/view.php?id=13725 - 12/08/2009
# - Added AsteriskVoiceMail Object class and AstAccountCallLimit attribute - 28/05/2009
#   https://issues.asterisk.org/view.php?id=15155
# - Added AstAccountLastQualifyMilliseconds - 28/05/2009
#   https://issues.asterisk.org/view.php?id=15156
# - http://bugs.digium.com/view.php?id=12860 - 04/07/2008
# - Fixed wrong DESC - 07/05/2008
#
# Author: Gavin Henry - <ghenry@suretecsystems.com>
#         Michael Kromer - <medozas@medozas.de>
#
# Asterisk LDAP Schema
#
# Digium root OID (http://www.iana.org/assignments/enterprise-numbers)
#
#  1.3.6.1.4.1.22736
#  1.3.6.1.4.1.22736.5      LDAP elements
#  1.3.6.1.4.1.22736.5.4    Attribute Types
#  1.3.6.1.4.1.22736.5.5    Object Classes
#

objectIdentifier AsteriskRoot 1.3.6.1.4.1.22736
objectIdentifier AsteriskLDAP AsteriskRoot:5

#
# Attribute group OIDs.  e.g.: objectIdentifier AstAttrType AsteriskLDAP:4
#
objectIdentifier AstAttrType AsteriskLDAP:4

#
# Attribute OIDs e.g.: objectIdentifier AstContext AstAttrType:1
#
objectIdentifier AstContext AstAttrType:1
objectIdentifier AstExtension AstAttrType:2
objectIdentifier AstPriority AstAttrType:3
objectIdentifier AstApplication AstAttrType:4
objectIdentifier AstApplicationData AstAttrType:5
objectIdentifier AstAccountAMAFlags AstAttrType:6
objectIdentifier AstAccountCallerID AstAttrType:7
objectIdentifier AstAccountContext AstAttrType:8
objectIdentifier AstAccountMailbox AstAttrType:9
objectIdentifier AstMD5secret AstAttrType:10
objectIdentifier AstAccountDeny AstAttrType:11
objectIdentifier AstAccountPermit AstAttrType:12
objectIdentifier AstAccountQualify AstAttrType:13
objectIdentifier AstAccountType AstAttrType:14
objectIdentifier AstAccountDisallowedCodec AstAttrType:15
objectIdentifier AstAccountExpirationTimestamp AstAttrType:16
objectIdentifier AstAccountRegistrationContext AstAttrType:17
objectIdentifier AstAccountRegistrationExten AstAttrType:18
objectIdentifier AstAccountNoTransfer AstAttrType:19
objectIdentifier AstAccountCallGroup AstAttrType:20
objectIdentifier AstAccountCanReinvite AstAttrType:21
objectIdentifier AstAccountDTMFMode AstAttrType:22
objectIdentifier AstAccountFromUser AstAttrType:23
objectIdentifier AstAccountFromDomain AstAttrType:24
objectIdentifier AstAccountFullContact AstAttrType:25
objectIdentifier AstAccountHost AstAttrType:26
objectIdentifier AstAccountInsecure AstAttrType:27
objectIdentifier AstAccountNAT AstAttrType:28
objectIdentifier AstAccountPickupGroup AstAttrType:29
objectIdentifier AstAccountPort AstAttrType:30
objectIdentifier AstAccountRestrictCID AstAttrType:31
objectIdentifier AstAccountRTPTimeout AstAttrType:32
objectIdentifier AstAccountRTPHoldTimeout AstAttrType:33
objectIdentifier AstAccountRealmedPassword AstAttrType:34
objectIdentifier AstAccountAllowedCodec AstAttrType:35
objectIdentifier AstAccountMusicOnHold AstAttrType:36
objectIdentifier AstAccountCanCallForward AstAttrType:37
objectIdentifier AstAccountSecret AstAttrType:38
objectIdentifier AstAccountName AstAttrType:39
objectIdentifier AstConfigFilename AstAttrType:40
objectIdentifier AstConfigCategory AstAttrType:41
objectIdentifier AstConfigCategoryMetric AstAttrType:42
objectIdentifier AstConfigVariableName AstAttrType:43
objectIdentifier AstConfigVariableValue AstAttrType:44
objectIdentifier AstConfigCommented AstAttrType:45
objectIdentifier AstAccountIPAddress AstAttrType:46
objectIdentifier AstAccountDefaultUser AstAttrType:47
objectIdentifier AstAccountRegistrationServer AstAttrType:48
objectIdentifier AstAccountLastQualifyMilliseconds AstAttrType:49
objectIdentifier AstAccountCallLimit AstAttrType:50
objectIdentifier AstVoicemailMailbox AstAttrType:51
objectIdentifier AstVoicemailPassword AstAttrType:52
objectIdentifier AstVoicemailFullname AstAttrType:53
objectIdentifier AstVoicemailEmail AstAttrType:54
objectIdentifier AstVoicemailPager AstAttrType:55
objectIdentifier AstVoicemailOptions AstAttrType:56
objectIdentifier AstVoicemailTimestamp AstAttrType:57
objectIdentifier AstVoicemailContext AstAttrType:58
objectIdentifier AstAccountSubscribeContext AstAttrType:59
objectIdentifier AstAccountUserAgent AstAttrType:61
objectIdentifier AstAccountLanguage AstAttrType:62
objectIdentifier AstAccountTransport AstAttrType:63
objectIdentifier AstAccountPromiscRedir AstAttrType:64
objectIdentifier AstAccountAccountCode AstAttrType:65
objectIdentifier AstAccountSetVar AstAttrType:66
objectIdentifier AstAccountAllowOverlap AstAttrType:67
objectIdentifier AstAccountVideoSupport AstAttrType:68
objectIdentifier AstAccountIgnoreSDPVersion AstAttrType:69


#
# Object Class OIDs
#
objectIdentifier AstObjectClass AsteriskLDAP:2
objectIdentifier AsteriskExtension AstObjectClass:1
objectIdentifier AsteriskIAXUser AstObjectClass:2
objectIdentifier AsteriskSIPUser AstObjectClass:3
objectIdentifier AsteriskConfig AstObjectClass:4
objectIdentifier AsteriskVoiceMail AstObjectClass:5
objectIdentifier AsteriskDialplan AstObjectClass:6
objectIdentifier AsteriskAccount AstObjectClass:7
objectIdentifier AsteriskMailbox AstObjectClass:8


#
# attribute definitions
#
# OID (the first arg) comes from the objectIdentifier defined above
#
# NAME should be the same as objectIdentifier
#
# DESC should be the description of the attribute
#
# EQUALITY is the rule to use when doing a search/compare for an
# attribute value.
#
# SUBSTR is the rule to use when doing a substring search (*foo*)
#
# SYNTAX is the syntax (i.e., type) of the attribute. We should
# probably stick to syntaxes:
#
#       1.3.6.1.4.1.1466.115.121.1.15   -> directoryString (UTF-8 string)
#       1.3.6.1.4.1.1466.115.121.1.26   -> IA5String (ASCII String)
#       1.3.6.1.4.1.1466.115.121.1.27   -> integer (Integer value)
#
# SINGLE-VALUE should be present if only one instance of this
# attribute is allowed within an entry.
#
# {32} is the allowed length
#
# e.g.:
#
# attributetype ( AstExample
#    NAME ( 'AstExample' )
#    DESC 'Asterisk Example Attribute'
#    EQUALITY caseIgnoreMatch
#    SUBSTR caseIgnoreSubstringsMatch
#    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32}
#    SINGLE-VALUE )
#
#

attributetype ( AstContext
        NAME 'AstContext'
        DESC 'Asterisk Context'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstExtension
        NAME 'AstExtension'
        DESC 'Asterisk Extension'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
        
attributetype ( AstPriority
        NAME 'AstPriority'
        DESC 'Asterisk Priority'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstApplication
        NAME 'AstApplication'
        DESC 'Asterisk Application'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstApplicationData
        NAME 'AstApplicationData'
        DESC 'Asterisk Application Data'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
        
attributetype ( AstAccountAMAFlags
        NAME 'AstAccountAMAFlags'
        DESC 'Asterisk Account AMA Flags'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountCallerID
        NAME 'AstAccountCallerID'
        DESC 'Asterisk Account CallerID'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountContext
        NAME 'AstAccountContext'
        DESC 'Asterisk Account Context'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
        
attributetype ( AstAccountMailbox
        NAME 'AstAccountMailbox'
        DESC 'Asterisk Account Mailbox'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstMD5secret
        NAME 'AstMD5secret'
        DESC 'Asterisk Account MD5 Secret'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountDeny
        NAME 'AstAccountDeny'
        DESC 'Asterisk Account Deny'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountPermit
        NAME 'AstAccountPermit'
        DESC 'Asterisk Account Permit'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
        
attributetype ( AstAccountQualify
        NAME 'AstAccountQualify'
        DESC 'Asterisk Account Qualify'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountType
        NAME 'AstAccountType'
        DESC 'Asterisk Account Type'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountDisallowedCodec
        NAME 'AstAccountDisallowedCodec'
        DESC 'Asterisk Account Disallowed Codec'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountExpirationTimestamp
        NAME 'AstAccountExpirationTimestamp'
        DESC 'Asterisk Account Expiration Timestamp'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountRegistrationContext
        NAME 'AstAccountRegistrationContext'
        DESC 'Asterisk Account Registration Context'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountRegistrationExten
        NAME 'AstAccountRegistrationExten'
        DESC 'Asterisk Account Registration Extension'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountNoTransfer
        NAME 'AstAccountNoTransfer'
        DESC 'Asterisk Account No Transfer'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
        
attributetype ( AstAccountCallGroup
        NAME 'AstAccountCallGroup'
        DESC 'Asterisk Account Call Group'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountCanReinvite
        NAME 'AstAccountCanReinvite'
        DESC 'Asterisk Account Can Reinvite'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
    
attributetype ( AstAccountDTMFMode
        NAME 'AstAccountDTMFMode'
        DESC 'Asterisk Account DTMF Flags'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
            
attributetype ( AstAccountFromUser
        NAME 'AstAccountFromUser'
        DESC 'Asterisk Account From User'
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
        
attributetype ( AstAccountFromDomain
        NAME 'AstAccountFromDomain'
        DESC 'Asterisk Account From Domain'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
        
attributetype ( AstAccountFullContact
        NAME 'AstAccountFullContact'
        DESC 'Asterisk Account Full Contact'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountHost
        NAME 'AstAccountHost'
        DESC 'Asterisk Account Host'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountInsecure
        NAME 'AstAccountInsecure'
        DESC 'Asterisk Account Insecure'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountNAT
        NAME 'AstAccountNAT'
        DESC 'Asterisk Account NAT'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
      
attributetype ( AstAccountPickupGroup
        NAME 'AstAccountPickupGroup'
        DESC 'Asterisk Account PickupGroup'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
      
attributetype ( AstAccountPort
        NAME 'AstAccountPort'
        DESC 'Asterisk Account Port'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
      
attributetype ( AstAccountRestrictCID
        NAME 'AstAccountRestrictCID'
        DESC 'Asterisk Account Restrict CallerID'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
            
attributetype ( AstAccountRTPTimeout
        NAME 'AstAccountRTPTimeout'
        DESC 'Asterisk Account RTP Timeout'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
      
attributetype ( AstAccountRTPHoldTimeout
        NAME 'AstAccountRTPHoldTimeout'
        DESC 'Asterisk Account RTP Hold Timeout'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
      
attributetype ( AstAccountRealmedPassword
        NAME 'AstAccountRealmedPassword'
        DESC 'Asterisk Account Realmed Password'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountAllowedCodec
        NAME 'AstAccountAllowedCodec'
        DESC 'Asterisk Account Allowed Codec'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountMusicOnHold
        NAME 'AstAccountMusicOnHold'
        DESC 'Asterisk Account Music On Hold'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountCanCallForward
        NAME 'AstAccountCanCallForward'
        DESC 'Asterisk Account Can Call Forward'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountSecret
        NAME 'AstAccountSecret'
        DESC 'Asterisk Account Secret'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
          
attributetype ( AstAccountName
        NAME 'AstAccountName'
        DESC 'Asterisk Account Username'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstConfigFilename
        NAME 'AstConfigFilename'
        DESC 'Asterisk LDAP Configuration Filename'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstConfigCategory
        NAME 'AstConfigCategory'
        DESC 'Asterisk LDAP Configuration Category'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstConfigCategoryMetric
        NAME 'AstConfigCategoryMetric'
        DESC 'Asterisk LDAP Configuration Category Metric'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstConfigVariableName
        NAME 'AstConfigVariableName'
        DESC 'Asterisk LDAP Configuration Variable Name'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstConfigVariableValue
        NAME 'AstConfigVariableValue'
        DESC 'Asterisk LDAP Configuration Variable Value'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstConfigCommented
        NAME 'AstConfigCommented'
        DESC 'Asterisk LDAP Configuration Commented'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountIPAddress
        NAME 'AstAccountIPAddress'
        DESC 'Asterisk Account IP Address'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
          
attributetype ( AstAccountDefaultUser
        NAME 'AstAccountDefaultUser'
        DESC 'Asterisk Account Default User'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountRegistrationServer
        NAME 'AstAccountRegistrationServer'
        DESC 'Asterisk Account Registration Server'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountLastQualifyMilliseconds
        NAME 'AstAccountLastQualifyMilliseconds'
        DESC 'Asterisk Account Last Qualify Milliseconds'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountCallLimit
        NAME 'AstAccountCallLimit'
        DESC 'Asterisk Account Call Limit'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstVoicemailMailbox
        NAME 'AstVoicemailMailbox'
        DESC 'Asterisk voicemail mailbox'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstVoicemailPassword
        NAME 'AstVoicemailPassword'
        DESC 'Asterisk voicemail password'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstVoicemailFullname
        NAME 'AstVoicemailFullname'
        DESC 'Asterisk voicemail fullname'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstVoicemailEmail
        NAME 'AstVoicemailEmail'
        DESC 'Asterisk voicemail email'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstVoicemailPager
        NAME 'AstVoicemailPager'
        DESC 'Asterisk voicemail pager'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstVoicemailOptions
        NAME 'AstVoicemailOptions'
        DESC 'Asterisk voicemail options'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstVoicemailTimestamp
        NAME 'AstVoicemailTimestamp'
        DESC 'Asterisk voicemail timestamp'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstVoicemailContext
        NAME 'AstVoicemailContext'
        DESC 'Asterisk voicemail context'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountSubscribeContext
        NAME 'AstAccountSubscribeContext'
        DESC 'Asterisk subscribe context'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountUserAgent
        NAME 'AstAccountUserAgent'
        DESC 'Asterisk account user context'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountLanguage
        NAME 'AstAccountLanguage'
        DESC 'Asterisk account user language'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountTransport
        NAME 'AstAccountTransport'
        DESC 'Asterisk account transport type'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountPromiscRedir
        NAME 'AstAccountPromiscRedir'
        DESC 'Asterisk account promiscous redirects'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountAccountCode
        NAME 'AstAccountAccountCode'
        DESC 'Asterisk account billing code'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountSetVar
        NAME 'AstAccountSetVar'
        DESC 'Asterisk account setvar'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountAllowOverlap
        NAME 'AstAccountAllowOverlap'
        DESC 'Asterisk account allow overlap dialing'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountVideoSupport
        NAME 'AstAccountVideoSupport'
        DESC 'Asterisk account video support'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

attributetype ( AstAccountIgnoreSDPVersion
        NAME 'AstAccountIgnoreSDPVersion'
        DESC 'Asterisk account ignore SDP version'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)

#
# Object Class definitions
#
# This is where to define the object classes. Object classes are used
# to define which attribute MAY (optional) or MUST (required) belong
# to an entry.
#
# Classes can be AUXILIARY or STRUCTURAL. An entry in the directory
# must have one and only one structural class, but can have many
# AUXILIARY classes.
#
#

objectclass ( AsteriskExtension
    NAME 'AsteriskExtension'
    DESC 'PBX Extension Information for Asterisk'
    SUP top AUXILIARY
    MUST cn
    MAY (
        AstContext $
        AstExtension $
        AstPriority $
        AstApplication $
        AstApplicationData
    )
    )

#
#
# AsteriskIAXUser and AsteriskSIPUser extend AsteriskExtension. These
# represent real accounts in Asterisk.
#
# NOTE: They are defined as AUXILIARY in case they need to be mixed with an
# existing directory deployment.
#
#
        
objectclass ( AsteriskIAXUser
    NAME 'AsteriskIAXUser'
    DESC 'IAX2 User information for Asterisk'
    SUP AsteriskExtension AUXILIARY
    MUST cn
    MAY (
        AstAccountAMAFlags $
        AstAccountCallerID $
        AstAccountContext $
        AstAccountFullContact $
        AstAccountHost $
        AstAccountMailbox $
        AstMD5secret $
        AstAccountDeny $
        AstAccountPermit $
        AstAccountPort $
        AstAccountQualify $
        AstAccountType $
        AstAccountLanguage $
        AstAccountDisallowedCodec $
        AstAccountExpirationTimestamp $
        AstAccountRegistrationContext $
        AstAccountRegistrationExten $
        AstAccountNoTransfer $
        AstAccountName $
        AstAccountLastQualifyMilliseconds $
        AstAccountCallLimit $
        AstAccountSubscribeContext $
        AstAccountIPAddress $
        AstAccountUserAgent      
    )
    )
      
objectclass ( AsteriskSIPUser
    NAME 'AsteriskSIPUser'
    DESC 'SIP User information for Asterisk'
    SUP AsteriskExtension AUXILIARY
    MUST cn
    MAY (
        AstAccountAccountCode $
        AstAccountAllowOverlap $
        AstAccountAllowedCodec $
        AstAccountAMAFlags $
        AstAccountCallGroup $
        AstAccountCallLimit $
        AstAccountCallerID $
        AstAccountCanCallForward $
        AstAccountCanReinvite $
        AstAccountContext $
        AstAccountDTMFMode $
        AstAccountDefaultUser $
        AstAccountDeny $
        AstAccountDisallowedCodec $
        AstAccountExpirationTimestamp $
        AstAccountFromDomain $    
        AstAccountFromUser $
        AstAccountFullContact $
        AstAccountHost $
        AstAccountIgnoreSDPVersion $  
        AstAccountInsecure $  
        AstAccountIPAddress $
        AstAccountLanguage $
        AstAccountLastQualifyMilliseconds $
        AstAccountMailbox $    
        AstAccountMusicOnHold $
        AstAccountNAT $
        AstAccountName $
        AstAccountPermit $
        AstAccountPickupGroup $
        AstAccountPort $
        AstAccountPromiscRedir $
        AstAccountQualify $
        AstAccountRTPHoldTimeout $
        AstAccountRTPTimeout $
        AstAccountRealmedPassword $
        AstAccountRegistrationContext $
        AstAccountRegistrationExten $
        AstAccountRegistrationServer $
        AstAccountRestrictCID $
        AstAccountSecret $
        AstAccountSetVar $
        AstAccountSubscribeContext $
        AstAccountTransport $
        AstAccountType $
        AstAccountUserAgent $  
        AstAccountVideoSupport
    )
    )

#
#
# AsteriskConfig and AsteriskVoiceMail extend AsteriskExtension. These
# represent real accounts in Asterisk.
#
# NOTE: They are defined as AUXILIARY in case they need to be mixed with an
# existing directory deployment.
#
#
        
objectclass ( AsteriskConfig
    NAME 'AsteriskConfig'
    DESC 'Asterisk configuration Information'
    SUP top AUXILIARY
    MUST cn
    MAY (
        AstConfigFilename $
        AstConfigCategory $
        AstConfigCategoryMetric $
        AstConfigVariableName $
        AstConfigVariableValue $
        AstConfigCommented
    )
    )

objectclass ( AsteriskVoiceMail
    NAME 'AsteriskVoiceMail'
    DESC 'Asterisk voicemail information'
    SUP top AUXILIARY
    MUST (
    cn $
    AstContext $
    AstVoicemailMailbox $
    AstVoicemailPassword
    )
    MAY (
    AstVoicemailFullname $
    AstVoicemailEmail $
    AstVoicemailPager $
    AstVoicemailOptions $
    AstVoicemailTimestamp $
    AstVoicemailContext
    )
    )

objectClass (
   AsteriskDialplan
   NAME 'AsteriskDialplan'
   DESC 'Asterisk Dialplan Information'
   SUP top STRUCTURAL
   MUST ( AstExtension ) )

objectClass (
   AsteriskAccount
   NAME 'AsteriskAccount'
   DESC 'Asterisk Account Information'
   SUP top STRUCTURAL
   MUST ( AstAccountName ) )

objectClass (
   AsteriskMailbox
   NAME 'AsteriskMailbox'
   DESC 'Asterisk Mailbox Information'
   SUP top STRUCTURAL
   MUST ( AstVoicemailMailbox ) )

7) Adicionando o schema Asterisk ao LDAP

Para inserir o schema ao LDAP é necessário referenciar o schema no arquivo de configuração do LDAP "/etc/ldap/ldap.conf", incluindo a seguinte linha:

include         /etc/ldap/schema/asterisk.schema

Página anterior     Próxima página

Páginas do artigo
   1. Instalação do Asterisk com suporte ao LDAP
   2. Integrando o Asterisk ao LDAP
   3. Configurando LDAP
   4. Povoando LDAP
   5. Testando conexão com LDAP
   6. Instalando e configurando o cliente VoIP
Outros artigos deste autor

Instalação e configuração do Bacula com interface web (Bweb/Brestore)

Webacula - Instalação e Configuração no Ubuntu 10.04

Instalação e configuração do Snort Inline (modo IPS), Baynard2, Mysql e PulledPork no Debian Squeeze

Leitura recomendada

Colocando seu Fluxbox totalmente transparente

Configurando Nocat + Radius modo passive

Recuperando e/ou adaptando o GRUB do Sabayon Linux

Passo a passo: Fedora autenticando usuários no Active Directory

PHP5 + Apache2 no Ubuntu 7.04, com suporte ao MySQL e SQL Server

  
Comentários
[1] Comentário enviado por removido em 22/06/2010 - 11:03h

Alguem consegue me explicar oque é LDAP, por que parece isso não entra na minha cabeça.

[2] Comentário enviado por m4sk4r4 em 22/06/2010 - 14:57h

Bom o Artigo, já tem algum tempo que tenho tentado integrar o asterisk a uma base LDAP mas
não tinha sucesso, principalmente quando se tratava do schema do Asterisk para LDAP apresentava
incompatibilidade.

Vou testar seu artigo depois e ver como se comporta essa integração.

Me tire uma dúvida, numa base LDAP onde temos o Samba integrado como controlador de domínio
e onde os usuários modificam a senha através do windows pelo ctrl+alt+del, teriamos alguma forma
de utilizar a mesma senha de logon para as contas sip?

Abraço e Parabéns!!!

[3] Comentário enviado por renato_pacheco em 22/06/2010 - 21:48h

Poutz, mano! Muito fera o lance da integração do LDAP + Asterisk. Não sabia q isso era possível! Eu ainda não sei como faço pra instalar e fazer o Asterisk funcionar, mas o LDAP eu já aprendi anteriormente como se faz. Tem algum tuto ou algo semelhante q vc possa me passar sobre Asterisk? Add aos favoritos!!!

[4] Comentário enviado por fabriciorodrigo em 23/06/2010 - 08:29h

m4sk4r4, tecnicamente falando creio que tenha como fazer essa integração. No tópico 5, quando é mapeada as variáveis do asterisk para o LDAP,, é utilizado o mesmo login cn para identificação dos usuários, ou seja, com o login não teria problema. Porém o asterisk tem um atributo no schema responsável palo armazenamento da senha de acesso, que é o "AstAccountRealmedPassword".

Nessa situação que você me colocou, acho que existem duas possibilidades:
1. Fazer um script paralelo que quando o atributo de senha do usuário no samba é alterado, automaticamente seja alterado o atributo referente a senha no asterisk.
2. Alterar o mapa de variáveis direcionando o atributo de senha do asterisk para o correspondente no samba.

Tecnicamente falando creio que funcione, mas só testando mesmo pra saber. Se poder colaborar de alguma forma, fico a disposição.


renato, tem muita coisa na rede sobre o asterisk, tem algumas referências (as mais relevantes) no final do tutorial. Mais algumas interessantes são:
http://mestreasterisk.com.br/
http://www.dicas-l.com.br/dicas-l/20091213.php
http://www.asteriskonline.com.br
http://www.anderson.com.pt/asterisk-html
http://www.vivaolinux.com.br/artigo/Asterisk-O-PBX-de-codigo-aberto/




[5] Comentário enviado por fabriciorodrigo em 23/06/2010 - 08:33h

Victor, em poucas palavras, o LDAP é um "banco de dados" organizado de forma hierarquica. Tem muita coisa na rede sobre.

[6] Comentário enviado por thyago162 em 09/07/2015 - 10:03h

Otimo tutorial, porém to encontrando um problema. Quando vou cadastrar o usuário no softphone seja Zoipe ou X-litle, no terminal do asterisk está aparecendo "wrong password". Eu vi no arquivo res_ldap.conf que a senha tem que ser em MD5, mesmo gerando o MD5 e colocando a senha ele continua dando este erro. Alguma ideia?


Contribuir com comentário




Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts