forked from SimplesIP/pabx-app
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
198 lines
6.9 KiB
198 lines
6.9 KiB
; |
|
; Configuration file for res_config_ldap |
|
; |
|
|
|
; Realtime configuration |
|
; ---------------------- |
|
; In order to use this module, you start |
|
; in extconfig.conf with a configuration like this: |
|
; |
|
; sippeers = ldap,"dc=myDomain,dc=myDomainExt",sip |
|
; extensions = ldap,"dc=myDomain,dc=myDomainExt",extensions |
|
; sip.conf = ldap,"dc=myDomain,dc=myDomainExt",config |
|
; |
|
; In the case of LDAP the last keyword in each line above specifies |
|
; a section in this file. |
|
; |
|
; LDAP schema and ldif files can be located in contrib/scripts. |
|
|
|
; TLS support |
|
; ----------- |
|
; Note that you can configure an ldaps: url here to get TLS support. |
|
; Detailed configuration of certificates and supported CAs is done in your |
|
; ldap.conf file for OpenLDAP clients on your system. |
|
; This requires that you have OpenLDAP libraries compiled with TLS support |
|
|
|
; ********************************************************************************* |
|
; NOTE: res_ldap.conf should be chmod 600 because it contains the plain-text LDAP |
|
; password to an account with WRITE access to the asterisk configuration. |
|
; ********************************************************************************* |
|
|
|
[_general] |
|
; |
|
; Specify one of either host and port OR url. URL is preferred, as you can |
|
; use more options. |
|
;host=192.168.1.1 ; LDAP host |
|
;port=389 |
|
;url=ldap://ldap3.mydomain.com:3890 |
|
;protocol=3 ; Version of the LDAP protocol to use; default is 3. |
|
;basedn=dc=example,dc=tld ; Base DN |
|
;user=cn=asterisk,dc=example,dc=tld ; Bind DN |
|
;pass=MyPassword ; Bind password |
|
|
|
; Configuration Table |
|
[config] |
|
; |
|
; additionalFilter - This specifies an additional set of criteria to be used |
|
; when querying the LDAP server. |
|
; |
|
additionalFilter=(objectClass=AstConfig) |
|
; |
|
; Attributes mapping (asterisk variable name = ldap attribute name) |
|
; When Asterisk requests the variable by the name of the value on the left, |
|
; this module will look up the attribute listed on the right. |
|
; |
|
filename = AstConfigFilename |
|
category = AstConfigCategory |
|
variable_name = AstConfigVariableName |
|
variable_value = AstConfigVariableValue |
|
cat_metric = AstConfigCategoryMetric |
|
commented = AstConfigCommented |
|
|
|
; |
|
; Extensions Table |
|
; |
|
[extensions] |
|
context = AstExtensionContext |
|
exten = AstExtensionExten |
|
priority = AstExtensionPriority |
|
app = AstExtensionApplication |
|
appdata = AstExtensionApplicationData |
|
additionalFilter=(objectClass=AstExtension) |
|
|
|
; |
|
; Sip Users Table |
|
; |
|
[sip] |
|
name = cn ; We use the "cn" as the default value for name on the line above |
|
; because objectClass=AsteriskSIPUser does not include a uid as an allowed field |
|
; If your entry combines other objectClasses and uid is available, you may |
|
; prefer to change the line to be name = uid, especially if your LDAP entries |
|
; contain spaces in the cn field. |
|
; You may also find it appropriate to use something completely different. |
|
; This is possible by changing the line above to name = AstAccountName (or whatever you |
|
; prefer). |
|
; |
|
amaflags = AstAccountAMAFlags |
|
callgroup = AstAccountCallGroup |
|
callerid = AstAccountCallerID |
|
directmedia = AstAccountDirectMedia |
|
context = AstAccountContext |
|
dtmfmode = AstAccountDTMFMode |
|
fromuser = AstAccountFromUser |
|
fromdomain = AstAccountFromDomain |
|
fullcontact = AstAccountFullContact |
|
fullcontact = gecos |
|
host = AstAccountHost |
|
insecure = AstAccountInsecure |
|
mailbox = AstAccountMailbox |
|
md5secret = AstAccountRealmedPassword ; Must be an MD5 hash. Field value can start with |
|
; {md5} but it is not required. |
|
; Generate the password via the md5sum command, e.g. |
|
; echo "my_password" | md5sum |
|
nat = AstAccountNAT |
|
deny = AstAccountDeny |
|
permit = AstAccountPermit |
|
pickupgroup = AstAccountPickupGroup |
|
port = AstAccountPort |
|
qualify = AstAccountQualify |
|
restrictcid = AstAccountRestrictCID |
|
rtptimeout = AstAccountRTPTimeout |
|
rtpholdtimeout = AstAccountRTPHoldTimeout |
|
type = AstAccountType |
|
disallow = AstAccountDisallowedCodec |
|
allow = AstAccountAllowedCodec |
|
MusicOnHold = AstAccountMusicOnHold |
|
regseconds = AstAccountExpirationTimestamp |
|
regcontext = AstAccountRegistrationContext |
|
regexten = AstAccountRegistrationExten |
|
CanCallForward = AstAccountCanCallForward |
|
ipaddr = AstAccountIPAddress |
|
defaultuser = AstAccountDefaultUser |
|
regserver = AstAccountRegistrationServer |
|
lastms = AstAccountLastQualifyMilliseconds |
|
supportpath = AstAccountPathSupport |
|
additionalFilter=(objectClass=AsteriskSIPUser) |
|
|
|
; |
|
; IAX Users Table |
|
; |
|
[iax] |
|
amaflags = AstAccountAMAFlags |
|
callerid = AstAccountCallerID |
|
context = AstAccountContext |
|
fullcontact = AstAccountFullContact |
|
fullcontact = gecos |
|
host = AstAccountHost |
|
mailbox = AstAccountMailbox |
|
md5secret = AstAccountRealmedPassword ; Must be an MD5 hash. Field value can start with |
|
; {md5} but it is not required. |
|
; Generate the password via the md5sum command, e.g. |
|
; echo "my_password" | md5sum |
|
deny = AstAccountDeny |
|
permit = AstAccountPermit |
|
port = AstAccountPort |
|
qualify = AstAccountQualify |
|
type = AstAccountType |
|
disallow = AstAccountDisallowedCodec |
|
allow = AstAccountAllowedCodec |
|
regseconds = AstAccountExpirationTimestamp |
|
regcontext = AstAccountRegistrationContext |
|
regexten = AstAccountRegistrationExten |
|
notransfer = AstAccountNoTransfer |
|
lastms = AstAccountLastQualifyMilliseconds |
|
additionalFilter=(objectClass=AstAccountIAX) |
|
|
|
; |
|
; A Test Family |
|
; |
|
[testfamily] |
|
MyUSERID = uid |
|
additionalFilter=(objectClass=*) |
|
|
|
[accounts] |
|
amaflags = AstAccountAMAFlags |
|
callgroup = AstAccountCallGroup |
|
callerid = AstAccountCallerID |
|
directmedia = AstAccountDirectMedia |
|
context = AstAccountContext |
|
dtmfmode = AstAccountDTMFMode |
|
fromuser = AstAccountFromUser |
|
fromdomain = AstAccountFromDomain |
|
fullcontact = AstAccountFullContact |
|
fullcontact = gecos |
|
host = AstAccountHost |
|
insecure = AstAccountInsecure |
|
mailbox = AstAccountMailbox |
|
md5secret = AstAccountRealmedPassword ; Must be an MD5 hash. Field value can start with |
|
; {md5} but it is not required. |
|
; Generate the password via the md5sum command, e.g. |
|
; echo "my_password" | md5sum |
|
nat = AstAccountNAT |
|
deny = AstAccountDeny |
|
permit = AstAccountPermit |
|
pickupgroup = AstAccountPickupGroup |
|
port = AstAccountPort |
|
qualify = AstAccountQualify |
|
restrictcid = AstAccountRestrictCID |
|
rtptimeout = AstAccountRTPTimeout |
|
rtpholdtimeout = AstAccountRTPHoldTimeout |
|
type = AstAccountType |
|
disallow = AstAccountDisallowedCodec |
|
allow = AstAccountAllowedCodec |
|
MusicOnHold = AstAccountMusicOnHold |
|
regseconds = AstAccountExpirationTimestamp |
|
regcontext = AstAccountRegistrationContext |
|
regexten = AstAccountRegistrationExten |
|
CanCallForward = AstAccountCanCallForward |
|
additionalFilter=(objectClass=AstAccount)
|
|
|