Views

Difference between revisions of "How to connect OpenScape Business to LDAP Server"

The Wiki of Unify contains information on clients and devices, communications systems and unified communications. - Unify GmbH & Co. KG is a Trademark Licensee of Siemens AG.

Jump to: navigation, search
(Created page with "div class="breadcrumb"> {{up}} How To | {{up}} How to collection and tutorials for OpenScape Office MX/LX </div> <br>[[Image:OSO Directory Service logo.png|thumb|150px...")
 
(Example: UC Suite LDAP connection to Estos MetaDir)
 
(50 intermediate revisions by the same user not shown)
Line 1: Line 1:
div class="breadcrumb">
+
{{Breadcrumb|||How to collection and tutorials for OpenScape Business}}
{{up}} [[How To]] | {{up}} [[How to collection and tutorials for OpenScape Office MX/LX]]
 
</div>
 
<br>[[Image:OSO Directory Service logo.png|thumb|150px]]
 
  
<br>
 
  
  
 
== Preface  ==
 
== Preface  ==
 +
This How To describes the connection of OpenScape Business to LDAP server. Information given here should help to understand the configuration in general.
 +
The examples demonstrate the connection to a Microsoft Active Directory and to the embedded Open Directory Service. All shown data and screenshots are examples only, which are used to demonstrate the capabilities.<br>
 +
'''Note''' <br>
 +
Description refers to OpenScape Business V1R3. Deviations may occur in later versions.
 +
 +
== General Information ==
 +
 +
OpenScape Business offers two different ways to connect to a LDAP server:
 +
* System LDAP connection
 +
* UC Suite LDAP connection
 +
 +
Each kind of LDAP connection enables different LDAP clients, which are connected to OpenScape Business, to access the retrieved data.
 +
 +
== System LDAP connection ==
 +
The system LDAP client allows searching for LDAP entries with HFA phones, selecting the search result and to use them to perform a call.<br>
 +
'''Note:''' <br>
 +
Only LDAP version 2 with authentication is supported.
 +
 +
 +
The required configuration is done in the OpenScape Business Administration Portal
 +
 +
'''Expert Mode --> Telephony Server -->  Basic Settings --> System  --> LDAP''' <br>
 +
 +
[[Image:OSBiz_System_LDAP_Settings.png|600px|OpenScape Business System LDAP Settings]]
 +
 +
Within this dialog screen the following information have to be filled in at minimum to enable the System LDAP function <br>
 +
* IP address of the LDAP server
 +
* Username
 +
* Password / Confirm password
 +
* Basic DN
 +
  
This How To describes the connection of myPortal / myPortal for Outlook Clients to the Open Directory Service.
+
In addition the phone display setting needs to be set in the OpenScape Business Administration Portal:
  
It is written based on OSO version V3R2. Deviations may occur, if higher versions are used.
+
'''Expert Mode --> Telephony Server -->  Basic Settings --> System  --> Display''' <br>
  
Only the ODS relevant setting are described here. For general OSO LDAP configuration issues have a look at:
+
[[Image:OSBiz_LDAP_Phone_Display_Settings.png|600px|OpenScape Business Phone Display Settings for LDAP search]]
  
*[[How to install LDAP connection]]
+
Set the value “Internal Phonebook” from “Internal” to “All”. After these settings are done the System LDAP search function is enabled at the HFA phones. <br>
 +
Use case:
 +
* Hook off  HFA phone
 +
* Apply “Phonebook” *
 +
* Select the “LDAP” directory
 +
* Type a name with the keypad and apply the entered search string
 +
* Select the requested search result and apply the selected entry to perform a call
  
All data shown here and also the screenshots are examples only, which are used to demonstrate the capabilities.
 
  
== Prerequisites  ==
+
=== Example: System LDAP connection to Active Directory ===
 +
Within this example the following is assumed:
  
Before you start, you have to check some prerequisites otherwise the connection fails.  
+
* IP address of the Active Directory LDAP server: 198.6.127.33
 +
* Username: Administrator@win2k8dom.net
 +
* Password / Confirm password: Password of the Administrator user
 +
* Basic DN: dc=win2k8dom,dc=net
  
*Fully installed and operational OSO system
 
*ODS is active within the OSO system
 
*ODS is successfully connected to an external database
 
  
== UC Suite&nbsp;LDAP Client Settings&nbsp; ==
 
  
My Portal and myPortal for Outlook can also search data in external directories, which are connected to the ODS.
+
[[Image:OSBiz_System_LDAP_AD_settings.png|800px|OpenScape Business System LDAP settings for Active Directory access]]
  
To do so you have to configure the LDAP connection of the UC Suite within the OpenScape Office system in the way that points to the ODS.
 
  
At first you have to open the Administration Portal of OpenScape office, choose the expert mode and selct the UC Suite configuration.  
+
'''Note:'''<br>
 +
Remote access to the Active Directory for OpenScape Business has to be granted by network administrator.
  
A left mouse click to "UC Suite" opens the configuration dialog. Selection of "External Provider config" opens the Dialog for LDAP server configuration. Another mouse click to the "Add" button grants access to the creation of a new LDAP connection. The following settings have to be entered.
+
=== Example: System LDAP connection to Open Directory Service ===
 +
Within this example the following is assumed:
  
<br>[[Image:OSO LDAP ODS 3.png|500px|OSO LDAP ODS 3.png]]
+
* Open Directory Service is activated and in operation
 +
* Open Directory Service of the own system is used: IP address 172.30.242.5
 +
* Username: uid=ldap,dc=web
 +
* Password: / Confirm password: Password as configured within the Open Directory Service
 +
* Basic DN: dc=web
  
<br>
+
 
 +
 
 +
 
 +
[[Image:OSBiz_System_LDAP_ODS_settings.png|800px|OpenScape Business System LDAP settings for Open Directory Service access]]
 +
 
 +
== UC Suite LDAP connection ==
 +
The UC Suite LDAP connection enables the UC Suite clients:
 +
 
 +
* myPortal for Desktop
 +
* myPortsl for Outlook
 +
* myAttendant
 +
* myAgent
 +
 
 +
to perform caller identification and directory search within the directories of the connected LDAP Server.<br>
 +
Multiple LDAP server can be connected to UC Suite. <br>
 +
 
 +
 
 +
The needed configuration is done in the OpenScape Office Assistant.
 +
Please navigate to this page to perform the changes in the OpenScape Office Assistant:
 +
 
 +
'''Expert Mode --> Application --> OpenScape Business UC Suite --> External Providers Config --> Contact Providers --> LDAP'''<br>
 +
 
 +
Use the “Add” button to add a new LDAP configuration to the OpenScape Office:
 +
 
 +
[[Image:OSBiz_UC_Suite_LDAP_Settings.png|600px|OpenScape Business UC Suite LDAP Settings]]
 +
 
 +
<br> Parameter Explanation <br><br>
  
 
{| style="width: 738px; height: 117px" border="1" cellspacing="1" cellpadding="1" width="738"
 
{| style="width: 738px; height: 117px" border="1" cellspacing="1" cellpadding="1" width="738"
Line 57: Line 120:
  
 
|  
 
|  
IP Adress of the OSO system in which the ODS is located.
+
IP address of the LDAP Server.  
 
 
Within OSO LX/MX single node systems
 
 
 
local.ldap
 
 
 
should be used as server address. This name is internally resolved and directed to the correct IP address of the ODS.
 
 
 
'''Note:''' This does not apply for network scenarios. In this case the IP address of system, which operates the ODS has to be entered.
 
  
 +
In case, that the Open Directory Service is used as LDAP server, <br>
 +
local.ldap <br>
 +
should be entered as server address. This name is internally resolved and directed to the correct IP address of the Open Directory Service. This does not apply for networked scenarios. In this case the IP address of the system, which operates the Open Directory Service has to be entered.
 
|-
 
|-
 
| '''Port:'''  
 
| '''Port:'''  
| Port of the ODS LDAP Server (Default is 389)
+
| Port of the LDAP Server (Default is 389)
 
|-
 
|-
 
| '''LDAP Base Distinguehed Name'''  
 
| '''LDAP Base Distinguehed Name'''  
| This parameter has to be set to
+
| This parameter has to be set as configured within the LDAP server.<br>
dc=web
+
For OpenDirectory Service use: dc=web
 
 
 
|-
 
|-
 
| '''User name:'''  
 
| '''User name:'''  
| For access from OSO myPortal Client the User Name must be set to:  
+
| This parameter has to be set as configured within the LDAP server.<br>
uid=uc,dc=web  
+
For OpenDirectory Service use: uid=uc,dc=web <br>
 +
regardless the settings within the ODS configuration. This setting ensures, that the OSO internal entries are filtered by ODS and that they are not shown twice.<br>
 +
In case the filtering is not wanted, use: uid=ldap,dc=web <br>
 +
|-
 +
|
 +
'''Password:'''
 +
|
 +
The password has to be set as configured within the LDAP server.<br>
 +
|-
 +
|}
 +
<br>
 +
<br>
 +
=== Example: UC Suite LDAP connection to Open Directory Service (ODS) ===
 +
Within this example the following is assumed:
  
regardless the settings within the ODS configuration. This setting ensures, that the OSO internal entries are filtered by ODS and that they are not shown twice. In case the filtering is not wanted,
+
* Open Directory Service is activated and in operation
 +
* Within Open Directory Service the default mapping ''web'' is used
 +
* Open Directory Service of the own system is used: IP address local.ldap
 +
* UC suite internal and external directory should not be included, therefore Username: uid=uc,dc=web
 +
* Password: / Confirm password: Password as configured within the Open Directory Service
 +
* Basic DN: dc=web
 +
<br>
 +
[[Image:OSBiz_UC_Suite_LDAP_ODS_settings.png|800px|OpenScape Business UC Suite LDAP settings for Open Directory Service access]]
 +
<br>
  
uid=ldap,dc=web
+
=== Example: UC Suite LDAP connection to Active Directory ===
 +
Within this example the following is assumed:
  
has to be entered instead.
+
* IP address of the Active Directory LDAP server: 198.6.127.33
 +
* Username: Administrator@win2k8dom.net
 +
* Password / Confirm password: Password of the Administrator user
 +
* Basic DN: dc=win2k8dom,dc=net
 +
<br>
 +
[[Image:OSBiz_System_UC_Suite_AD_settings.png|800px|OpenScape Business UC Suite LDAP settings for Active Directory access]]
 +
<br>
 +
'''Note:'''<br>
 +
Remote access to the Active Directory for OpenScape Business has to be granted by network administrator.
  
|-
+
<br>
|
+
=== Example: UC Suite LDAP connection to openLDAP Server ===
'''Password:'''
+
This example bases on openLDAP Server V.2.3.37. Deviations may occur in later versions.
 +
 
 +
Following is assumed:<br>
 +
* IP address of the Open LDAP Server: 192.168.70.212
 +
* Basis DN: dc=my-company,dc=de
 +
* Root DN: cn=manager
 +
* Password: as set within the openLDAP Server
  
|  
+
<br>
The password, which was assigned for the ODS LDAP Server login during the ODS configuration has to be entered here.
+
[[Image:OSBiz_UC_Suite_LDAP_openLDAP_settings.png|800px|OpenScape Business UC Suite LDAP settings for Open LDAP Server access]]
 +
<br>
 +
<br>
 +
'''Note:'''<br>
 +
* Comma separated values e.g. within phone number are not supported
 +
* Following attributes are not included within the standard object classes of OpenLDAP Server. If needed these attributes have to be added manually to the object classes.  
 +
** company
 +
** otherTelephone
 +
** telefonNumberCompanyMain
 +
** countryName
 +
** stateOrProvinceName
 +
** pager
 +
** postalAddress
  
|-
+
=== Example: UC Suite LDAP connection to Estos MetaDir ===
|}
+
This example bases on MetaDir V3.5. Deviations may occur in later versions.
  
<br><br><br>'''LDAP field mapping:''' <br>Afterwards the LDAP field of OSO UC myPortral/myPortal for Outlook clients must be mapped to the appropriate ODS LDAP fields. The mapping within the picture above shows the assignment.
+
Following is assumed:<br>
 +
* IP address of the MetaDir LDAP Server: 172.20.240.114
 +
* Port Number: 712
 +
* Basis DN: dc=web
 +
* User: osbiz
 +
* Password: as set within properties of the LDAP node dc=web
  
<br>All entries become effective within OSO after saving.
+
<br>
 +
[[Image:OSBiz_UC_Suite_LDAP_MetaDir_settings.png|800px|OpenScape Business UC Suite LDAP settings for estos MetaDir access]]
 +
<br>
 +
<br>
 +
'''Note:'''<br>
 +
* Comma separated values e.g. within phone number are not supported
 +
* Umlauts (ä,ö,ü..)are transferred by the MetDir but are not displayed correctly within the UC Suite clients.

Latest revision as of 13:22, 9 September 2014


Preface

This How To describes the connection of OpenScape Business to LDAP server. Information given here should help to understand the configuration in general. The examples demonstrate the connection to a Microsoft Active Directory and to the embedded Open Directory Service. All shown data and screenshots are examples only, which are used to demonstrate the capabilities.
Note
Description refers to OpenScape Business V1R3. Deviations may occur in later versions.

General Information

OpenScape Business offers two different ways to connect to a LDAP server:

  • System LDAP connection
  • UC Suite LDAP connection

Each kind of LDAP connection enables different LDAP clients, which are connected to OpenScape Business, to access the retrieved data.

System LDAP connection

The system LDAP client allows searching for LDAP entries with HFA phones, selecting the search result and to use them to perform a call.
Note:
Only LDAP version 2 with authentication is supported.


The required configuration is done in the OpenScape Business Administration Portal

Expert Mode --> Telephony Server --> Basic Settings --> System --> LDAP

OpenScape Business System LDAP Settings

Within this dialog screen the following information have to be filled in at minimum to enable the System LDAP function

  • IP address of the LDAP server
  • Username
  • Password / Confirm password
  • Basic DN


In addition the phone display setting needs to be set in the OpenScape Business Administration Portal:

Expert Mode --> Telephony Server --> Basic Settings --> System --> Display

OpenScape Business Phone Display Settings for LDAP search

Set the value “Internal Phonebook” from “Internal” to “All”. After these settings are done the System LDAP search function is enabled at the HFA phones.
Use case:

  • Hook off HFA phone
  • Apply “Phonebook” *
  • Select the “LDAP” directory
  • Type a name with the keypad and apply the entered search string
  • Select the requested search result and apply the selected entry to perform a call


Example: System LDAP connection to Active Directory

Within this example the following is assumed:

  • IP address of the Active Directory LDAP server: 198.6.127.33
  • Username: Administrator@win2k8dom.net
  • Password / Confirm password: Password of the Administrator user
  • Basic DN: dc=win2k8dom,dc=net


OpenScape Business System LDAP settings for Active Directory access


Note:
Remote access to the Active Directory for OpenScape Business has to be granted by network administrator.

Example: System LDAP connection to Open Directory Service

Within this example the following is assumed:

  • Open Directory Service is activated and in operation
  • Open Directory Service of the own system is used: IP address 172.30.242.5
  • Username: uid=ldap,dc=web
  • Password: / Confirm password: Password as configured within the Open Directory Service
  • Basic DN: dc=web



OpenScape Business System LDAP settings for Open Directory Service access

UC Suite LDAP connection

The UC Suite LDAP connection enables the UC Suite clients:

  • myPortal for Desktop
  • myPortsl for Outlook
  • myAttendant
  • myAgent

to perform caller identification and directory search within the directories of the connected LDAP Server.
Multiple LDAP server can be connected to UC Suite.


The needed configuration is done in the OpenScape Office Assistant. Please navigate to this page to perform the changes in the OpenScape Office Assistant:

Expert Mode --> Application --> OpenScape Business UC Suite --> External Providers Config --> Contact Providers --> LDAP

Use the “Add” button to add a new LDAP configuration to the OpenScape Office:

OpenScape Business UC Suite LDAP Settings


Parameter Explanation

Parameter Value / Remark

Name:

This name describes the LDAP connection.

Server:

IP address of the LDAP Server.

In case, that the Open Directory Service is used as LDAP server,
local.ldap
should be entered as server address. This name is internally resolved and directed to the correct IP address of the Open Directory Service. This does not apply for networked scenarios. In this case the IP address of the system, which operates the Open Directory Service has to be entered.

Port: Port of the LDAP Server (Default is 389)
LDAP Base Distinguehed Name This parameter has to be set as configured within the LDAP server.

For OpenDirectory Service use: dc=web

User name: This parameter has to be set as configured within the LDAP server.

For OpenDirectory Service use: uid=uc,dc=web
regardless the settings within the ODS configuration. This setting ensures, that the OSO internal entries are filtered by ODS and that they are not shown twice.
In case the filtering is not wanted, use: uid=ldap,dc=web

Password:

The password has to be set as configured within the LDAP server.



Example: UC Suite LDAP connection to Open Directory Service (ODS)

Within this example the following is assumed:

  • Open Directory Service is activated and in operation
  • Within Open Directory Service the default mapping web is used
  • Open Directory Service of the own system is used: IP address local.ldap
  • UC suite internal and external directory should not be included, therefore Username: uid=uc,dc=web
  • Password: / Confirm password: Password as configured within the Open Directory Service
  • Basic DN: dc=web


OpenScape Business UC Suite LDAP settings for Open Directory Service access

Example: UC Suite LDAP connection to Active Directory

Within this example the following is assumed:

  • IP address of the Active Directory LDAP server: 198.6.127.33
  • Username: Administrator@win2k8dom.net
  • Password / Confirm password: Password of the Administrator user
  • Basic DN: dc=win2k8dom,dc=net


OpenScape Business UC Suite LDAP settings for Active Directory access
Note:
Remote access to the Active Directory for OpenScape Business has to be granted by network administrator.


Example: UC Suite LDAP connection to openLDAP Server

This example bases on openLDAP Server V.2.3.37. Deviations may occur in later versions.

Following is assumed:

  • IP address of the Open LDAP Server: 192.168.70.212
  • Basis DN: dc=my-company,dc=de
  • Root DN: cn=manager
  • Password: as set within the openLDAP Server


OpenScape Business UC Suite LDAP settings for Open LDAP Server access

Note:

  • Comma separated values e.g. within phone number are not supported
  • Following attributes are not included within the standard object classes of OpenLDAP Server. If needed these attributes have to be added manually to the object classes.
    • company
    • otherTelephone
    • telefonNumberCompanyMain
    • countryName
    • stateOrProvinceName
    • pager
    • postalAddress

Example: UC Suite LDAP connection to Estos MetaDir

This example bases on MetaDir V3.5. Deviations may occur in later versions.

Following is assumed:

  • IP address of the MetaDir LDAP Server: 172.20.240.114
  • Port Number: 712
  • Basis DN: dc=web
  • User: osbiz
  • Password: as set within properties of the LDAP node dc=web


OpenScape Business UC Suite LDAP settings for estos MetaDir access

Note:

  • Comma separated values e.g. within phone number are not supported
  • Umlauts (ä,ö,ü..)are transferred by the MetDir but are not displayed correctly within the UC Suite clients.