optiPoint application module How to configure LDAP

This article describes how to configure the optiPoint telephone so you can use and modify the LDAP function on the optiPoint application module.

The following topics are not dealt with in this article: For further information on these topics, refer to the relevant documents listed in References.
 * Running an LDAP search on an optiPoint application module
 * LDAP server administration
 * Configuring further applications on an optiPoint application module

What is LDAP?
See LDAP in Glossary.

Required components
The most important LDAP components are: The following devices support the LDAP function:
 * Directory server (LDAP server): provides hierarchical storage of attributes such as names, telephone numbers, etc.
 * LDAP client: allows you to enter search parameters and display the results.
 * optiPoint application module
 * optiPoint display module
 * optiPoint 600 office
 * Other optiPoint telephones on the HiPath 3000/5000 communication platform (V5.0 and later)
 * LDAP template: connects input and output fields on the LDAP client with attributes on the directory server. Sample of a LDAP template for download:

Requirements
The following requirements must be met before you start configuration:
 * The optiPoint application module must be connected to one of the following optiPoint telephones and operational:
 * optiPoint 410 standard (CorNet IP)
 * optiPoint 410 advance (CorNet IP)
 * optiPoint 420 standard (CorNet IP)
 * optiPoint 420 advance (CorNet IP)
 * You can also run the optiPoint application module on optiPoint 500 telephones, but these do not support the LDAP function.


 * To optimize browser-based administration:
 * You should know the IP address of the optiPoint telephone with the optiPoint application module you wish to configure.
 * You should have a PC with a Web browser that can access the optiPoint telephone with an attached optiPoint application module via LAN.
 * You can also connect a PC (a laptop, for example) directly to one of the telephones listed above using a LAN cable ([[Image:bw_nw.png|16px]] socket on the underside of the telephone).

See References to find out where you can obtain any additional information you need.

Scope of functions on optiPoint application module

 * You can use one or more search strings to find information on the directory server.
 * You can use complete or partial strings. Enter an asterisk (*) if you are not using a complete string.
 * You can call a person from the hit list simply by pressing a button.

Configuration overview
The following table provides an overview of the sections in this document that describe how to administer the Java platform via a Web browser (WEB) and via the optiPoint application module (APM). At a glance, you can see which configuration options are available for each task.

SEARCHBASE "dc=teamone,dc=intranet" SEARCHFILTER1 = "surnameNational,Nachname" SEARCHFILTER2 = "givenNameNational,Vorname" SEARCHFILTER3 = "department,Abteilung" SEARCHFILTER4 = "localityShortCode,Ort" SEARCHFILTER5 = "ou,Org. Einheit" SEARCHATTRIB1 = "commonNameNational,Name,0" SEARCHATTRIB2 = "telephoneNumber,Telefon,1" SEARCHATTRIB3 = "alternatePhone,Telefon 2,1" SEARCHATTRIB4 = "mobileTelephoneNumber,Mobile,1" SEARCHATTRIB5 = "ou,Organisationseinheit,0" SEARCHATTRIB6 = "localityNational,Ort,0" SEARCHATTRIB7 = "department,Abteilung,0" SEARCHATTRIB8 = "mainFunction,Funktion,0" EOF The template may also contain any number of blank lines.

You can also add comments. Text entered after two forward slashes (//) is interpreted as a comment.

A template can be divided into different segments (described below).

Template header
The header consists of the entry. Do not change this entry even if the optiPoint application module is connected to a telephone from the optiPoint 420 family.

Search bases
The  entry marks the starting point of a search in the directory server structure. In other words, you can use the  entry as a filter.

Examples:
 * The search starts at the directory root. All entries are searched.
 * The search is restricted to entries assigned the country (C) Germany (DE).
 * In addition to defining the country, the search is now further restricted to the Siemens organization.
 * The search is restricted to entries assigned the country (C) Germany (DE).
 * In addition to defining the country, the search is now further restricted to the Siemens organization.
 * In addition to defining the country, the search is now further restricted to the Siemens organization.

This entry must correspond to the directory server configuration. Only make changes here if you have the relevant information about the directory server.

Search filters
The input form for an enhanced search is made up of the entries  to. and  are also used for the basic search input field.

All search filters are connected with a logical AND.

Syntax for :

You can change the visible identifier for these entries according to your wishes, for example, "Nachname" to "surname".

Please note that there is a maximum length for every identifier. Identifiers that are too long are cut off in the optiPoint application module display. Always check any changes you make on your telephone.

You should only change attribute names or the number of search filter entries if you modify the configuration on the directory server accordingly.

Search attributes
The entries  to   are identifiers for LDAP searches on the optiPoint application module. The contents of the    field are also displayed in the hit list.

Syntax for  fields:

The dial flag ( or  ) appears as a button next to the result field. You dial the telephone number in the result field simply by clicking this button.

You can change the visible identifier for these entries according to your wishes, for example, you can change "telephone" to "tel. no.".

Please note that there is a maximum length for each identifier. Identifiers that are too long are cut off in the optiPoint application module display. Always check any changes you make on the telephone.

You should only change attribute names or the number of search filter entries if you modify the configuration on the directory server accordingly.

Template footer
The footer is the final part of the template. Do not make any changes here.

Installing LDAP templates
The following section describes how to install an LDAP template (see Editing LDAP templates) on the optiPoint application module.

A default template is preinstalled and delivered with the optiPoint application module. This template is overwritten by the installation procedure described here.

Check the requirements listed in Requirements.

LDAP templates can be installed by administrators and users. The following describes the procedure for administrators (that is, in the administration area of your Web browser). The installation takes a few seconds. If it is successful, the browser returns to the administration menu. If it is not successful, a corresponding error message is displayed.
 * 1) Open a Web browser and enter the IP address of the optiPoint telephone whose LDAP template you want to install on the optiPoint application module:
 * http://[IP address]:8085
 * The telephone homepage is displayed.
 * 1) Click Administration.
 * You are prompted to enter the administration password.
 * 1) Enter the password (default: 123456) and confirm your entry with Login.
 * The administration menu is displayed
 * 1) Select File transfer from the menu.
 * An input form is displayed.
 * 1) Enter the following parameters in the form or check that the existing entries are correct:
 * 2) * FTP server address: IP address of the FTP server.
 * 3) * FTP account name: account name for FTP server access.
 * 4) * FTP username: user name for FTP server access.
 * 5) * Only enter a password in both FTP password fields if the password has changed. The password is not displayed when entered in these fields.
 * 6) * LDAP template filename: file name with the LDAP template file suffix, for example, template.txt.
 * 7) * FTP path: file path starting at the directory entered as the FTP root on the FTP server. The default entry is a dot (.), which means that a path has not been entered.
 * 8) Select Download LDAP template from Action on submit.
 * 9) Click Submit.

Documentation

 * Configuration notes for IP terminals
 * Non application-specific information for configuring IP-based optiPoint terminals.
 * URL: http://www.siemens.com/hipath/ > Products, Solutions & Services > Clients & Devices


 * optiPoint application module user manual
 * Description of local and system-based procedures, explanation of user interface, etc..


 * optiPoint 410/420 family administration manual
 * Explanation of administrative tasks for startup and configuration.

Software

 * phpLDAPadmin
 * Web-based LDAP client for testing LDAP servers.
 * URL: http://phpldapadmin.sourceforge.net/


 * OpenLDAP
 * Open source software for LDAP servers.
 * URL: http://www.openldap.org/