LDAP on OpenStage

The Lightweight Directory Access Protocol (LDAP) enables access to a directory server via an LDAP client. Various personal information is stored there, e.g. the name, organization and contact data of persons working in an organization. When the LDAP client has found a person’s data, e. g. by looking up the surname, the user can call this person directly using the displayed number.

LDAP is available only on OpenStage 40/60/80 phones.



For Users
If you have access to an LDAP directory (contact the responsible administrator), you can search contacts in a company-wide directory. A user-friendly, advanced search function is available for this. You can transfer any entries found to your local phonebook. (>= V2 R0,OS Hi Only)

Finding an LDAP entry


 * Press the phone book mode key until the Corporate Directory ("Corporate") tab is active.
 * Select and confirm the option shown in the Options context menu.
 * Select and confirm the required search field (for example, "Last name").
 * Enter a search text.

Once you have completed all required search fields, confirm the search request by selecting and confirming "OK" on the display keypad. You can perform searches using the name (simple search) or different information on an entry (advanced search), for example, job title or department name.

You can now:
 * call the LDAP contact
 * view the LDAP entry
 * copy the entry into the local phone book (>= V2 R0,OS Hi Only)

New search

To conduct a new search, you must first clear all the search fields. Select and confirm the option shown in the Delete context menu. All search fields have been cleared.

Defining a qualifier before a search

Prior to a search, you can select which qualifiers should also appear in the output list in the Options context menu. Select and confirm the option shown. You may choosebetween the following criteria:


 * No qualifier
 * Job function
 * Address 1
 * Email
 * Business 1
 * Mobile
 * Business 2
 * Private
 * Company
 * Address 2

Select and confirm the desired qualifier. Exit the list.

Importing an LDAP entry into the phonebook (>=V2 R0,OS Hi Only)


 * Select an entry.
 * Open the context menu.
 * Select and confirm the option shown.
 * The view changes to the personal phonebook.
 * Enter additional information.

The LDAP entry is now saved as a contact in your personal phonebook.

For Administrators
OpenStage Phone Supports LDAP V3 with authentication.

LDAP Server Configuration
For connecting the phone’s LDAP client to a LDAP server, the required access data must be configured. The parameters Server address and Server port specify the IP address and hostname as well as the port used by the LDAP server. If the Authentication is not set to "Anonymous", the user must authenticate himself with the server by providing a User name and a corresponding Password. The user name is the string in the LDAP bind request, e. g. "C=GB,O=SIEMENS COMM,OU=COM,L=NTH,CN=BAYLIS MICHAEL". The internal structure will depend on the specific corporate directory.

Data required (Administrator -> Local functions -> Directory settings)


 * Server address: IP address or hostname of the LDAP server.
 * Server port: Port on which the LDAP server is listening for requests. Default: 389.
 * Authentication: Authentication method used for connecting to the LDAP server. Value range: "Anonymous", "Simple". Default: "Anonymous".
 * User name: User name used for authentication with the LDAP server in the LDAP bind request.
 * Password: Password used for authentication with the LDAP server.



LDAP Template Handling
Prerequisites:


 * 1) An LDAP server is present and accessible to the phone’s network. The standard port for LDAP is 389.
 * 2) Query access to the LDAP server must be provided. Unless anonymous access is used, a user name and passwort must be provided. It might be feasible to use a single login/password for all OpenStage phones.
 * 3) To enable dialing internal numbers from the corporate phonebook, an LDAP entry must be provided that contains the proper number format required by OpenScape Voice. In Microsoft Active Directory, the standard LDAP attribute telephoneNumber is typically populated as follows: +1  . However, in a standard configuration, OpenScape Voice will not handle this dial string correctly, due to the +1 prefix. Therefore, it is recommended to use the ipPhone field, which is typically unused in Active Directory. It can be found in the Telephones tab of the Active Directory User Manager.

Create an LDAP Template
The user interface of the corporate phonebook application provides a form which is used both for search and retrieval. The task of an LDAP template is to map the phone’s search and display fields to LDAP attributes, that can be delivered by the server. In the LDAP template, the fields are represented by hard-coded names: ATTRIB01, ATTRIB02, and so on. These field names are assigned to LDAP attributes, as appropriate.

The following examples show the relations between GUI field names, the attribute labels used in the template, and exemplary mappings to LDAP attributes.

Generic Example (Standard Attributes)

Given "example.com" as the LDAP subtree to be searched, the LDAP template file would look like this:

''OpenStage LDAP TEMPLATE (v.1)  SEARCHBASE="dc=example,dc=com"  ATTRIB01="sn"  ATTRIB02="givenname"  ATTRIB03="telephoneNumber"  ATTRIB04="facsimileTelephoneNumber"  ATTRIB05="mobile"  ATTRIB06="homePhone"  ATTRIB07="o"  ATTRIB08="departmentNumber"  ATTRIB09=""  ATTRIB10="title"  ATTRIB11="mail"  EOF ''

Microsoft Active Directory Specific Example

Given "example.com" as the LDAP subtree to be searched, the LDAP template file would look like this:

''OpenStage LDAP TEMPLATE (v.1)  SEARCHBASE="dc=example,dc=com"  ATTRIB01="sn"  ATTRIB02="givenname"  ATTRIB03="ipPhone"  ATTRIB04="otherTelephone"  ATTRIB05="mobile"  ATTRIB06="homePhone"  ATTRIB07="company"  ATTRIB08="department"  ATTRIB09=""  ATTRIB10="title"  ATTRIB11="mail"  EOF ''

Load the LDAP Template into the Phone
When you have configured the LDAP template, you can upload it to the phone:


 * Save the template under a suitable name, for example, ldap-template.txt.
 * Copy the template file to the FTP server designated for deploying LDAP templates.
 * Upload the file using the WBM

For an example configuration, see the following WBM screenshot (Administrator-> File transfer -> LDAP)