Reference9:Services/LDAP/Replicator

From innovaphone wiki
Jump to navigation Jump to search
There are also other versions of this article available: Reference | Reference7 | Reference9 (this version)

LDAP replication can be configured here. The task of LDAP replication is to copy and keep up to date the entire content or parts of the user database of a remote LDAP directory. The replicator can be configured to either perform a full replication from a remote innovaphone PBX or from a remote Active Directory.

Full replication is required in three application cases:

  1. Replication of the user data from the master PBX to a standby PBX. The replicator configuration takes place on the standby PBX.
  2. Replication of the user data from the master PBX to a slave. The replicator configuration takes place on the slave.
  3. Replication of the user data from a DECT-Master to a DECT-Radio. The replicator configuration takes place on the DECT-Radio.

Active Directory replication may be an attractive option, in order to reduce the administration of PBX users within such an evironment.

  • Replication Type
    • Type: Select either Full or Active Directory replication.
  • Full Replication
    • Enable: Start/Stop the replication.
    • Server: The IP address (or IP address:port[1]) of the remote innovaphone PBX.
    • Alt.Server: The IP address (or IP address:port[1]) of an alternativ remote LDAP Server, which will be considered during times of connection problems.
    • Filter Type: Select whether an internally required LDAP Filter will be derived from a PBX Name or is to be entered free-hand (see RFC2254).
    • PBX Name/LDAP Filter: Depending on the Filter Type selector either a PBX Name or an LDAP Filter can be entered here.
    • User: The LDAP user and password. Is stored on the LDAP server under the chapter "Configuration/LDAP/Server".
  • Active Directory Replication
    • Enable: Start/Stop the replication.
    • Server: The IP address (or IP address:port[1]) of the remote Active Directory.
      • Note: for an Active Directory replication it is highly recommended to activate the TLS option.
    • DN: The distinguished Name of the search base. This DN must be one of the naming contexts, offered by the remote Active Directory. If the Server setting was entered, the Show.. button will show which naming contexts are available. In most cases the default naming context will be selected and can be "OKed".
    • LDAP Filter: An LDAP Filter according to RFC2254. A default is offered.
    • Poll Timer: A value in seconds. Only necessary in AD-forest environments where LDAP notifications aren't sent by the forest towards the replicator client. If the Poll Timer interval is configured, the replicator is going to perform a full replication at the end of each interval and will not use the notify feature.
    • User: Enter the name (as [Windows Domain\User Name]) or the DN (Distinguished Name) of a user with read access to the Active Directory. If a DN is entered it will usually be one of: cn=John Doe,cn=users,dc=innovaphone,dc=sifi, where dc=innovaphone,dc=sifi represents the DN-setting from above.
    • Password: The password required for the User-setting.
    • In-Maps: Maps for incoming attributes must be configured here. An in-map controls which content of which incoming attribute goes into a runtime symbol table. For further details, see section Related Articles.
    • Out-Maps:Maps for outgoing or local attributes must be configured here. An out-map controls which runtime symbol table entry fills a local attribute. For further details, see section Related Articles.

Notes

  1. 1.0 1.1 1.2 Port Setting: default=389, TLS=636(a.k.a. "LDAPS")

Related Articles