Reference12r1:PBX/Objects: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 19: Line 19:
Fork number appended by a '*' indicates a mobility enabled user. In case the number is displayed in grey, the user consumes no mobility license on local PBX (e.g. because the user registers on other PBX).
Fork number appended by a '*' indicates a mobility enabled user. In case the number is displayed in grey, the user consumes no mobility license on local PBX (e.g. because the user registers on other PBX).


The last column are the IP addresses of registered endpoints for a given object.  
The last column shows the IP addresses of registered endpoints for a given object.  
:If the physical location of the endpoint is not the same as the PBX, the physical location is indicated by @<physical-location> added to the IP address.  
:If the physical location of the endpoint is not the same as the PBX, the physical location is indicated by @<physical-location> added to the IP address.  
:A '*' appended to this field means that this is an password or TLS authenticated registration.
:A '*' appended to this field means that this is a password- or TLS-authenticated registration.
:Registrations which are because of a standby situation, which means they are not at the PBX for which they are configured, are displayed in red colour.
:Registrations which are because of a standby situation, which means they are not at the PBX for which they are configured, are displayed in red colour.
:If a '!' is displayed in this column the user is currently block because of the security hold off (see below).
:If a '!' is displayed in this column the user is currently blocked because of the security hold off (see below).


=== New Objects ===
=== New Objects ===
Line 90: Line 90:
:''Note: Phones using this mechanism should use a Gatekeeper Identifier of <local-pbx>@<System Name> for registration. This way this mechanism works even if the registration happens without redirection. This can be the case if a secondary address is configured in case the local PBX is down. The registration will then be done without redirection an is not renewed when the local PBX comes up again.''
:''Note: Phones using this mechanism should use a Gatekeeper Identifier of <local-pbx>@<System Name> for registration. This way this mechanism works even if the registration happens without redirection. This can be the case if a secondary address is configured in case the local PBX is down. The registration will then be done without redirection an is not renewed when the local PBX comes up again.''


;Send Number: If an object does a call, the calling party number for this call will be replaced by the number given (if any).  Used to hide an extension.  
;Send Number: If an object does a call, the calling party number for this call will be replaced by the number given (if any).  Used to hide an extension. The configured number is interpreted relative to the ''root'' node.


;URL: A url configured here is send with any call from this object as source url. Only H.323 support sending a URL. Some called endpoints may make use of the URL. The URL is also availabe within the CDRs generated by the gateway.
;URL: A url configured here is send with any call from this object as source url. Only H.323 support sending a URL. Some called endpoints may make use of the URL. The URL is also availabe within the CDRs generated by the gateway.

Latest revision as of 08:04, 25 April 2018

This page is used for the administration of PBX objects. A list of already configured objects can be displayed filtered by various criterias. New objects can be created and existing objects can be changed or deleted.

Display of existing Objects

By pressing the show link, existing objects are displayed. With the filter field (the input field left to the show link) the displayed objects are limited to those matching the filter. The filter is first applied to the 'Long Name' of the objects meaning a non case sensitive head match of the filter and the 'Long Name' is performed. If there are matching objects these are displayed.

If there are no matching objects the filter is used to match the Number of the objects including any node prefixes. This way objects of a given node with all subnodes can be displayed by entering the prefix of a node here.

Below the filter input field is a list of all PBXs in the system (at least the part of the system which is replicated to this device). By clicking on a PBX in the list only the objects which are assigned to this PBX are displayed and the groups configured on this PBX are displayed as well. By clicking on a group only the members of this group are displayed.

List of Objects

On the right side the list of objects is displayed. The most important configuration properties are displayed in this list to provide an overview. To view the full configuration of a given object it must be opened for editing by clicking the Long Name. The list can be sorted by clicking the table headers.

The Number of the objects in this list is not the number configured in the object but it is expanded with the prefixes of the nodes in which the object is configured.

Group memberships and Call Forwarding for an object are changed by clicking on the 'Groups' or 'CF*' link of the object. A '*' appended to a group displayed in this list means that the active flag of this group membership is set. A '!' appended to a group displayed in this list means that group indications are configured for this group.

Fork number appended by a '*' indicates a mobility enabled user. In case the number is displayed in grey, the user consumes no mobility license on local PBX (e.g. because the user registers on other PBX).

The last column shows the IP addresses of registered endpoints for a given object.

If the physical location of the endpoint is not the same as the PBX, the physical location is indicated by @<physical-location> added to the IP address.
A '*' appended to this field means that this is a password- or TLS-authenticated registration.
Registrations which are because of a standby situation, which means they are not at the PBX for which they are configured, are displayed in red colour.
If a '!' is displayed in this column the user is currently blocked because of the security hold off (see below).

New Objects

New objects are created by selecting the type of object in the drop down list and clicking the new link. If the list of displayed objects is limited to a PBX/Group (see above), the PBX property of the new object is preset accordingly and the group membership is added to the object.

Object Types

There are different types of objects for different purposes availabe

User
A normal User
BC Conference
A Conference which automatically calls other users
Boolean
Used to enable Call Forwards an other things based on time/date or by calling to this object
Call Broadcast
Forward a call to a group
Conference
Provides Conferences
Config Template
Config which can be applied to other objects
DECT System
Defines a DECT system
Directory Search
LDAP lookup based on number dialed
DTMF Features
*/# Features for simple endpoints
Executive
Executive in a executive/secretary configuration
External UC
To forward presence subscriptions to external presence server
Gateway
For registration of gateways
ICP
Integration with ICP system
MCast Announce
Calls endpoints and forwards media as IP multicast
Message Waiting
Message Waiting for external Systems
Mobility
Mobile Integration
Node
Numbering Node
Number Map
Maps to other number
PBX
To register slave PBX
Quick Dial
Allows Quickdial based on external LDAP Directory
Session Border
Allows proxy registrations to other PBX

General Object Properties

Some configuration properties are specific to the type of object, some are common to all objects. Not each object type supports all general configuration properties.

Description
Any text which can be used to describe the objects. Nothing is done with this text on the PBX.
Hide from LDAP
When this checkmark is set, this object is available with a read-only LDAP access, which means it does not show up in the PBX phonebook on the phones.
Long Name
This name is used to identify the object in the database and for display purposes. The long name must be unique throughout the system. For practical reasons, you should limit it to 20 - extension length characters.
Name
The name of the object. This name is used for signalling (like a call number) and must be unique throughout the system. The character '@' should not be used. Also, the Name should not start with a dot (.). See Reference12r1:Concept Group Pickup across PBXs for more details on using a dot.
Note: From V8 on, clients cannot use the Name property as registration name. They must use one of the devices. Likewise, for those objects that have a Number property, when a registration is attempted using this number, the corresponding object is looked up, the Name property retrieved and a registration tried. As a result, the registration will fail if the object does not have a device with a hardware-id identical to the objects Name.
Note: from V9 it is recommended to use the Name field for the email address (everything prior the @) in combination with the Use as Domain flag at the System Name
If the 'Name' is to be used as E-Mail address, the Checkmark on the E-Mail line besides the Name which is displayed there as well has to be set as well.
Hardware ID
The Hardware Id from v7 is replaced by the Devices configuration.
Number
The telephone number of the object. This is the number by which this object can be dialed within the same node. Which means it does not include any Node prefixes.
E-Mail
Additional E-Mail addresses for the user. Multiple addresses are seperated by ';'. The 'Name' is used as E-Mail address as well together with the 'System Name' as domain. The E-Mail addresses are used to match users from other applications (e.g. Exchange, Fax Server) to PBX User Objects. The first E-Mail address is used as destination if E-Mails are to be sent to the User (e.g. received Fax). If the 'Name' shall be used as E-Mail destination, the checkmark besides the 'Name', which is duplicated to the E-Mail line should be set.
Critical
If marked as critical the object can only be changed by administrators allowed to edit critical objects
Password / Retype Password
If a registration password is allocated here, then it must be specified during registration, or otherwise the registration will fail. The length of the password is limited to 23 characters.
Node
The node that the object is assigned to. A Node hierarchy can be configured using Node Objects. Objects which are assigned to the same node can call each other with just the number. To call an object in a different node escapes and node prefixes have to be used. If no node is configured, the object is assigned to the node of the respective local pbx.
PBX
The PBX that the object is assigned to. This PBX accepts registrations for the object. If no PBX is configured, the object is assigned to the respective local PBX.
Reject ext. Calls
Calls from external sources to this object are rejected.
Local
Marks an object as local. Local means that it can be called from endpoints physically located at the same PBX without prefixes even if the calling endpoint is in a different node. Where the endpoint is physical located is defined by the PBX the endpoint contacts first (it may be redirected to another PBX then for registration). If the object does not have a PBX configured the call is routed to the PBX where the calling endpoint is registered.
Note: Phones using this mechanism should use a Gatekeeper Identifier of <local-pbx>@<System Name> for registration. This way this mechanism works even if the registration happens without redirection. This can be the case if a secondary address is configured in case the local PBX is down. The registration will then be done without redirection an is not renewed when the local PBX comes up again.
Send Number
If an object does a call, the calling party number for this call will be replaced by the number given (if any). Used to hide an extension. The configured number is interpreted relative to the root node.
URL
A url configured here is send with any call from this object as source url. Only H.323 support sending a URL. Some called endpoints may make use of the URL. The URL is also availabe within the CDRs generated by the gateway.
Group Indications
The group for which group indications are sent to the registered endpoints. The object must be active member in this group. The other objects (for which group indications are sent) need not to be active. To monitor other endpoints on a phone with a Partner/Pickup function key group indications are needed for the endpoints. The maximal length of the Group Indication Name in V7 is set to 48 characters.
Hide Connected Endpoint
This checkmark hides the name and number of the connected endpoint if an object with this checkmark set is called. This applies for example if a call forwarding was configured or the object was a broadcast group. In these cases the connected endpoint is different from the called.

License

For User and Executive objects licenses which shall be used for this user can be configured. The licensed features can only be used if they are checked on this page.

UC
Combines Fax, Mobility, myPBX and Video licenses
Voicemail
Voicemail for this user (uses VoicemailUser license)
Fax
Personal Fax with innovaphone Fax
Mobility
Mobility integration
myPBX
myPBX client
Video
innovaphone Video as part of the myPBX launcher
AppSharing
innovaphone Application Sharing
Reporting
innovaphone Reporting. The myPBX call lists do not require this license

Devices

With the devices configuration it is possible to identify the different devices, which may register for a user. The Hardware Id is used to match the incoming registration. The Text can be used for a description of the device. On the SOAP/TAPI interface Text can be used to let the user select the device which shall be controlled. If no device is configured the Name and v7 Hardware Id are used for default devices to ensure v7 configuration compatibility.

To allow an endpoint to register with the objects Name or Number, a device must be configured with a hardware id identical to the object Name.

If the Config VOIP checkmark is set and a Name is configured for the Device an new tab-sheet with the configured name is available to allow more Voip Parameters to be configured.

A registration by number does not succeed if the length of the number does not match, other when dialing an object in which case additional dialed digits are ignored.

If a registration by number does not match any object number, the number is converted to a name and a device hardware id is searched with this name.

Device Config Flags

PBX Pwd
Registration with the PBX master password only
No IP Filter
Don't apply IP Filters for registrations
TLS only
Allow Registration with H.323/TLS only. If this checkmark is set a matching certificate, which is trusted by the PBX must be provided.
No Mobility
If a registration on this device is active don't call a mobility number
Config VOIP
Add additional config for Voip. E.g. configure a WebRTC endpoint. Apply has to be pressed once to allow enable the additional input page.
Reverse Proxy
If set this device is allowed to accept an registration from a 'Reverse Proxy Address'. If on PBX/General 'Assume TLS' is set for the Reverse Proxy Addresses, a registration from the reverse Proxy is accepted without authentication, if not an authentication is required.

Security issues

There are security build in mechanisms :

  • If the PBX Pwd (in older V9 builds AdminPwd) check-mark is set, registration to this device is only possible with the PBX password, which is configured in PBX/Config/Security.
  • The checkmark No IP Filter allows the registration to the device even if the IP Filter does not match. This way general registration can be restricted using the IP Filters and some selected devices can be opened for registration from the public internet. A registration without password is not allowed in this case. (Available from v9 hf15)
  • If this object will have no registration, leave the device field empty (for security reasons). Nobody can abuse and register at that object.
  • If a registration request comes with the wrong password the object deny´s all registration requests (with the reason REGISTER-REJ : Reason=PBX missing Authentication) for 20 seconds. After that time it is possible to register (with the right password). During this 20s security hold off period a '!' is displayed in the column used for registration address.

Objects with empty node or PBX

If an object has no PBX configured, it will be replicated (if replication is turned on) to all slaves. Furthermore, any PBX will satisfy incoming registration requests. Calls to such objects that are built-in to the PBX and thus do not require a registration to work (e.g. Waiting Queue) will be processed by each PBX the call is presented to.

If an object has no Node configured, it will be considered to live in the node of each PBX the object is known to. So if an object has neither Node nor PBX configured, it will be present in all nodes that have a PBX and calls to such objects will be processed locally for objects that are built-in to the PBX.