Reference13r1:Services/LDAP/Server

From innovaphone wiki
Revision as of 17:45, 16 November 2017 by Inno-mst (talk | contribs) (Added IP6)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
There are also other versions of this article available: Reference | Reference9 | Reference12r1 | Reference13r1 (this version) | Reference15r1

Here, access data can be configured that allows external LDAP clients read or read and write access to the LDAP database. The server uses the well known LDAP port 389, with TLS the port 636.

VoIP-Telephones require read access to the LDAP database. The default preconfigured username for this purpose is ldap-guest with password ipxxx . For this name the checkmark Apply Hide(s.b.) is automatically activated.

Replication connections require write access.

Off: Completely switches-off the built-in LDAP server. No LDAP-related listening sockets will be active.
User: The LDAP user name.
Password: The relevant LDAP user password.
Write Access: Write authorisation is granted if the check box is checked.
Apply Hide: Hideable PBX objects(PBX objects with Hide from LDAP checked or as Critical marked objects) will be hidden if the check box is checked.

Allowed IP4 Networks A list of IP4 ranges allows to restrict LDAP Access to this server. A range is specified by a tuple: Adress, Mask. To disable LDAP access completely just enter 0.0.0.0 as Address and 255.255.255.255 as Mask. If no range was specified (default) all incoming connections will be accepted.

  • Address: An IP address
  • Mask: An IP address mask
  • Force TLS: Only connections will be accepted with LDAP over TLS (a.k.a. LDAPS)

Allowed IP6 Networks A list of IP6 ranges allows to restrict LDAP Access to this server. A range is specified by an IP6 address, optionally followed by a '/' and the decimal number of prefix bits. If no range was specified (default) all incoming connections will be accepted.

  • Address: An IP address(e.g. fe80:9033:0:16:290:33ff:fe41:350). Or an IP address prefix (e.g. 2002:91fd:9d08:18::/64).
  • Force TLS: Only connections will be accepted with LDAP over TLS (a.k.a. LDAPS)