Howto:Best practice for a PBX with multi-domain users

From innovaphone-wiki

Jump to: navigation, search


Applies To

This information applies to

  • devices using firmware V10 SR8 and later.

More Information

Problem Details

In some cases you will have installations where users are in different administrative domains. Even though all users are on the same PBX or in the same PBX-system, they still want to use their own domain name for Fax, Exchange-Connector, Emails or Federation. As a example, you can use the following setup:

  • has an innovaphone PBX and uses all features (e.g. Presence, Exchange Connector, Fax, etc. )
  • is currently bought by companyA. All its users will get registered at a slave PBX, however FirmaB has its own/different Exchange and Active Directory infrastructure. They need time to migrate to the infrastructure of CompanyA, in the meantime the domain of FirmaB should be used.



The solution is quite simple. The innovaphone PBX can use the email-address-entries of objects for call routing, similar to H323-names or numbers. As a result you will configure for each user the email-address with the respective domain-part (e.g. or For users in the main domain(master PBX) the email-address is automatically created correctly by using the H323-name and the System-Name, so you don't have to configure an email - address for this users.

The System-Name on all PBXs is the same, namely the one configured at the Master PBX.


  • you can make calls between objects by using the number, H323-name or email-address


  • when searching for objects you can use the number, H323-name or email-address
  • when creating entries in the MyPBX-Contact-list/Favourites-List, you can use the number, H323-name or email-address. After the Contact is created, the H323-name and number are displayed. The email-address is used/displayed only when clicking on the "Send Email"-button in myPBX.


  • this will work as usual, no extra configuration is needed. The myPBX-Launcher will also use the email-address for its presence-subscription and store the presence-info together with the matching H323-name and email-address

Access Rights

  • when Visibility or Access Rights are configured, the users and admins must work with the H323-name. Granting Access Rights to an email-address or new domain-name(e.g. will not allow the specific user to see the presence/call-information.
  • Use as domain should be activated on all PBXs. As a result, you can use the domain-name of the Master-PBX for system-wide access rights.


  • the Operator can search for users only by the H323-name or number, not by the email-address. However since v10sr8, clicking on the "Send Email"-button in the Operator will use the Email-Address-entry of the object.


  • the Linux-Application should have a Fax-Server instance for each exchange server. Each domain has its own fax-server.

Exchange Connector

  • the Linux-Application should have a Exchange-Connector instance for each exchange server. To prevent that the Exchange-connector tries to get calendar information for users on the wrong exchange server, the connector can be limited to a specific domain. This is done using the Domain Filter option.

Federation to other innovaphone master PBXs

  • Federation is configured centrally using one Federation-interface on the master PBX. Slave PBXs will send calls to unknown domains to the master PBX, there calls are routed to the Federation-interface.
  • the master PBX must have a valid certificate for all used domains. You should configure as certificate-CN the domain-name of the master PBX and as certificate-SANs (also called SubjectAltName or DNS Name in the certification creation form) the other domains.

Known Problems

  • user replication is possible only from one AD-server. The users of the second AD-server must be configured manually or migrated first to the primary AD-server.
Personal tools