Merged revisions 292787 via svnmerge from

https://origsvn.digium.com/svn/asterisk/branches/1.8 ................ r292787 | lmadsen | 2010-10-22 16:28:43 -0500 (Fri, 22 Oct 2010) | 21 lines Merged revisions 292786 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.6.2 ........ r292786 | lmadsen | 2010-10-22 16:16:12 -0500 (Fri, 22 Oct 2010) | 13 lines Update the LDIF file for LDAP. The LDIF file asterisk.ldif was quite a bit out of date from the asterisk.ldap-schema file, so I've now updated that to be in sync. The asterisk.ldif file being out of sync was a problem on my systems where I was doing an ldapadd to import the schema into the LDAP database, and the existing file would cause problems and ERROR messages when registering. Additional documention has been added based on feedback in the issue I'm closing. (closes issue #13861) Reported by: scramatte Patches: ldap-update.txt uploaded by lmadsen (license 10) Tested by: lmadsen, jcovert, suretec, rgenthner ........ ................ git-svn-id: http://svn.digium.com/svn/asterisk/trunk@292788 f38db490-d61c-443f-a65b-d21fe96a405b
2010-10-22 21:29:20 +00:00 · 2010-10-22 21:29:20 +00:00 · aa41ae9434
parent 6aee3da4e4
commit aa41ae9434
3 changed files with 170 additions and 47 deletions
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@ -4253,6 +4253,12 @@ static void realtime_update_peer(const char *peername, struct ast_sockaddr *addr
 	else if (sip_cfg.rtsave_sysname)
 		syslabel = "regserver";

+	/* XXX IMPORTANT: Anytime you add a new parameter to be updated, you
+         *  must also add it to contrib/scripts/asterisk.ldap-schema,
+         *  contrib/scripts/asterisk.ldif,
+         *  and to configs/res_ldap.conf.sample as described in
+         *  bugs 15156 and 15895 
+         */
 	if (fc) {
 		ast_update_realtime(tablename, "name", peername, "ipaddr", ipaddr,
 			"port", port, "regseconds", regseconds,
--- a/configs/res_ldap.conf.sample
+++ b/configs/res_ldap.conf.sample
@ -22,6 +22,10 @@
 ; ldap.conf file for OpenLDAP clients on your system.
 ; This requires that you have OpenLDAP libraries compiled with TLS support

+; *********************************************************************************
+; NOTE: res_ldap.conf should be chmod 600 because it contains the plain-text LDAP
+;       password to an account with WRITE access to the asterisk configuration. 
+; *********************************************************************************

 [_general]
 ;
@ -31,8 +35,8 @@
 ;port=389
 ;url=ldap://ldap3.mydomain.com:3890
 ;protocol=3                          ; Version of the LDAP protocol to use; default is 3.
-;basedn=MyRootDN                     ; Base DN
-;user=MyDN                           ; Bind DN
+;basedn=dc=example,dc=tld            ; Base DN
+;user=cn=asterisk,dc=example,dc=tld  ; Bind DN
 ;pass=MyPassword                     ; Bind password

 ; Configuration Table
@ -69,7 +73,15 @@ additionalFilter=(objectClass=AstExtension)
 ; Sip Users Table
 ;
 [sip]
-name = cn
+name = cn       ; We use the "cn" as the default value for name on the line above
+                ; because objectClass=AsteriskSIPUser does not include a uid as an allowed field
+                ; If your entry combines other objectClasses and uid is available, you may
+                ; prefer to change the line to be name = uid, especially if your LDAP entries
+                ; contain spaces in the cn field.
+                ; You may also find it appropriate to use something completely different.
+                ; This is possible by changing the line above to name = AstAccountName (or whatever you
+                ; prefer).
+                ;
 amaflags = AstAccountAMAFlags
 callgroup = AstAccountCallGroup
 callerid = AstAccountCallerID
@ -83,8 +95,10 @@ fullcontact = gecos
 host = AstAccountHost
 insecure = AstAccountInsecure
 mailbox = AstAccountMailbox
-md5secret = AstAccountRealmedPassword		; Must be an MD5 hash. Field value can start with
-					; {md5} but it is not required.
+md5secret = AstAccountRealmedPassword           ; Must be an MD5 hash. Field value can start with
+                                                ; {md5} but it is not required.
+                                                ; Generate the password via the md5sum command, e.g.
+                                                ; echo "my_password" | md5sum
 nat = AstAccountNAT
 deny = AstAccountDeny
 permit = AstAccountPermit
@ -119,8 +133,10 @@ fullcontact = AstAccountFullContact
 fullcontact = gecos
 host = AstAccountHost
 mailbox = AstAccountMailbox
-md5secret = AstAccountRealmedPassword		; Must be an MD5 hash. Field value can start with
-					; {md5} but it is not required.
+md5secret = AstAccountRealmedPassword           ; Must be an MD5 hash. Field value can start with
+                                                ; {md5} but it is not required.
+                                                ; Generate the password via the md5sum command, e.g.
+                                                ; echo "my_password" | md5sum
 deny = AstAccountDeny
 permit = AstAccountPermit
 port = AstAccountPort
@ -156,8 +172,10 @@ fullcontact = gecos
 host = AstAccountHost
 insecure = AstAccountInsecure
 mailbox = AstAccountMailbox
-md5secret = AstAccountRealmedPassword		; Must be an MD5 hash. Field value can start with
-					; {md5} but it is not required.
+md5secret = AstAccountRealmedPassword           ; Must be an MD5 hash. Field value can start with
+                                                ; {md5} but it is not required.
+                                                ; Generate the password via the md5sum command, e.g.
+                                                ; echo "my_password" | md5sum
 nat = AstAccountNAT
 deny = AstAccountDeny
 permit = AstAccountPermit
--- a/contrib/scripts/asterisk.ldif
+++ b/contrib/scripts/asterisk.ldif
@ -99,8 +99,15 @@ olcObjectIdentifier: AstVoicemailOptions AstAttrType:56
 olcObjectIdentifier: AstVoicemailTimestamp AstAttrType:57
 olcObjectIdentifier: AstVoicemailContext AstAttrType:58
 olcObjectIdentifier: AstAccountSubscribeContext AstAttrType:59
-olcObjectIdentifier: AstAccountIpAddr AstAttrType:60
 olcObjectIdentifier: AstAccountUserAgent AstAttrType:61
+olcObjectIdentifier: AstAccountLanguage AstAttrType:62
+olcObjectIdentifier: AstAccountTransport AstAttrType:63
+olcObjectIdentifier: AstAccountPromiscRedir AstAttrType:64
+olcObjectIdentifier: AstAccountAccountCode AstAttrType:65
+olcObjectIdentifier: AstAccountSetVar AstAttrType:66
+olcObjectIdentifier: AstAccountAllowOverlap AstAttrType:67
+olcObjectIdentifier: AstAccountVideoSupport AstAttrType:68
+olcObjectIdentifier: AstAccountIgnoreSDPVersion AstAttrType:69
 #
 #
 #############################################################################
@ -112,6 +119,9 @@ olcObjectIdentifier: AsteriskIAXUser AstObjectClass:2
 olcObjectIdentifier: AsteriskSIPUser AstObjectClass:3
 olcObjectIdentifier: AsteriskConfig AstObjectClass:4
 olcObjectIdentifier: AsteriskVoiceMail AstObjectClass:5
+olcObjectIdentifier: AsteriskDialplan AstObjectClass:6
+olcObjectIdentifier: AsteriskAccount AstObjectClass:7
+olcObjectIdentifier: AsteriskMailbox AstObjectClass:8
 #
 #
 #############################################################################
@ -563,16 +573,65 @@ olcAttributeTypes: ( AstAccountSubscribeContext
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
 #
-olcAttributeTypes: ( AstAccountIpAddr
-        NAME 'AstAccountIpAddr'
-        DESC 'Asterisk aaccount IP address'
+olcAttributeTypes: ( AstAccountUserAgent
+        NAME 'AstAccountUserAgent'
+        DESC 'Asterisk account user context'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
 #
-olcAttributeTypes: ( AstAccountUserAgent
-        NAME 'AstAccountUserAgent'
-        DESC 'Asterisk account user context'
+olcAttributeTypes: ( AstAccountLanguage
+         NAME 'AstAccountLanguage'
+         DESC 'Asterisk account user language'
+         EQUALITY caseIgnoreMatch
+         SUBSTR caseIgnoreSubstringsMatch
+         SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
+#
+olcAttributeTypes: ( AstAccountTransport
+        NAME 'AstAccountTransport'
+        DESC 'Asterisk account transport type'
+        EQUALITY caseIgnoreMatch
+        SUBSTR caseIgnoreSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
+#
+olcAttributeTypes: ( AstAccountPromiscRedir
+        NAME 'AstAccountPromiscRedir'
+        DESC 'Asterisk account promiscous redirects'
+        EQUALITY caseIgnoreMatch
+        SUBSTR caseIgnoreSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
+#
+olcAttributeTypes: ( AstAccountAccountCode
+        NAME 'AstAccountAccountCode'
+        DESC 'Asterisk account billing code'
+        EQUALITY caseIgnoreMatch
+        SUBSTR caseIgnoreSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
+#
+olcAttributeTypes: ( AstAccountSetVar
+        NAME 'AstAccountSetVar'
+        DESC 'Asterisk account setvar'
+        EQUALITY caseIgnoreMatch
+        SUBSTR caseIgnoreSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
+#
+olcAttributeTypes: ( AstAccountAllowOverlap
+        NAME 'AstAccountAllowOverlap'
+        DESC 'Asterisk account allow overlap dialing'
+        EQUALITY caseIgnoreMatch
+        SUBSTR caseIgnoreSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
+#
+olcAttributeTypes: ( AstAccountVideoSupport
+        NAME 'AstAccountVideoSupport'
+        DESC 'Asterisk account video support'
+        EQUALITY caseIgnoreMatch
+        SUBSTR caseIgnoreSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
+#
+olcAttributeTypes: ( AstAccountIgnoreSDPVersion
+        NAME 'AstAccountIgnoreSDPVersion'
+        DESC 'Asterisk account ignore SDP version'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
@ -632,6 +691,7 @@ olcObjectClasses: ( AsteriskIAXUser
        AstAccountPort $ 
        AstAccountQualify $ 
        AstAccountType $
+        AstAccountLanguage $
        AstAccountDisallowedCodec $ 
        AstAccountExpirationTimestamp $ 
        AstAccountRegistrationContext $
@ -639,7 +699,10 @@ olcObjectClasses: ( AsteriskIAXUser
        AstAccountNoTransfer $ 
        AstAccountName $
        AstAccountLastQualifyMilliseconds $
-        AstAccountCallLimit
+        AstAccountCallLimit $
+        AstAccountSubscribeContext $
+        AstAccountIPAddress $
+        AstAccountUserAgent
    )
    )
 #       
@ -649,43 +712,53 @@ olcObjectClasses: ( AsteriskSIPUser
    SUP AsteriskExtension AUXILIARY
    MUST cn
    MAY (
-        AstAccountAMAFlags $ 
-        AstAccountCallGroup $ 
-        AstAccountCallerID $ 
+        AstAccountAccountCode $
+        AstAccountAllowOverlap $
+        AstAccountAllowedCodec $
+        AstAccountAMAFlags $
+        AstAccountCallGroup $
+        AstAccountCallLimit $
+        AstAccountCallerID $
+        AstAccountCanCallForward $
        AstAccountCanReinvite $
        AstAccountContext $
+        AstAccountDTMFMode $
        AstAccountDefaultUser $
-        AstAccountDTMFMode $ 
-        AstAccountFromUser $ 
-        AstAccountFromDomain $     
-        AstAccountFullContact $ 
-        AstAccountHost $ 
-        AstAccountInsecure $  
+        AstAccountDeny $
+        AstAccountDisallowedCodec $
+        AstAccountExpirationTimestamp $
+        AstAccountFromDomain $
+        AstAccountFromUser $
+        AstAccountFullContact $
+        AstAccountHost $
+        AstAccountIgnoreSDPVersion $
+        AstAccountInsecure $
        AstAccountIPAddress $
-        AstAccountMailbox $    
-        AstAccountRealmedPassword $ 
-        AstAccountNAT $
-        AstAccountDeny $ 
-        AstAccountPermit $ 
-        AstAccountPickupGroup $ 
-        AstAccountPort $
-        AstAccountQualify $ 
-        AstAccountRestrictCID $ 
-        AstAccountRTPTimeout $ 
-        AstAccountRTPHoldTimeout $
-        AstAccountType $ 
-        AstAccountDisallowedCodec $ 
-        AstAccountAllowedCodec $ 
+        AstAccountLanguage $
+        AstAccountLastQualifyMilliseconds $
+        AstAccountMailbox $
        AstAccountMusicOnHold $
-        AstAccountExpirationTimestamp $ 
-        AstAccountRegistrationContext $ 
+        AstAccountNAT $
+        AstAccountName $
+        AstAccountPermit $
+        AstAccountPickupGroup $
+        AstAccountPort $
+        AstAccountPromiscRedir $
+        AstAccountQualify $
+        AstAccountRTPHoldTimeout $
+        AstAccountRTPTimeout $
+        AstAccountRealmedPassword $
+        AstAccountRegistrationContext $
        AstAccountRegistrationExten $
        AstAccountRegistrationServer $
-        AstAccountCanCallForward $ 
-        AstAccountSecret $ 
-        AstAccountName $
-        AstAccountLastQualifyMilliseconds $
-        AstAccountCallLimit
+        AstAccountRestrictCID $
+        AstAccountSecret $
+        AstAccountSetVar $
+        AstAccountSubscribeContext $
+        AstAccountTransport $
+        AstAccountType $
+        AstAccountUserAgent $
+        AstAccountVideoSupport
    )
    )
 #
@ -734,3 +807,29 @@ olcObjectClasses: ( AsteriskVoiceMail
    )
    )
 #
+olcObjectClasses: ( AsteriskDialplan
+    NAME 'AsteriskDialplan'
+    DESC 'Asterisk Dialplan Information'
+    SUP top STRUCTURAL
+    MUST ( 
+    AstExtension
+    )
+    )
+#
+olcObjectClasses: ( AsteriskAccount
+    NAME 'AsteriskAccount'
+    DESC 'Asterisk Account Information'
+    SUP top STRUCTURAL
+    MUST ( 
+    AstAccountName
+    )
+    )
+#
+olcObjectClasses: ( AsteriskMailbox
+    NAME 'AsteriskMailbox'
+    DESC 'Asterisk Mailbox Information'
+    SUP top STRUCTURAL
+    MUST (
+    AstVoicemailMailbox
+    )
+    )