GRANDSTREAM GRP26XX Carrier Grade IP Phones User Manual
- June 17, 2024
- GRANDSTREAM
Table of Contents
Grandstream Networks, Inc.
GRP26XX Carrier-Grade IP Phones
LDAP Configuration Guide
INTRODUCTION
LDAP (Lightweight Directory Access Protocol) is a client/server protocol used
to access and manage directory information over Internet Protocol, the core
LDAP specifications are defined in RFC4511.
Just as a Database Management System is used to process queries and updates to
a database, an LDAP server behave the same way. In other words, an LDAP
information directory is a type of database, unlike databases that are
designed for processing hundreds or thousands of changes per minute, LDAP
directories are heavily optimized for read performance.
The LDAP information model is based on entries. An entry is a collection of
attributes that has a globallyunique Distinguished Name (DN). The DN is used
to refer to the entry. Each of the entry’s attributes has a type and one or
more values. The types are typically mnemonic strings, like “cn” for Common
Name, or “mail” for Email Address. The syntax of values depends on the
attribute type.
In LDAP directory, entries are arranged in a hierarchical tree-like structure.
Traditionally, this structure reflects geographic and/or organizational
boundaries. Entries representing countries appear at the top of the tree,
followed by entries representing states and national organizations, then
entries representing organizational units, people, printers, documents… Figure
below shows an example of LDAP directory tree.
INSTALLING AND CONFIGURING LDAP SERVER
In this tutorial, we will use “ApacheDirectoryStudio” which is a free LDAP
server.
Installing ApacheDS LDAP Server
Prerequisites
JDK needs to be installed on PC to run ApacheDS, it can be downloaded from the
link: Download JDK
Download and Install ApacheDS
The ApacheDS server software can be downloaded for free from below link:
http://directory.apache.org/studio/download/download-windows.html
- Download the Software from above link.
- Follow the default steps for installation.
- Launch the application.
Below is the user interface :
Configuring ApacheDS
Create New LDAP Connection
-
In Workbench, go to the LDAP Servers tab and click on New Server (If no server is created) then select a Server from the list and click Finish.
-
Once the Server is created, click on Start Button (bottom left) to launch it.
-
In Workbench, go to Connections tab and press “Create New Connection” to bring up the “Network Parameter” window. a) Enter Hostname value with IP address or FQDN of the machine where ApacheDS is installed.
b) The default connection port for LDAP on ApacheDS is 10389.
c) Set Encryption method to “No encryption”.
d) Keep Provider field with default value “Apache Directory LDAP Client API”.
Note: If LDAPS is requested for secure connection, set Port to “10636” (default LDAPS port on
ApacheDS) and Encryption method to “Use SSL encryption(ldaps://)”. -
After filling the fields, click Next, to bring up the “Authentication” window as shown below: a) Choose the Authentication Method desired. In this example, “Simple Authentication”.
b) Enter the Bind DN or user. By default, “uid=admin, ou=system”.
c) Set Bind password. Default password is “secret” -
Click Finish after completing the connection information page.
Add New Entry
At this level our connection with the LDAP server is created successfully,
we can now add users to “dc=example,dc=com” which by default has no entries.
Administrator can create another domain instead of using dc=example,dc=com.
- Under dc=example,dc=com, right click and select New → New Entry
- Select “Create entry from scratch” and click Next.
- Select inetOrgPerson from available object classes, then press Add followed by Next button.
- In the Distinguished Name window, enter a name for UserID. In this example, Grandstream2 is used. Keep Parent and RDN (Relative DN) with default values; in this example, dc=example,dc=com and uid respectively, then click Next button. (Refer to next figure).
- In Attributes window, create contacts and enter their details: First Name (cn) and Last Name (sn). Table 1: Common attributes
Attribute| Description
---|---
cn| Full name of the entry
sn| First Name
gn| Last Name or family name
telephoneNumber| Office phone number
homePhone| Home phone number
mobile| Mobile phone number
Company| Company name
o| Organization name
ou| Organization Unit. Usual department or any sub entity of larger entity - To add new fields for contacts such as Mobile, Email… Press Add New Field button as shown in previous figure and specify the new Attribute type. Press Next to add another attribute or Finish if no more attribute will be added. A summary of contact details will be displayed showing all contact details as illustrated in below figure.
LDAP CLIENT CONFIGURATION
This section shows client configuration associated with previously configured
LDAP server.
GRP26XX Series
LDAP client configuration can be found on the Web GUI under Directory → LDAP.
Configure LDAP client settings as show in below figure: LDAP Client
Parameters
Following table shows LDAP Client parameters on Grandstream products:
Table 2: LDAP Client parameters
| Fields | Description |
|---|---|
| LDAP Protocol | Option to choose secured or non-secured LDAP connection. |
LDAPS (LDAP Secured) uses SSL/TLS to encrypt LDAP traffic.
In this guide:
• LDAP
IP address or FQDN of the LDAP server.
Server Address| IP address or FQDN of the LDAP server.
In this guide:
• 192.168.5.184
Port| Listening port for LDAP connections on the server side.
In this guide:
• 10389
Base DN| Location in the directory where the search is requested to begin.
It narrows the search scope and decreases directory lookup time.
In this guide:
• dc=example, dc=com
User Name| “Username” to bind for querying LDAP servers.
Most LDAP servers allow anonymous binds, in this case, this field can be left
blank.
In this guide:
• Blank (no value to enter)
Password| “Password” to bind for querying LDAP servers.
Most LDAP servers allow anonymous binds, in this case, this field can be left
blank.
In this guide:
• Blank (no value to enter)
LDAP Name Attributes| Name attributes of each record to be returned in the
LDAP search result. This field allows users to configure multiple space
separated name attributes.
In this guide:
• cn sn
LDAP Version| Selects LDAP protocol version to send bind requests. Default is
Version 3.
LDAP Name Filter| Search filter for name lookup. Its format is compliant with
RFC4514.
In this guide:
• (|(cn=%)(sn=%))
LDAP Number Filter| Search filter for number lookup. Its format is compliant
with RFC4514.
In this guide:
• (mobile=%)
LDAP Display Name| Entry information to be shown on phone’s LCD. Up to 3
fields can be displayed.
In this guide:
• sn cn mobile
Max. Hits| Maximum number of results to be returned by the LDAP server.
If set to 0, server will return all search results. The default setting is 50.
Search Timeout| Interval (in seconds) for the server to process the request
and return search results
to the client. The default setting is 30 seconds.
LDAP Lookup| Contact LDAP server to look up number when dialing and receiving
calls.
The default setting is Blank (no selection)
Lookup Display
Name| Entry information when LDAP looks up the name for incoming call or
outgoing call.
This field must be a subset of the LDAP Name Attributes.
In this guide:
• cn sn
LDAP OPERATIONS
After configuring the LDAP server and the device(s), users can search LDAP
contacts, dial using LDAP contacts and display matching name of caller/callee
while receiving/making calls.
Following LDAP operations screenshots are using GRP26xx series, same
operations are available in all models.
LDAP Search
Access LDAP contacts from Phone LCD Menu → Contacts → LDAP Directory. Or for
GRP2614 press the “Phonebook” Button , and type the name or number you’re
searching for as shown below: Match Incoming Call
When receiving a call from a number that exist on our LDAP server the phone
will automatically display the number and name of the callee on the LCD screen
like bellow.
Note: The option “LDAP Lookup” needs to be enabled for “Incoming Call” under
the Web GUI → Directory → LDAP. Making Calls using LDAP Contacts
Users can dial out the LDAP search result contacts by simply selecting the
desired number then pressing “Dial” Softkey.
LDAP Configuration Guide
GRP26XX
https://manual-hub.com/