How to Authenticate User Manager via OpenLDAP
For this demonstration we are using the OpenLDAP Server provided by zFlex http://www.zflexsoftware.com/index.php/pages/free-online-ldap
Step-By-Step
On the zFlex page (http://www.zflexsoftware.com/index.php/pages/free-online-ldap ) the setup parameters are detailed as so
Additionally three users have defined passwords so we will be using the OU of guests for our setup.
Our setup configuration is as follows:
Directory Settings
Operational Settings
User Configuration
Group Configuration
Manual Syncing
Manual Syncing can be preformed by running the following command
[root@freepbxdev4 framework]# fwconsole userman --syncall --force
Directory 'PBX Internal Directory' does not support syncing
Starting Sync on directory 'Markham Blade AD'...
Finished
Starting Sync on directory 'zflex server'...
Finished |
Troubleshooting
Using a directory browser
An LDAP directory browser is a great way to get a visual overview of your directory. Directory browsers can also be used to check authentication. Apache Directory Studio was used in the development of OpenLDAP in User Manager.
Welcome to Apache Directory Studio — Apache Directory
Using the PBX CLI
You can troubleshoot User Manager Active Directory syncing by running from the CLI with a few options
[root@freepbxdev4 framework]# fwconsole userman --help
______ _____ ______ __
| ____| | __ \| _ \ \ / /
| |__ _ __ ___ ___| |__) | |_) \ V /
| __| '__/ _ \/ _ \ ___/| _ < > <
| | | | | __/ __/ | | |_) / . \
|_| |_| \___|\___|_| |____/_/ \_\
Usage:
userman [options]
Options:
--syncall Syncronize all directories
--sync=SYNC Syncronize a single directory by id (obtained from --list)
--force Force syncronization
--list List directories
-h, --help Display this help message
-q, --quiet Do not output any message
-V, --version Display this application version
--ansi Force ANSI output
--no-ansi Disable ANSI output
-n, --no-interaction Do not ask any interactive question
-v|vv|vvv, --verbose Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
Help:
User Manager |
List Directories
[root@freepbxdev4 framework]# fwconsole userman --list
+----+------------------------+
| ID | Name |
+----+------------------------+
| 9 | PBX Internal Directory |
| 2 | Markham Blade AD |
| 3 | zflex server |
+----+------------------------+ |
Sync all directories
Force Sync all directories
Force sync a single directory with verbose logging
This will then return exactly what user manager is doing while syncing.
For certain queries an ldapsearch statement will be returned. You can copy and paste this command and run it locally to see what is returned on the search using the filters you supplied in setup