PBX GUI

For this demonstration we are using the OpenLDAP Server provided by zFlex http://www.zflexsoftware.com/index.php/pages/free-online-ldap

1 Step-By-Step
- 1.1 Directory Settings
- 1.2 Operational Settings
- 1.3 User Configuration
- 1.4 Group Configuration
2 Manual Syncing
3 Troubleshooting
- 3.1 Using a directory browser
- 3.2 Using the PBX CLI
  - 3.2.1 List Directories
  - 3.2.2 Sync all directories
  - 3.2.3 Force Sync all directories
  - 3.2.4 Force sync a single directory with verbose logging

Step-By-Step

On the zFlex page (http://www.zflexsoftware.com/index.php/pages/free-online-ldap ) the setup parameters are detailed as so

Additionally three users have defined passwords so we will be using the OU of guests for our setup.

Our setup configuration is as follows:

Directory Settings

Operational Settings

User Configuration

Group Configuration

Manual Syncing

Manual Syncing can be preformed by running the following command

[root@freepbxdev4 framework]# fwconsole userman --syncall --force
Directory 'PBX Internal Directory' does not support syncing
Starting Sync on directory 'Markham Blade AD'...
Finished
Starting Sync on directory 'zflex server'...
Finished

Troubleshooting

Using a directory browser

An LDAP directory browser is a great way to get a visual overview of your directory. Directory browsers can also be used to check authentication. Apache Directory Studio was used in the development of OpenLDAP in User Manager.

Welcome to Apache Directory Studio — Apache Directory

Using the PBX CLI

You can troubleshoot User Manager Active Directory syncing by running from the CLI with a few options

[root@freepbxdev4 framework]# fwconsole userman --help
 ______             _____  ______   __
|  ____|           |  __ \|  _ \ \ / /
| |__ _ __ ___  ___| |__) | |_) \ V /
|  __| '__/ _ \/ _ \  ___/|  _ < > <
| |  | | |  __/  __/ |    | |_) / . \
|_|  |_|  \___|\___|_|    |____/_/ \_\
Usage:
  userman [options]
 
Options:
      --syncall         Syncronize all directories
      --sync=SYNC       Syncronize a single directory by id (obtained from --list)
      --force           Force syncronization
      --list            List directories
  -h, --help            Display this help message
  -q, --quiet           Do not output any message
  -V, --version         Display this application version
      --ansi            Force ANSI output
      --no-ansi         Disable ANSI output
  -n, --no-interaction  Do not ask any interactive question
  -v|vv|vvv, --verbose  Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
 
Help:
  User Manager

List Directories

[root@freepbxdev4 framework]# fwconsole userman --list
+----+------------------------+
| ID | Name                   |
+----+------------------------+
| 9  | PBX Internal Directory |
| 2  | Markham Blade AD       |
| 3  | zflex server           |
+----+------------------------+

Sync all directories

[root@freepbxdev4 framework]# fwconsole userman --syncall
Directory 'PBX Internal Directory' does not support syncing
Not syncing directory for another 5598 seconds
Not syncing directory for another 1998 seconds

Force Sync all directories

[root@freepbxdev4 framework]# fwconsole userman --syncall --force
Directory 'PBX Internal Directory' does not support syncing
Starting Sync on directory 'Markham Blade AD'...
Finished
Starting Sync on directory 'zflex server'...
Finished

Force sync a single directory with verbose logging

This will then return exactly what user manager is doing while syncing.

For certain queries an ldapsearch statement will be returned. You can copy and paste this command and run it locally to see what is returned on the search using the filters you supplied in setup

[root@freepbxdev4 ~]# fwconsole userman --sync 3 --force --verbose
Starting Sync on directory 'zflex server'...
 
Updating All Users
    ldapsearch -w zflexpass -h www.zflexldap.com -p 389  "cn=ro_admin,ou=sysadmins,dc=zflexsoftware,dc=com" -b "ou=users,ou=guests,dc=zflexsoftware,dc=com" -s sub "(objectclass=inetorgperson)" "ibm-entryuuid=*" ibm-entryuuid
    Retrieving all users...
    Got 29 users
        Updating guestzameer17
        Updating guestzameer19
        Updating guestzameer16
        Updating guestzameer15
        Updating guestzameer12
        Updating guestzameer13
        Updating guestzameer20
        Updating guestzameer21
        Updating guestzameer25
        Updating guest11
        Updating guestzameer24
        Updating guestzameer23
        Updating guestzameer22
        Updating guestzameer11
        Updating guestzameer10
        Updating pham_Khanh2
        Updating guestzameer
        Updating pham_Khanh1
        Updating pham_Khanh
        Updating guest2
        Updating guest3
        Updating guestzameer1
        Updating guestzameer2
        Updating guestzameer7
        Updating guestzameer8
        Updating guestzameer5
        Updating guestzameer4
        Updating guestzameer3
        Updating guest1
Updating All Groups
    ldapsearch -w zflexpass -h www.zflexldap.com -p 389  "cn=ro_admin,ou=sysadmins,dc=zflexsoftware,dc=com" -b "ou=group,ou=guests,dc=zflexsoftware,dc=com" -s sub "(objectclass=groupofnames)"
    Retrieving all groups...
    Got 4 groups
    Working on testGROUP
            Adding guest3 to group
            Adding guest2 to group
            Adding guest1 to group
        Updating testGROUP
    Working on deptGRP3
            Adding guest3 to group
            Adding guest2 to group
            Adding guest1 to group
        Updating deptGRP3
    Working on deptGRP2
            Adding guest1 to group
            Adding guest2 to group
            Adding guest3 to group
        Updating deptGRP2
    Working on deptGRP1
            Adding guest1 to group
            Adding guest3 to group
            Adding guest2 to group
        Updating deptGRP1
Finished adding users from non-primary groups
Updating Primary Groups
    User guestzameer17 missing gidnumber attribute. Cant determine primary group
    User guestzameer19 missing gidnumber attribute. Cant determine primary group
    User guestzameer16 missing gidnumber attribute. Cant determine primary group
    User guestzameer15 missing gidnumber attribute. Cant determine primary group
    User guestzameer12 missing gidnumber attribute. Cant determine primary group
    User guestzameer13 missing gidnumber attribute. Cant determine primary group
    User guestzameer20 missing gidnumber attribute. Cant determine primary group
    User guestzameer21 missing gidnumber attribute. Cant determine primary group
    User guestzameer25 missing gidnumber attribute. Cant determine primary group
    User guest11 missing gidnumber attribute. Cant determine primary group
    User guestzameer24 missing gidnumber attribute. Cant determine primary group
    User guestzameer23 missing gidnumber attribute. Cant determine primary group
    User guestzameer22 missing gidnumber attribute. Cant determine primary group
    User guestzameer11 missing gidnumber attribute. Cant determine primary group
    User guestzameer10 missing gidnumber attribute. Cant determine primary group
    User pham_Khanh2 missing gidnumber attribute. Cant determine primary group
    User guestzameer missing gidnumber attribute. Cant determine primary group
    User pham_Khanh1 missing gidnumber attribute. Cant determine primary group
    User pham_Khanh missing gidnumber attribute. Cant determine primary group
    User guest2 missing gidnumber attribute. Cant determine primary group
    User guest3 missing gidnumber attribute. Cant determine primary group
    User guestzameer1 missing gidnumber attribute. Cant determine primary group
    User guestzameer2 missing gidnumber attribute. Cant determine primary group
    User guestzameer7 missing gidnumber attribute. Cant determine primary group
    User guestzameer8 missing gidnumber attribute. Cant determine primary group
    User guestzameer5 missing gidnumber attribute. Cant determine primary group
    User guestzameer4 missing gidnumber attribute. Cant determine primary group
    User guestzameer3 missing gidnumber attribute. Cant determine primary group
    User guest1 missing gidnumber attribute. Cant determine primary group
Executing User Manager Hooks
    Updating User guestzameer17...done
    Updating User guestzameer19...done
    Updating User guestzameer16...done
    Updating User guestzameer15...done
    Updating User guestzameer12...done
    Updating User guestzameer13...done
    Updating User guestzameer20...done
    Updating User guestzameer21...done
    Updating User guestzameer25...done
    Updating User guest11...done
    Updating User guestzameer24...done
    Updating User guestzameer23...done
    Updating User guestzameer22...done
    Updating User guestzameer11...done
    Updating User guestzameer10...done
    Updating User pham_Khanh2...done
    Updating User guestzameer...done
    Updating User pham_Khanh1...done
    Updating User pham_Khanh...done
    Updating User guest2...done
    Updating User guest3...done
    Updating User guestzameer1...done
    Updating User guestzameer2...done
    Updating User guestzameer7...done
    Updating User guestzameer8...done
    Updating User guestzameer5...done
    Updating User guestzameer4...done
    Updating User guestzameer3...done
    Updating User guest1...done
    Updating Group testGROUP...done
    Updating Group deptGRP3...done
    Updating Group deptGRP2...done
    Updating Group deptGRP1...done
Finished

PBX GUI - How to Authenticate User Manager via OpenLDAP

Analytics