Lam asterisk plugin
Lam Asterisk Plugin
This is english version of help for LamAsteriskPLugin. All english corrections are greeted.
This plugin give posibility to easly mange asterisk SIP accounts and extensions, that stored in LDAP.
First of all, you have to compile asterisk with ldap support. The version of asterisk must be at least 1.6 for support for ldap realtime driver. In this satate the plugin can work only with SIP asterisk accounts so all examples that provided below related with sip accounts managment. For configuring asterisk several files had to be edited. First is res_ldap.conf. This file provide base settings for connection to LDAP, and provide mapping between Asterisk and ldap preferences. Here is example:
[_general] ; ; Specify one of either host and port OR url. URL is preferred, as you can ; use more options. url=ldap://youre_host.org:389 ;protocol=3 ; Version of the LDAP protocol to use; default is 3. basedn=dc=dc=youre_domain,dc=ru ; Bind DN user=cn=youre_user,dc=youre_domain,dc=ru pass=youre_pass ; Bind password ; Configuration Table [config] ; ; additionalFilter - This specifies an additional set of criteria to be used ; when querying the LDAP server. ; additionalFilter=(objectClass=AstConfig) ; ; Attributes mapping (asterisk variable name = ldap attribute name) ; When Asterisk requests the variable by the name of the value on the left, ; this module will look up the attribute listed on the right. ; filename = AstConfigFilename category = AstConfigCategory variable_name = AstConfigVariableName variable_value = AstConfigVariableValue cat_metric = AstConfigCategoryMetric commented = AstConfigCommented [extensions] context = AstContext exten = AstExtension priority = AstPriority app = AstApplication appdata = AstApplicationData additionalFilter=(objectClass=AsteriskExtension) [sip] ;name = uid ;это я изменил для новой инсталяции name = uid amaflags = AstAccountAMAFlags callgroup = AstAccountCallGroup callerid = AstAccountCallerID canreinvite = AstAccountCanReinvite context = AstAccountContext dtmfmode = AstAccountDTMFMode fromuser = AstAccountFromUser fromdomain = AstAccountFromDomain fullcontact = AstAccountFullContact ;fullcontact = gecos host = AstAccountHost insecure = AstAccountInsecure mailbox = AstAccountMailbox md5secret = AstAccountRealmedPassword nat = AstAccountNAT deny = AstAccountDeny permit = AstAccountPermit pickupgroup = AstAccountPickupGroup port = AstAccountPort qualify = AstAccountQualify restrictcid = AstAccountRestrictCID rtptimeout = AstAccountRTPTimeout rtpholdtimeout = AstAccountRTPHoldTimeout type = AstAccountType disallow = AstAccountDisallowedCodec allow = AstAccountAllowedCodec MusicOnHold = AstAccountMusicOnHold regseconds = AstAccountExpirationTimestamp regcontext = AstAccountRegistrationContext regexten = AstAccountRegistrationExten CanCallForward = AstAccountCanCallForward ipaddr = AstAccountIPAddress defaultuser = AstAccountDefaultUser regserver = AstAccountRegistrationServer additionalFilter=(objectClass=AsteriskSIPUser) useragent=AstAccountMailbox lastms=AstAccountLastQualifyMilliseconds
Pay attantion for mapping of asterisk attrs in this file, values by default dont't work. Second file to edit is extconfig.conf, where you have to add informatin to asterisk where it can find youre user, peers and extensions in LDAP.
sipusers => ldap,"ou=users,dc=youre_domain,dc=ru",sip sippeers => ldap,"ou=users,dc=youre_domain,dc=ru",sip extensions => ldap,"ou=extensions,dc=youre_domain,dc=ru",extensions
Then edit extensions.conf, and add somthing like this:
[default] switch => Realtime/@
Or more complicated example (!!!Note then you add data in LAM plugin, context must be users or demo, but not default!!!)
[users] switch => Realtime/@ ; [demo] switch => Realtime/@ ; [default] include => users include => demo
In this example we add rules for context users, demo, and default. Derective Realtime/@ meens that rules will be getted from LDAP.
Then you can add asterisk data to LDAP tree.
Now it's time to do some changes in LDAP access lists:
access to dn.subtree="ou=extensions,ou=you_ou,dc=you_domain,dc=org" attrs=AstApplication,AstApplicationData,AstPriority by group.exact="cn=ldap_admins,ou=groups,ou=you_ou,dc=you_domain,dc=org" write by dnattr=member write by users read by * none
access to dn.subtree="ou=users,ou=you_ou,dc=you_domain,dc=org"attrs=AstAccountCallerID,AstAccountContext,AstAccountHost,AstAccountRealmedPassword,AstAccountPort,AstAccountMailbox,AstAccountLastQualifyMilliseconds,AstAccountIPAddress,AstAccountExpirationTimestamp,AstAccountDefaultUser,AstAccountUserAgent by dn="uid=asterisk,ou=some_accounts,ou=you_ou,dc=you_domain,dc=org" write by group.exact="cn=some_ldap_admin,ou=groups,ou=you_ou,dc=you_domain,dc=org" write by users read by * none
This will allow the asterisk user to modify relevant to Asterisk fileds in users entries and also allow owners of extensions (members of group that present the extension account) to modify some necessary attributes/
!!! Now main version of plugin available directly from LAM Relise for testers. And this topic is only for development version. You can safley avoid it.
Plugin available via subversion. To get it use
svn co https://svn.dvo.ru/LAMAsteriskPlugin/ user: guest password: guest
After that you will have several files in the LAMAsteriskPlugin directory
asteriskAccounts.inc astExtensionAccountType.png asteriskExtension.inc default.astExtensionAccountType astExtensionAccountType.inc
Let assume that $(LAM)="youre_LAM_installation_directory" To get plugin work put files in this manear:
cd LAMAsteriskPlugin cp asteriskAccounts.inc $(LAM)/lib/modules/ cp astExtensionAccountType.png $(LAM)/graphics/ cp asteriskExtension.inc $(LAM)/lib/modules/ cp default.astExtensionAccountType $(LAM)/config/profiles/ cp astExtensionAccountType.inc $(LAM)/lib/types/
When files are installed modules need to be configure via LAM interface. In profiles configuration page you have to add Asterisk Extensions to list of active types and set ldap suffix for store extensions.
Asterisk Extensions: Asterisk Extensions entries LDAP suffix ou=extensions,ou=youre_subdivision,dc=youre_domain,dc=org Attributes list #cn;#AstExtension;#AstPriority
Also for add asterisk account entries to youre exist account (or for create accounts with unix, samba and asterisk entries), activate users account type. And if it's necessory you can add AstAccountCallerID to list of attributes, thet will be displayed in main page.
Users (e.g. Unix, Samba и Kolab) LDAP suffix ou=users,ou=youre_subdivision,dc=youre_domain,dc=org Attributes list #uid;#givenName;#sn;#uidNumber;#gidNumber;#AstAccountCallerID
After adding types, you have to add modules asteriskAccount into users category and asteriskExtension into Asterisk extensions. For do this go to the Account types and Modules tabs in profile configuration page. Now we can check installation by adding test user with asteriskAccount entries and asteriskExtension. For check user asterisk entries type in asterisk console:
sip show peer youre_user load
and read output, or try to fix errors.
This version of plugin now allow such fings as:
- add to user asterisk SIP account entries
- manage asterisk extensions
Simply push button and you will add Asterisk account information into account.
Now you can fill areas by account info. In this version you can only set acount name, context for this acount, and host for this account. For account host prefereble value is default, wich means that user can connect from everywere. Make shure that you context is equal with context that you useing then you configure Asterisk. Note: for facilate you work use profiles.
In extensions configuration page, you can add several propertys for extension. One extension object is like one string in extensions.conf file. Then you need more then one extension for one account, i.e. then you wish to provide sip dial, voicemail, or somthing else, you can simply create more extensions and set in the priority page they priority.
Then you may change extension owners. You mast have atleast one owner, for extension. Now I try to explain the main idea of this fitche. The owner of extension is the person (or simply record in LDAP), who has Asterisk acount object in it's ldap record (In future this may be changed, becouse admin of extensions may not have asterisk account). The main idea is that extension owner can change the extensions records in LDAP. For example admin of extensions can manage sip numbers around groupe of people, change thay priority etc. Enother example is personal use of this fichure. If current user by means of some soft tool can edit ldap records, he can manage extensions thet he own. I.e. then he go home he can swich calls from work phine to cell phone by editing extension priority page. Maybe somewone will write nice tool for this in future :).