Maxim, what all needs to be done for the SIP stuff?
I would spend some time in this, as we have some use cases for it. So at least I can setup an asterisks for testing purpose. Do you see a realistic chance to get this working in the next weeks? I read on the older version it was working, so maybe there is not too much to do. I´m not asterisk expert, but at least I have used it in some areas. Gerald Von: Maxim Solodovnik [mailto:solomax...@gmail.com] Gesendet: Mittwoch, 15. April 2020 16:58 An: Openmeetings user-list <user@openmeetings.apache.org> Betreff: Re: Can not use LDAP-Sync with Microsoft Active Directory congrats :) On Wed, 15 Apr 2020 at 21:53, Rohrbach, Gerald <g.rohrb...@funkegruppe.de<mailto:g.rohrb...@funkegruppe.de>> wrote: Under administration you can set the default language to German… This helped us. Gerald Von: Mathias Kocks [mailto:ko...@labmed.de<mailto:ko...@labmed.de>] Gesendet: Mittwoch, 15. April 2020 16:51 An: user@openmeetings.apache.org<mailto:user@openmeetings.apache.org> Betreff: AW: Can not use LDAP-Sync with Microsoft Active Directory Got it. This configuration runs with our Active Directory: ldap_server_type=AD ldap_conn_host=dc2.labmed.de<http://dc2.labmed.de> ldap_conn_port=389 ldap_conn_secure=false ldap_admin_dn=CN=Some Username with blanks,OU=User,OU=EDV,OU=labmed,DC=labmed,DC=de ldap_passwd=SuperSecretPassword ldap_search_base=DC=labmed,DC=de ldap_search_query=(userprincipalname=%s) ldap_search_scope= SUBTREE ldap_auth_type=SEARCHANDBIND ldap_deref_mode=never ldap_userdn_format=%s ldap_provisionning=AUTOCREATE ldap_use_admin_to_get_attrs=false ldap_sync_password_to_om=true ldap_sync_attr_lastname=sn ldap_user_attr_firstname=givenName ldap_user_attr_mail=mail ldap_user_attr_zip=postalCode ldap_user_attr_country=c ldap_user_attr_phone=telephoneNumber #ldap_use_lower_case=false The only thing that bothers me is, that we do not have an flag for language in our AD, so every new user in OpenMeetings is english by default... Mit freundlichen Grüßen Mathias Kocks Teamleitung IT-Infrastruktur Zertifizierter Information Security Officer ISO 27001 (TÜV Süd) Überörtliche Berufsausübungsgemeinschaft Medizinisches Versorgungszentrum Dr. Eberhard & Partner Dortmund MVZ-Haus 3: Balkenstr. 12-14 44137 Dortmund, Germany Tel.: +49 231 9572 7158 Fax.: +49 231 9572 18 159 E-Mail: ko...@labmed.de<mailto:ko...@labmed.de> Web: https://www.labmed.de<https://www.labmed.de/> Von: Maxim Solodovnik <solomax...@gmail.com<mailto:solomax...@gmail.com>> Gesendet: Mittwoch, 15. April 2020 16:28 An: Openmeetings user-list <user@openmeetings.apache.org<mailto:user@openmeetings.apache.org>> Betreff: Re: Can not use LDAP-Sync with Microsoft Active Directory will answer here `%s` mean put passed parameter to this place as string full options are here https://docs.oracle.com/javase/7/docs/api/java/util/Formatter.html On Wed, 15 Apr 2020 at 19:37, Rohrbach, Gerald <g.rohrb...@funkegruppe.de<mailto:g.rohrb...@funkegruppe.de>> wrote: This is working…. I would not use an DomainAdmin account for query. It can be a simple restricted user… Maxim pointed already to a link, the debug mode is helpful… ldap_conn_host=DESVR-AD01.mydomain.de<http://DESVR-AD01.mydomain.de> ldap_conn_port=389 ldap_conn_secure=false ldap_admin_dn=CN=ldapopenmeetings,OU=Users-Service-Accounts,DC=mydomain,DC=de ldap_passwd=#password# ldap_search_base=DC=mydomain,DC=de ldap_search_query=(userPrincipalName=%s) ldap_search_scope=SUBTREE ldap_auth_type=SEARCHANDBIND ldap_userdn_format=userPrincipalName=%s,CN=Users,DC=mydomain,DC=de ldap_provisionning=AUTOCREATE ldap_deref_mode=always ldap_use_admin_to_get_attrs=true ldap_sync_password_to_om=true ldap_group_mode=NONE ldap_group_query=(&(memberUid=%s)(objectClass=posixGroup)) # Ldap user attributes mapping # Set the following internal OM user attributes to their corresponding Ldap-attribute ldap_user_attr_login=sAMAccountName ldap_user_attr_lastname=sn ldap_user_attr_firstname=givenName ldap_user_attr_mail=mail ldap_user_attr_street=streetAddress ldap_user_attr_additionalname=description ldap_user_attr_fax=facsimileTelephoneNumber ldap_user_attr_zip=postalCode ldap_user_attr_country=c ldap_user_attr_town=l ldap_user_attr_phone=telephoneNumber ldap_group_attr=memberOf ldap_use_lower_case=false # Ldap import query, this query should retrieve all LDAP users ldap_import_query=(objectClass=inetOrgPerson) Dortmund is not far away… Regards Gerald Von: Mathias Kocks [mailto:ko...@labmed.de<mailto:ko...@labmed.de>] Gesendet: Mittwoch, 15. April 2020 14:06 An: user@openmeetings.apache.org<mailto:user@openmeetings.apache.org> Betreff: Can not use LDAP-Sync with Microsoft Active Directory Hello, i am new to this project and a have a problem with the LDAP-Sync. I even can not find any good documentations... My problem is, that slapd does not find any user in my AD. I am not even shure, if it is searching for real. I found in the mailing list archive some example configs, but they does not work for me. I found this one: #LDAP URL ldap_conn_host=LDAP_server.Company.com<http://LDAP_server.Company.com> ldap_conn_port=636 ldap_conn_secure=true # Login distinguished name (DN) for Authentication on LDAP Server # Use full qualified LDAP DN ldap_admin_dn=CN=ldapauth,OU=Users,DC=Company,DC=com # Loginpass for Authentication on LDAP Server ldap_passwd=ldapauthpasswd # base to search for userdata(of user, that wants to login) ldap_search_base=OU=Users,DC=Company,DC=com #ldap_search_base=DC=Company,DC=com # Fieldnames (can differ between Ldap servers) ldap_search_query=(&(objectCategory=person)(objectClass=person)(sAMAccountName=%1$s)) #ldap_search_query=(sAMAccountName=%s) #ldap_search_query=(CN=%s) # the scope of the search might be: OBJECT, ONELEVEL, SUBTREE ldap_search_scope=SUBTREE # Ldap auth type(NONE, SEARCHANDBIND, SIMPLEBIND) ldap_auth_type=SEARCHANDBIND # userDN format, will be used to bind if ldap_auth_type=SIMPLEBIND ldap_userdn_format=sAMAccountName=%s,OU=Users,DC=beuth-hochschule.de<http://beuth-hochschule.de>,DC=com #ldap_userdn_format=sAMAccountName=%s,DC=Company,DC=com #ldap_userdn_format=CN=%s,OU=Users,DC=Company,DC=com #ldap_userdn_format=CN=%s,DC=Company,DC=com # Ldap-password synchronization to OM DB ldap_sync_password_to_om=false # Ldap user attributes mapping # Set the following internal OM user attributes to their corresponding Ldap-attribute ldap_user_attr_lastname=sn But even after i changed it to my AD and tried several changes, no users were found. My actual config: ldap_server_type=AD ldap_conn_host=dc2.labmed.de<http://dc2.labmed.de> ldap_conn_port=389 ldap_conn_secure=false ldap_admin_dn=CN=Administrator,CN=Users,DC=labmed,DC=de ldap_passwd=SuperSecretPassword ldap_search_base=OU=labmed,DC=labmed,DC=de #ldap_search_query=(&(objectCategory=*)(objectClass=*)(sAMAccountName=%s)) ldap_search_query=(sAMAccountName=%s) ldap_search_scope= SUBTREE ldap_auth_type=SEARCHANDBIND ldap_deref_mode=never ldap_userdn_format=sAMAccountName=%s,DC=labmed,DC=de ldap_provisionning=NONE ldap_use_admin_to_get_attrs=true ldap_sync_password_to_om=false ldap_sync_attr_lastname=sn ldap_user_attr_firstname=givenName ldap_user_attr_mail=mail ldap_user_attr_street=streetAddress ldap_user_attr_additionalname=description ldap_user_attr_fax=facsimileTelephoneNumber ldap_user_attr_zip=postalCode ldap_user_attr_country=co ldap_user_attr_town=l ldap_user_attr_phone=telephoneNumber ldap_use_lower_case=false It is the second day by now were i am bursting by happyness.... Mit freundlichen Grüßen Mathias Kocks Teamleitung IT-Infrastruktur Zertifizierter Information Security Officer ISO 27001 (TÜV Süd) Überörtliche Berufsausübungsgemeinschaft Medizinisches Versorgungszentrum Dr. Eberhard & Partner Dortmund MVZ-Haus 3: Balkenstr. 12-14 44137 Dortmund, Germany Tel.: +49 231 9572 7158 Fax.: +49 231 9572 18 159 E-Mail: ko...@labmed.de<mailto:ko...@labmed.de> Web: https://www.labmed.de<https://www.labmed.de/> -- Best regards, Maxim -- Best regards, Maxim
