Merged revisions 292787 via svnmerge from

https://origsvn.digium.com/svn/asterisk/branches/1.8 ................ r292787 | lmadsen | 2010-10-22 16:28:43 -0500 (Fri, 22 Oct 2010) | 21 lines Merged revisions 292786 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.6.2 ........ r292786 | lmadsen | 2010-10-22 16:16:12 -0500 (Fri, 22 Oct 2010) | 13 lines Update the LDIF file for LDAP. The LDIF file asterisk.ldif was quite a bit out of date from the asterisk.ldap-schema file, so I've now updated that to be in sync. The asterisk.ldif file being out of sync was a problem on my systems where I was doing an ldapadd to import the schema into the LDAP database, and the existing file would cause problems and ERROR messages when registering. Additional documention has been added based on feedback in the issue I'm closing. (closes issue #13861) Reported by: scramatte Patches: ldap-update.txt uploaded by lmadsen (license 10) Tested by: lmadsen, jcovert, suretec, rgenthner ........ ................ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@292788 65c4cc65-6c06-0410-ace0-fbb531ad65f3
author: Leif Madsen <leif@leifmadsen.com> 2010-10-22 21:29:20 +0000
committer: Leif Madsen <leif@leifmadsen.com> 2010-10-22 21:29:20 +0000
commit: 8de8e4a11c4b4eece35147071f444c0ecbc0ebcd (patch)
tree: 8941945a5000a8f188449ee97d8f492460e2ff7e /configs
parent: 89a16f9c81cf477d66c5427e483d4f9ff8816c05 (diff)
1 files changed, 27 insertions, 9 deletions
diff --git a/configs/res_ldap.conf.sample b/configs/res_ldap.conf.sample
index ab4e7d911..c49fbf1c3 100644
--- a/configs/res_ldap.conf.sample
+++ b/configs/res_ldap.conf.sample
@@ -22,6 +22,10 @@
 ; ldap.conf file for OpenLDAP clients on your system.
 ; This requires that you have OpenLDAP libraries compiled with TLS support
 
+; *********************************************************************************
+; NOTE: res_ldap.conf should be chmod 600 because it contains the plain-text LDAP
+;       password to an account with WRITE access to the asterisk configuration. 
+; *********************************************************************************
 
 [_general]
 ;
@@ -31,8 +35,8 @@
 ;port=389
 ;url=ldap://ldap3.mydomain.com:3890
 ;protocol=3                          ; Version of the LDAP protocol to use; default is 3.
-;basedn=MyRootDN                     ; Base DN
-;user=MyDN                           ; Bind DN
+;basedn=dc=example,dc=tld            ; Base DN
+;user=cn=asterisk,dc=example,dc=tld  ; Bind DN
 ;pass=MyPassword                     ; Bind password
 
 ; Configuration Table
@@ -69,7 +73,15 @@ additionalFilter=(objectClass=AstExtension)
 ; Sip Users Table
 ;
 [sip]
-name = cn
+name = cn       ; We use the "cn" as the default value for name on the line above
+                ; because objectClass=AsteriskSIPUser does not include a uid as an allowed field
+                ; If your entry combines other objectClasses and uid is available, you may
+                ; prefer to change the line to be name = uid, especially if your LDAP entries
+                ; contain spaces in the cn field.
+                ; You may also find it appropriate to use something completely different.
+                ; This is possible by changing the line above to name = AstAccountName (or whatever you
+                ; prefer).
+                ;
 amaflags = AstAccountAMAFlags
 callgroup = AstAccountCallGroup
 callerid = AstAccountCallerID
@@ -83,8 +95,10 @@ fullcontact = gecos
 host = AstAccountHost
 insecure = AstAccountInsecure
 mailbox = AstAccountMailbox
-md5secret = AstAccountRealmedPassword		; Must be an MD5 hash. Field value can start with
-					; {md5} but it is not required.
+md5secret = AstAccountRealmedPassword           ; Must be an MD5 hash. Field value can start with
+                                                ; {md5} but it is not required.
+                                                ; Generate the password via the md5sum command, e.g.
+                                                ; echo "my_password" | md5sum
 nat = AstAccountNAT
 deny = AstAccountDeny
 permit = AstAccountPermit
@@ -119,8 +133,10 @@ fullcontact = AstAccountFullContact
 fullcontact = gecos
 host = AstAccountHost
 mailbox = AstAccountMailbox
-md5secret = AstAccountRealmedPassword		; Must be an MD5 hash. Field value can start with
-					; {md5} but it is not required.
+md5secret = AstAccountRealmedPassword           ; Must be an MD5 hash. Field value can start with
+                                                ; {md5} but it is not required.
+                                                ; Generate the password via the md5sum command, e.g.
+                                                ; echo "my_password" | md5sum
 deny = AstAccountDeny
 permit = AstAccountPermit
 port = AstAccountPort
@@ -156,8 +172,10 @@ fullcontact = gecos
 host = AstAccountHost
 insecure = AstAccountInsecure
 mailbox = AstAccountMailbox
-md5secret = AstAccountRealmedPassword		; Must be an MD5 hash. Field value can start with
-					; {md5} but it is not required.
+md5secret = AstAccountRealmedPassword           ; Must be an MD5 hash. Field value can start with
+                                                ; {md5} but it is not required.
+                                                ; Generate the password via the md5sum command, e.g.
+                                                ; echo "my_password" | md5sum
 nat = AstAccountNAT
 deny = AstAccountDeny
 permit = AstAccountPermit
author	Leif Madsen <leif@leifmadsen.com>	2010-10-22 21:29:20 +0000
committer	Leif Madsen <leif@leifmadsen.com>	2010-10-22 21:29:20 +0000
commit	8de8e4a11c4b4eece35147071f444c0ecbc0ebcd (patch)
tree	8941945a5000a8f188449ee97d8f492460e2ff7e /configs
parent	89a16f9c81cf477d66c5427e483d4f9ff8816c05 (diff)