LDAP Parameters

Enables the LDAP feature.

Note: For the parameter to take effect, a device restart is required.

Defines the LDAP search filter attribute for searching the login username in the directory's subtree for LDAP-based user authentication and authorization.

You must use the dollar ($) sign to represent the username. For example, if you configure the parameter to "(sAMAccountName=$)" and the user logs in with the username "SueM", the LDAP query is run for sAMAccountName=SueM.

Note: The number of characters of the parameter's value plus the length of the login username can't exceed 255. If the length exceeds this maximum, the device sends an error message to syslog.

Enables LDAP-based management-user login authentication and authorization.

Note: For the parameter to take effect, a device restart is required.

Determines whether to enable the LDAP task debug messages. This is used for providing debug information regarding LDAP tasks.

The valid value range is 0 to 3. The default is 0.

Defines up to five LDAP Attributes (separated by commas) for which the device uses for LDAP query searches in the AD for numbers that may have characters between the digits.

For more information, see Enabling LDAP Searches for Numbers with Characters.

Defines the name of the attribute that represents the user's Skype for Business number in the Microsoft AD database.

The valid value is a string of up to 49 characters. The default is "msRTCSIP-Line".

Defines the name of the attribute that represents the user PBX number in the Microsoft AD database.

The valid value is a string of up to 49 characters. The default is "telephoneNumber".

Defines the name of the attribute that represents the user Mobile number in the Microsoft AD database.

The valid value is a string of up to 49 characters. The default is "mobile".

Defines the name of the attribute that represents the user's private number in the AD. If this value equals the value of the MSLDAPPrimaryKey or MSLDAPSecondaryKey parameter, then the device queries the AD for the destination number in this private attribute name; otherwise, the parameter is not used as a search key.

The default is "msRTCSIP-PrivateLine".

Defines the attribute name that represents the Calling Name in the AD for LDAP queries based on calling number.

The valid value is a string of up to 49 characters. The default is "displayName".

Defines the name of the attribute used as a query search key for the destination number in the AD. This is used instead of the "PBX" attribute name (configured by the MSLDAPPBXNumAttributeName parameter).

The default is not configured.

Defines the name of the attribute used as the second query search key for the destination number in the AD, if the primary search key or PBX search is not found.