LDAP Parameters

The Lightweight Directory Access Protocol (LDAP) parameters are described in the table below.

LDAP Parameters

Parameter

Description

'LDAP Service'

configure system > ldap settings > ldap-service

[LDAPServiceEnable]

Enables the LDAP feature.

[0] Disable (default)
[1] Enable

Note: For the parameter to take effect, a device restart is required.

'LDAP Authentication Filter'

configure system > ldap settings > auth-filter

[LDAPAuthFilter]

Defines the LDAP search filter attribute for searching the login username in the directory's subtree for LDAP-based user authentication and authorization.

You must use the dollar ($) sign to represent the username. For example, if you configure the parameter to "(sAMAccountName=$)" and the user logs in with the username "SueM", the LDAP query is run for sAMAccountName=SueM.

Note: The number of characters of the parameter's value plus the length of the login username can't exceed 255. If the length exceeds this maximum, the device sends an error message to syslog.

'Use LDAP for Web > Telnet Login'

configure system > ldap settings > enable-mgmt-login

[MgmtLDAPLogin]

Enables LDAP-based management-user login authentication and authorization.

[0] Disable (default)
[1] Enable

Note: For the parameter to take effect, a device restart is required.

[LDAPDebugMode]

Determines whether to enable the LDAP task debug messages. This is used for providing debug information regarding LDAP tasks.

The valid value range is 0 to 3. The default is 0.

'LDAP Numeric Attributes'

ldap-numeric-attr

[LDAPNumericAttributes]

Defines up to five LDAP Attributes (separated by commas) for which the device uses for LDAP query searches in the AD for numbers that may have characters between the digits.

For more information, see Enabling LDAP Searches for Numbers with Characters.

'LDAP OCS Number Attribute Name'

configure voip > sip-definition settings > ldap-ocs-nm-attr

[MSLDAPOCSNumAttributeName]

Defines the name of the attribute that represents the user's Skype for Business number in the Microsoft AD database.

The valid value is a string of up to 49 characters. The default is "msRTCSIP-Line".

LDAP PBX Number Attribute Name

configure voip > sip-definition settings > ldap-pbx-nm-attr

[MSLDAPPBXNumAttributeName]

Defines the name of the attribute that represents the user PBX number in the Microsoft AD database.

The valid value is a string of up to 49 characters. The default is "telephoneNumber".

LDAP MOBILE Number Attribute Name

configure voip > sip-definition settings > ldap-mobile-nm-attr

[MSLDAPMobileNumAttributeName]

Defines the name of the attribute that represents the user Mobile number in the Microsoft AD database.

The valid value is a string of up to 49 characters. The default is "mobile".

LDAP PRIVATE Number Attribute Name

configure voip > sip-definition settings > ldap-private-nm-attr

[MSLDAPPrivateNumAttributeName]

Defines the name of the attribute that represents the user's private number in the AD. If this value equals the value of the MSLDAPPrimaryKey or MSLDAPSecondaryKey parameter, then the device queries the AD for the destination number in this private attribute name; otherwise, the parameter is not used as a search key.

The default is "msRTCSIP-PrivateLine".

'LDAP DISPLAY Name Attribute Name'

configure voip > sip-definition settings > ldap-display-nm-attr

[MSLDAPDisplayNameAttributeName]

Defines the attribute name that represents the Calling Name in the AD for LDAP queries based on calling number.

The valid value is a string of up to 49 characters. The default is "displayName".

LDAP Primary Key

configure voip > sip-definition settings > ldap-primary-key

[MSLDAPPrimaryKey]

Defines the name of the attribute used as a query search key for the destination number in the AD. This is used instead of the "PBX" attribute name (configured by the MSLDAPPBXNumAttributeName parameter).

The default is not configured.

LDAP Secondary Key

configure voip > sip-definition settings > ldap-secondary-key

[MSLDAPSecondaryKey]

Defines the name of the attribute used as the second query search key for the destination number in the AD, if the primary search key or PBX search is not found.

'LDAP Cache Service'

configure system > ldap settings > ldap-cache-enable

[LDAPCacheEnable]

Enables the LDAP cache service.

[0] Disable (default)
[1] Enable

Note:

For the parameter to take effect, a device restart is required.
For more information on LDAP caching, see Configuring the Device's LDAP Cache.