Re: Filtered proxy to Active Directory

[Dieter Klünter <dieter@dkluenter.de>]

Am Fri, 21 Apr 2017 21:23:05 +0000
schrieb Kamenko Pajic <Kamenko@ucsusa.org>:

> We have Panasonic KX-UTG300B phones (SIP phone) which has LDAP
> Phonebook option. 
> 
>  
> 
> Settings on the phone to make this work are simple: 
> 
>  
> 
> LDAP Server Address:    
> 
> LDAP Server Port:            
> 
> LDAP Authentication ID:
> 
> LDAP Authentication Password:
> 
> LDAP Search Base:
> 
>  
> 
> When I go to LDAP address book on the phone I get thousands of entries
> listing not only users with their phone number but also all other
> entries like resources, empty lines(???), N/A, Distribution lists ..
> Etc. in short probably everything.
> 
>  
> 
> There is no way I can set up a filter to filter users only that have
> phone number set in AD. 
> 
>  
> 
> What I need is LDAP proxy server which will be queried by our phones
> instead of querying AD Server directly and return filtered list
> (example: just entries containing information in  "telephoneNumber"
> attribute)
> 
>  
> 
> Is this possible? I've been trying for weeks now with no success. 
> 
>  
> 
> Please someone, send me sample ldap.conf and slapd.conf configuration
> files

You may create a dynamic list, man slapo-dynlist(5)
An entry example:

dn: cn=telehoneGroup,o=my company
cn: telephoneGroup
objectClass: groupOfURLs
memberURL:
 ldap:///ou=my User,o=my company?telephoneNumber?sub?(objectclass
 =inetorgerson)


-Dieter

-- 
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E