Very often a UC infrastructure can be complex due to the number of objects requiring specific configuration. A best practice that I constantly apply, and not only to UC, is to keep configuration information as centralized as possible, and which better repository can there be than Active Directory? Active Directory is certainly the best repository for information for identities where we can find the most common attributes such as names, phone numbers, addresses, etc., but also more specific information such as Skype for Business attributes.
This is the first of a series of posts in which we will see some specific applications of the use of the LDAP integration of Audiocodes SBCs.
In this post we will see how LDAP integration is activated and configured.
First of all it’s necessary to enable the LDAP service, which by default is disabled: Change to enable:
The activation of the service requires a reboot of the SBC Once the service is activated it is necessary to configure the “LDAP Server Groups”: The settings shown here are the default ones, for more in-depth information on the guide: https://www.audiocodes.com/media/13243/mediant-software-sbc-users-manual-ver-72.pdf It’s important to know the operation of the query and cache mechanism that is applied by Audiocodes.
This flowchart summarizes how it works: Important Notes:
- The LDAP Cache feature is applicable only to LDAP-based SIP queries (Control).
- The maximum LDAP cache size is 20,000 entries.
- The device can save up to six LDAP Attributes in the cache per searched LDAP key.
- The device also saves in the cache queried Attributes that do not have any values in the LDAP server
Now it is necessary to define the LDAP source to be queried. In my specific case the LDAP source is Active Directory, for which I set as “LDAP Server IP”, the IP address of a Domain Controller, using the credentials of a specific user to execute AD queries: When the configuration is confirmed with the “apply” button, the LDAP connection is established and “LDAP CONNECTED” must appear in the “Server Connection Status” field:
In the details of the LDAP Server we must add the LDAP Server Search Base DN:
At this point the LDAP service is configured and the LDAP source is available to run queries. In the next posts we will see some practical applications of LDAP integration.