1. User's Guide
  2. LDAP Client Configuration
  3. Configure LDAP Server Access

Configure LDAP Server Access

Use the following procedure to configure the Oracle Enterprise Communications Broker (OECB) to access one or more LDAP servers.

  1. Access the LDAP Configuration object.
    Configuration tab, System Administration section, LDAP, LDAP Config.
  2. On the LDAP config page, click the Add button and do the following:
    Name Description
    State Select to enable the LDAP configuration.
    LDAP Servers Enter one or more IP addresses and optionally the port numbers for each LDAP Server that you want to add to the LDAP configuration.

    The first server listed is considered the primary LDAP Server, and the remaining servers are considered the secondary LDAP Servers. The HUNT strategy is used to determine the active LDAP Server. Default ports: 389 (for LDAP over TCP) and 636 (LDAP over TLS). IP Address must be entered in dotted decimal format (0.0.0.0). Default is blank.
    Realm Enter the name of the realm to receive requests on. Default: ecb.
    Username Enter the username that the LDAP bind request uses for authentication before access is granted to the LDAP Server. Valid values are alpha-numeric characters. Default: blank.
    Password Enter the password to pair with the username attribute, that the LDAP bind request uses for authentication before access is granted to the LDAP Server. Valid values are alpha-numeric characters. Default: blank.
    LDAP SearchBbase Enter the base Directory Number you can use for LDAP search requests. Valid values are alpha-numeric characters. Default is blank.
    Timeout Limit Enter the maximum amount of time, in seconds, for which the OECB waits for LDAP requests from the LDAP server before timing out. When an LDAP response is not received from the LDAP server within the time specified, the request is retried again based on the max-request-timeouts parameter value. Default: 15. Valid values:1 to 300 seconds.
    Max Request Timeouts Enter the maximum number of times that the LDAP Server is sent LDAP requests before the OECB determines that the server is unreachable and terminates the TCP/TLS connection. When an LDAP response is not received within the time specified for the timeout-limit parameter value, the request is retried the number of times specified for this max-request-timeouts value. Default: 3. Valid values: 0-10.
    TCP Keepalive Specify whether or not the OECB keeps the TCP connection to the LPAD Server alive. Default: Disabled. Valid values: Enabled | Disabled.
    LDAP Sec Type Select the LDAP security type to use when the OECB accesses the LDAP server. This parameter enables the use of LDAP over TLS (LDAPS). If you set a value for this parameter, you must also specify an LDA TLS Profile value. Default: none Valid values: none (No LDAP security type specified.) | LDAPS (Method of securing LDAP communication using an SSL tunnel. This is denoted in LDAP URLs. The default port for LDAP over SSL is 636.)
    Routing
    • State—Select to enable routing.
    • Route Mode—Select how you want the OECB to order routes. Valid values: match-only | match-first | attribute-order.
    • From Header Replacement—Enter any text you want replaced in the from header.
    • Lookup Queries—Click Add, set the values for lookup, and click OK.
    • The LDAP Servers can have the msRTCSIP and msRTCSIP-OptionFlags.
    Address of Record
    • Lookup Number Attribute—Enter the name of the attribute to query. Default: sAMAccountName.
    • Lookup Number Format Type—Select a type of translation to apply to the number before the query. Default: None: Valid values: None-use the called number as-is. | E164-+14445551234 | E164-No-Plus-14445551234 | No Country code-4445551234 | Pattern Only-use a portion of a matching dial plan | Regular Expression-apply a regular expression.
    • Lookup Number regex pattern—Enter an expression.
    • Lookup Number regex result—Enter the format to create a telephone number or query from values captured in a regular expression.
    • AoR Attribute—Enter the name of an address of record attribute to return from the directory.
    • AoR Extraction Regex—Enter a regular expression to parse the address of record returned from the directory.
    • AoR Value Format—Enter the format to create the address of record from values captured in a regular expression.
    SIP Authentication
    • Username Attribute—Set the name of the attribute to query. Default: sAMAccountName.
    • Digest Has Attribute—Enter the name of the hash attribute to return from the directory. Default: orclDigestPwdAttribute.
    TLS Profile Select the name of the Transport Layer Security (TLS) profile that the OECB uses when connecting to the LDAP Server. The ldap-sec-type must be set to LDAPS for this profile to apply. Valid values are alpha-numeric characters. Default is blank. See the Oracle ECB Administrator's Guide for instructions on how to create a TLS profile.
  3. Click Back.
  4. Save and activate the configuration.