LDAP Based Corporate Directory via Cisco IP Phone Services SDK
Posted by Josh under Cisco , Cisco VOIP , Voice LAB - [8] CommentsIn this tutorial, you will learn how to use the Cisco IP Services SDK to search Microsoft Active Directory without having to integrate Unified Communications Manager with LDAP. This can be useful if you have a multi-tennant environment or if you want to use an existing Active Directory database as an additional directory.
Part 1 (This video is best viewed in HD and Full Screen)
Part 2 (This video is best viewed in HD and Full Screen)
Part 2 (This video is best viewed in HD and Full Screen)
Requirements
Install IIS on a Windows server (if not already installed).
- Go to Start > Control Panel > Add or Remove Programs
- Click ‘Add/Remove Windows Components’
- Double-click ‘Application Server’
- Check ‘Internet Information Services (IIS)’
- Click ‘Ok’
- Click ‘Next’
- Wait for the install to complete and click ‘Finish’
Configure IIS to permit Active Server Pages Web Extension
- Go to ‘Start > All Programs > Administration Tools > IIS Manager’
- Expand the Local Computer and Click on ‘Web Extensions’
- Highlight ‘Active Server Pages’ and Click ‘Allow’
Download and Install the IP Services SDK
- Login to the server with IIS installed.
- Go to http://developer.cisco.com
- Select the ‘IP Phone Services’ API
- Click on the ‘Resources’ link
- Click on the most recent ‘IP Phone Services SDK’ zip file to download
- Save the file to your Desktop or other download area.
- Extract the zip file
- Double-Click the installer executable to install.
- Take the defaults and finish the IP Services Install.
Download and Install Microsoft ADSIEDIT (for LDAP Queries)
- Click Here to download the adsiedit.zip file
- Extract the contents of adsiedit.zip file to c:\windows\system32\
- Go to Start>Run>regsvr32.exe adsiedit.dll
- Go to Start>Run>adsiedit.msc
Modify the sample localizeddirectory.asp file
- Open c:\CiscoIPServices\ASP\LocalizedDirectory\localizeddirectory.asp with wordpad
- Use adsiedit.msc to change the variables
- Change the ldapserver variable.
The name or ip address of your Domain Controller will work.
var ldapserver = "10.10.10.50";
- Change the ldapsearchbase variable.
Use Adsiedit.msc. Navigate to the container or oganization unit that contains your users to be searched. Right click on the CN or OU and select properties. Copy the ‘distinguishedName’ and paste in this variable.
var ldapsearchbase = "OU=Blindhog_Users,DC=blindhog,DC=local";
- Change the ldapport variable.
If you are using Microsoft Active Directory, you will need to change this to 389.
var ldapport = "389";
- Change the ldapuserid variable.
Use adsiedit.msc. Navigate to a user you would like to use to query the ldap database. Right-click on the user and select properties. Copy the ‘distinguishedName’ and paste in this variable. It may also be a good idea to create a user account specifically for this purpose.
var ldapuserid = "CN=ccmadministrator,OU=Blindhog_Users,DC=blindhog,DC=local";
- Change the ldappassword variable.
This is the password of the user defined in the ldapuserid variable.
var ldappassword = "G00d3rP4ss0d";
- Save the new file as c:\CiscoIPServices\ASP\LocalizedDirectory\CorporateDirectory.asp
The top part of your CorporateDirectory.asp file should look similar to this.
var ldapserver = "10.10.10.50";
var ldapsearchbase = "OU=Blindhog_Users,DC=blindhog,DC=local";
var ldapport = "389";
var ldapuserid = "CN=ccmadministrator,OU=Blindhog_Users,DC=blindhog,DC=local";
var ldappassword = "G00d3rP4ss0d";
Create an XML file to pull directories together (optional)
- If you want your users to have Personal Directories as well as a corporate directory or multiple directories, you will need to create a new xml file.
c:\CiscoIPServices\ASP\LocalizedDirectory\Directories.xml
If not, you can just use your version of the following url for the ldap directory.
http://10.10.10.50/CiscoIPServices/LocalizedDirectory/CorporateDirectory.asp
- Edit the file to include the following format.
The following XML file is based on this topology. Please make changes according to your own topology. The first MenuItem is to give your users the Personal Directory (like the default in CUCM). The second MenuItem is
CUCM: 10.10.10.10
Microsoft AD: 10.10.10.50
<CiscoIPPhoneMenu>
<Prompt>Select a directory</Prompt>
<MenuItem>
<Name>Personal Directory</Name>
<URL>http://10.10.10.10:8080/ccmpd/pdCheckLogin.do?name=undefined</URL>
</MenuItem>
<MenuItem>
<Name>Corporate Directory</Name>
<URL>http://10.10.10.50/CiscoIPServices/LocalizedDirectory/CorporateDirectory.asp?action=search</URL>
</MenuItem>
</CiscoIPPhoneMenu>
Now, I have not tested this, but I imagine you could create several connections to different LDAP databases with the LocalizedDirectory Script and edit the xml file to query several directories by adding menu items to the above xml configuration.
Example:
<CiscoIPPhoneMenu>
<Prompt>Select a directory</Prompt>
<MenuItem>
<Name>Personal Directory</Name>
<URL>http://10.10.10.10:8080/ccmpd/pdCheckLogin.do?name=undefined</URL>
</MenuItem>
<MenuItem>
<Name>Directory 1</Name>
<URL>http://10.10.10.50/CiscoIPServices/LocalizedDirectory/directory1.asp?action=search</URL>
</MenuItem>
<MenuItem>
<Name>Directory 2</Name>
<URL>http://10.10.10.50/CiscoIPServices/LocalizedDirectory/directory2.asp?action=search</URL>
</MenuItem>
<MenuItem>
<Name>Corporate Directory</Name>
<URL>http://10.10.10.10:8080/ccmcip/xmldirectoryinput.jsp</URL>
</MenuItem>
</CiscoIPPhoneMenu>
Add the URL of the XML file to the IP Phones individually.
- Login to the Call Manager administration page
http://10.10.10.10/ - Go to Device > Phone
- Select a phone and enter the following URL in the ‘external directory’:
http://10.10.10.50/CiscoIPServices/LocalizedDirectory/Directories.xml
- To change the ‘external directory’ for all the phones, use the BAT tool.
Or, add the URL to all phones via the Enterprise Parameters.
- Login to the Call Manager administration page
http://10.10.10.10/ - Go to ‘System > Enterprise Parameters’
- Replace the ‘URL Directories’ parameter with the new XML file
http://10.10.10.50/CiscoIPServices/LocalizedDirectory/Directories.xml - Click ‘Save’
July 27th, 2009 at 10:15 am
Hi,
i tried it but it didn’t work
when i submit a request from my ip communicator, it doesn’t return anything:
“Records 0 to 0 of 0″
of course i checked many times, but i didn’t find anything.
CCM 4.1
thanks
July 27th, 2009 at 11:09 am
Niamor,
Does the XML page show up when you enter the URL in your PC’s web browser?
Josh
July 28th, 2009 at 3:47 am
Hi josh,
when i enter the URL on my web browser, it returns the xml file:
**URL**
http://172.20.27.50/CiscoIPServices/LocalizedDirectory/directory.xml
**XML File**
-
Select a directory
-
CCM Directory
http://172.31.12.67/CCMCIP/xmldirectoryinput.asp
-
AD Directory
http://172.20.27.50/CiscoIPServices/LocalizedDirectory/localizeddirectory2.asp?action=search
* When i choose “CCM Directory” it is ok. But when i choose AD directory it returns “Records 0 to 0 of 0″.
I was thinking it was an admin acount issue. What kind of administrator account do you use?
If i browse my AD with Softera Ldap browser and my admin account it works.
do I use LDAPSearch COM server?
**localizeddirectory2.asp***
var ldapserver = “172.20.27.50″;
var ldapsearchbase = “OU=Dev_users,DC=DEV,DC=lan”;
var ldapport = “389″;
var ldapuserid = “Admin”;
var ldappassword = “cisco123$”;
Thanks
172.20.27.50 = IIS, SDK and AD
172.31.12.67 = CCM 4
July 28th, 2009 at 5:29 am
Hi Josh!
It works now.
issue was AD users properties:
I filled only the firstname. The application needs firstname, name and display name.
Thanks for your help and for your website!
July 28th, 2009 at 10:24 pm
Hi,
Does anyone know of a way to insert a “0″ prefix onto the returned numbers. I’d have got a mobile number directory working but can’t dial because AD doesn’t include 0 for an outside line.
Great tutorial, Thanks,
Rob.
October 28th, 2009 at 7:48 am
Hey,
Thanks a lot for this nice tutorial, it helped me A LOT !
The connection with the AD is working fine, if I perform a search I get the list of users with their phone numbers, I also modified the asp file to get the ipPhone field instead of the telephonenumber field, everything is OK.
Nevertheless, if I perform a search by Phone Number, it will always try to look into the telephonenumber field, and not the ipPhone field.
Does anybody know how I could change this ?
Thanks in advance for your reply.
Yann
November 4th, 2009 at 8:23 am
Hi,
First off awesome tutorial. It’s working for me, but has anyone been able to modify the ldap query so that it only displays objects with an entry in the IpPhone field?
I was looking at running a script that would do the query and create the objects in a new ou, but I would definitely prefer it to be a one stop shop.
Thanks,
Mark
November 9th, 2009 at 11:58 am
Seconded on the “awesome tutorial”, great job and very helpful. I’m also curious to know the answer to Mark’s question above (#7). I can’t find a way to do that within the framework provided by cisco.
Also, I’m having an issue querying for users in my environment since we don’t have an OU that contains all users. Basically my AD structure has 46 OUs off the root. I can’t specify only “DC=company,DC=com” as the value for ldapsearchbase, as I get an “Operations error” exception every time I try. It appears to me that the cisco dll requires a string like “OU=xyz,DC=company,DC=com” and will not work without at least one OU specified. Can anyone confirm this or point me in a different direction? I have also used the SetSearchOption method provided by the dll to specify 0 (no limit) for search results with no success. (Although I confirmed that it works as the documentation specified and gave me 1000 results back on a query against a specific OU instead of the 320 I was getting previously.)
Thanks!
Jason