FortiVoice
FortiVoice delivers integrated calling, conferencing, chat and fax.
melshehaby
Staff
Staff
Article Id 221679

Description

 

This article describes how to configure the LDAP authentication for extensions regarding to login with it in User Portal and in FortiFone softclient.

 

Scope

 

Version: 6.0.x and 6.4.x

 

Solution

 

Firstly, follow the below link to configure the LDAP profile and do a successful test query:

 

https://docs.fortinet.com/document/fortivoice-enterprise/6.4.4/fortivoice-cookbook/948675/creating-a...

 

There are two options to configure user authentication

 

Option 1:

 

If the LDAP profile is configured with 'Try Common Name with Base DN as Bind DN' which means that each extension will be manually mapped to specific username.

Follow the below steps:

 

1) Phone System - > LDAP - > LDAP Profile - > edit the LDAP profile

2) Under User Authentication Options, select 'Try Common Name with Base DN as Bind DN'

3) Then configure 'Common name ID' with value 'cn' to map the username or the attribute that needs to be mapped from the LDAP server.

melshehaby_0-1661330410822.png

4) Then Go to Extension - > Extension - > IP Extension - > edit the extension

5) Under User Setting, in the Web Access tab, with Authentication type to LDAP with the configured LDAP profile.

6) Configure 'Authentication ID:' with the username 'cn value' for the user that needs to mapped or authenticate this extension with his account. This example username is 'user1'

melshehaby_1-1661330410824.png

7) Once the above steps are completed, open the User Portal and in 'Username filed' type the extension number and in 'Password' type the password's of configured username in this extension.

 

Option 2:

 

If the LDAP profile is configured with 'Search User and Try Bind DN' this means that the LDAP server is already configured with extension numbers for each user, and there is an attribute included in the extension number so user will not need to configure each extension with Authentication ID.

Follow the below steps:

 

1) Phone System - > LDAP - > LDAP Profile - > edit the LDAP profile

2) Under User Authentication Options, select 'Search User and Try Bind DN'

3) In LDAP user query, the default scheme query for AD is: (&(objectClass=user)(telephonenumber=$u))
Which means that in AD the attribute "telephonenumber" in each user has the extension number.

Leave the rest of the options the default.

melshehaby_2-1661330410825.png

5) Then Go to Extension - > Extension - > IP Extension - > edit the extension

6) Under User Setting, in the Web Access tab, with Authentication type to LDAP with the configured LDAP profile.

7) Leave 'Authentication ID:' empty

melshehaby_3-1661330410826.png

8) Once the above steps are completed, open the User Portal and in 'Username filed' type the extension number and in 'Password' type the LDAP user password that this extension belongs.

Contributors