Friday, 23 February 2018

AudioCodes AD Authentication

Been playing with AD authentication and AudioCodes SBC with firmware 7.2 and found a few things, thanks to Dave for the help..

If LDAP is enabled but not configured correctly you will get locked out of the SBC, not even the local SBC accounts can access the gateway.  So make sure that you don't close your browser window in the middle of the config, or even let the timeout for access be reached...

Under "Setup --> IP Network -->Radius & LDAP"

Select "LDAP Settings"

Change the "LDAP Service" to enabled, and  change the "LDAP Authentication Filter" to (sAMAccountName=$).  Making sure that the () are included
As always the lighting bolt icon means that a reboot is required.

Under "LDAP Service Groups"

Select "New" and complete with the following details, make sure that "Type" is set to Management

Under "LDAP Servers"

Select "New" and enter the required details:
LDAP Server Group --> >name of the server group from "LDAP Server Group"
LDAP Password is ALWAYS --> $
LDAP Bind DN is --> $@'domain.com'
Management Attribute --> memberOf
LDAP Server IP --> IP Address of DC


Under LDAP Servers, select "LDAP Servers Search Base DNs"


Select "New" and enter the base DN to start searching within AD.

Under LDAP Servers, select

Select "New" and enter the AD group to check for membership.

Troubleshooting

  • "LDAP Authentication Filter" to (sAMAccountName=$).  Make sure there are no "quotes" around the entry in the WebGUI
  • Under the AdminPage update the "LDAPDEBUGMODE" value to be 3 (0 default, 3 highest level) then details can be checked in syslog.

No comments:

Post a Comment

MoH - Skype, AudioCodes and an SIP Carrier

Troubleshooting an MoH issue today, where a SfB client would places a PSTN caller on hold, and the PSTN caller would get no MoH.   SBC con...