Active Directory Integration

PitzKey · August 26, 2021, 2:08pm

Hey all.

I must admit, it’s my first time doing integrations between FreePBX and Active Directory using the built in User Manager Module, it is pretty cool and straight forward.

Couple of questions:

Is there a way to synchronize users only from a specific group? I don’t want to sync every user in the OU.
Is there a way to populate the voicemail email address with the one used is AD?
Is there a way to have specific settings enabled when it creates/syncs an extension in FreePBX? Such as enabling voicemail, enable/disable followme etc etc.

Thank you

PitzKey · August 30, 2021, 1:05pm

Bump?

slobera · September 6, 2021, 5:21pm

Hi @PitzKey ! Sorry for the late.
About 1, did you take a look at here? https://wiki.freepbx.org/display/FDT/Installing+and+connecting+an+Active+Directory+Server+with+FreePBX

I was able to select which OU i want to connect to.

About 2, I’m not understanding completely about what do you mean.
Example: You have user “aaa” with email "[email protected]" and user “ccc” with email "[email protected]" on the Userman, and you want to overwrite the email when syncing with the one on the AD side?
If that’s the case, I can make some tests on my lab.

About 3, I don’t think that’s possible.

longqvo · September 7, 2021, 1:11pm

If I am understanding question 2 correctly (since I been wanting the same feature myself). When user aaa” with email "[email protected]" assigned to extension 1234. The voicemail email in extension’s populated with the user’s email address. It would also be nice for the name in extension to get update too.

PitzKey · September 9, 2021, 2:29pm

Hey @slobera, thanks for responing!

Yes.

The issue is not connecting to the OU. The issue is that we DON’T want every user in the OU to sync in FreePBX, rather, only sync users from a specific group in AD.
For example, you have an AD Group called “FreePBX users” and only users that are a member of that AD group are synced.

Sorry for not explaining better. If you create a user in AD and there is no existing extension on the PBX, FreePBX will create an extension with the driver you specified

However, when the extension is created, voicemail is disabled.
So, the question is: Is it possible to populate the user’s email under the voicemail tab? And then the admin can decide to whether to enable voicemail or not.

Xoxider · September 13, 2021, 5:19pm

I was able to pick users to import on my install by using the User object filter in the directory settings. I put in something like:
(&(objectCategory=Person)(sAMAccountName=star)(ipphone=1star))
^ Put actual stars in. The editor wants to make italics for me when it has stars.

That pulled in everyone who had something entered for the IP phone attribute (starting with a 1) since I was using that to automatically match/create extensions for them. You can do the group thing too just use the “memberof” filter for LDAP. Using my above string something like:
(&(objectCategory=Person)(sAMAccountName=*)(memberOf=CN=FreePBX,OU=path,DC=domain,DC=tld))

You could combine them as well for a sanity check depending on how you want to handle your environment.

nielsen · September 13, 2021, 5:36pm

But - as far as I know - no way to have the voicemail email address sync’d from AD/LDAP.

system · October 13, 2021, 5:36pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.