Central User Authority

Hi all. I’ve had a request from my client, and I’m trying to determine whether or not it’s possible to do it in an elegant way.

We’re using the latest FreePBX distro on all our servers, on physical hardware, with a mix of analog and SIP trunks, Polycom phones.

The client has requested what amounts to setting up user & devices mode (they want to be able to use any phone they sit down at as if it were their extension). However, our phone topology includes 7 different locations. They want to be able to move from location to location, and be able to log in at any phone. Leaving the server in “extension” mode and having them carry their $400 voip phones around with them in the car isn’t an option.

I’d like for them to be able to access their voicemail the same way, for things like their voicemail->email address to stay up to date if a change is made, and when new employees come on board it’d be nice to add them in a single place.

Right now, the only way I can think of, if I keep the setup basically as it is, it is to have a list of all users at all locations, but this results in segmented voicemail boxes and tedious user creation.

I thought of reconfiguring all the mysql server addresses to point to a single PBX, but at each location we have analog trunks and hardware, different server IP’s, and we’re using SIP trunks (each location has it’s own account info). We’re considering consolidating all sip trunks at a single location and directing DIDs through to each location from that one central location, but right now each pbx has it’s own SIPSTATION account as well. I’m worried that too much configuration would be shared, and not just the users/devices. Is it possible to avoid some of the configuration overlap in this scenario?

Looked into LDAP for Asterisk a little bit, but I’m more of a FreePBX guy than an asterisk guy, if I can help it, and it wasn’t clear if hooking my phone systems’ configs up to LDAP would even solve anything.

So I’m looking for ideas; if you had this task, how would you solve it?

If I had that task I would use a real SIP proxy as an intermediary between the users and the asterii.

Had a couple of other thoughts.

#1 - Write scripts to pull “master” mysql User data out and place it in the satellite systems, and write scripts to copy voicemail over (directory monitoring or cron job?).

#2 - Simplify the system, have all devices/users connect to a single PBX and add the local servers as a “failover” server (server 2) in the phones.

I’m not sure how to utilize a sip proxy like this; I’ve never installed/used one. How does it differ from Scenario #2? In other words, I’m not sure if I see how it could be used to solve the problems I’m facing.

I’m sure there are many ways to kludge what you want, in general there are flaws with all the proffered solutions I have seen, both your methods fail as there is no trusted known “location” of any of your extensions, so for example which server will you send your inbound calls to?, which server has an uptodate voicemail structure? SIP proxies on the other hand are designed from the base up to do what you ask (which is why it is called a proxy :slight_smile: )