Endpoint Manager basefiles

I’m working on enabling HTTP Authentication on provisioning, using Cisco and Grandstream devices primarily.

First I’ve been trying to get an Cisco SPA112 to provision successfully. If I configure the device according to the documentation to enable authentication, it does successfully provision.

However, the configuration files which FreePBX is generating do not contain the authentication information, nor have I been able to find any way to add that authentication information to the “spa112.cfg” file (other than simply manually changing it, which is subject to being overwritten).

Using the “Basefile Edit” doesn’t seem to allow for changing this “stage 1” file.

I assumpeted to copy the “Profile_Rule” settings from the SPA504G file, but the Basefile Edit won’t allow this parameter to be added to the SPA122, and even so, still doesn’t change the spa112.cfg file anyways, only the generated per-MAC config files.

So my question is this:

By what mechanism can I influence the configuration being created by the Endpoint Manager for the stage 1 model configuration files?

EPM does this for you. In sysadmin you manage your provisioning protocol and add username and password.

In EPM if you pick HTTP it will auto put in the username and password pulled from sysadmin

It is with extreme disappointment that I find the functionality you’ve described locked behind a paid module.

Something so fundamentally required shouldn’t be locked behind a paywall, shame on you Sangoma.

I’m going to do something out of character for me. I’m going to side with Sangoma on this one:

There is absolutely no reason to believe that configuring your phones is more than peripherally related to the operation of your PBX. The fact that there’s a free OSS EPM that you can use and maintain amplifies this point. The project is called “FreePBX” not “FreePhoneConfigurator”.

If you don’t want to pay for the module, do the work yourself. There’s nothing stopping you from managing these phones yourself.

Your response would predictably be “well, doing all of that work to maintain the EPM for my own phones is hard and takes a lot of time.” Yes, when it’s someone else’s time and money, you are “yeah, you should do that for me.”

The EPM module is well worth the money. At your hourly billable rate, the cost is something like 20 minutes of your time per year. I would really like to see the OSS EPM maintained and kept up-to-date, but no one is willing to undertake that kind of workload for free for people that can’t even muster the wherewhithal to help fund that little project.

One of the upsides of FreePBX is that we now have a corporate sponsor that is willing to retain the Open part of the Open Source project that many of us have been working on for years. One of the downsides is that the sponsor is a corporate entity that needs to feed and house its employees.

I don’t like paying for modules for a free phone system either, but that’s the way of the present.


Except I did buy the EPM (on something like a half dozen installations so far - several hundred dollars), and now find being able to securely use it locked behind paying for another module. My point is that being able to securely use the EPM shouldn’t be locked behind paying for another independent module that’s completely unrelated to the EPM.

Further, if I do manually configure password protection in the apache server, then attempt to configure the basefiles in the EPM to use a username and password, they won’t do so. I haven’t been able to successfully get the EPM to re-write the first config file with the HTTP auth in the stage 1 file, and in one model of device even writing the correct commands into the basefile are ignored (the commands aren’t written out to the configuration; which was the OP of this thread.

So, not only is the functionality locked behind paying for another (unrelated) module, it’s actually not possible to “do it manually”.

I have absolutely no problem paying for the EPM. It takes a lot of work to maintain, and I respect that. I pay for it because, yes, I could do it on my own, but it takes a lot of time.

I have ZERO problem paying for modules, I think you’ve completely misunderstood my statement.

What I have a problem with is paying for the EPM module, then having the functionality of being able to use it securely being locked behind another paid module that is not related to the EPM in any way.