[Spce-user] LDAP configuration

Andreas Granig agranig at sipwise.com
Mon Mar 30 17:10:17 EDT 2015


Hi Giovanni,

It's stored plain in order to do auto-provisioning for certain SIP
devices. There is actually a road-map item to configure the system to
use hashes instead in case the plain pwd is not needed, but that will be
something for the release after the upcoming one.

Andreas

On 03/30/2015 04:23 PM, Mele Giovanni wrote:
> Hello,
> 
> Ok, thx for the explanation. A last question before closing the LDAP topic: how is the sip password stored in the mysql DB? Is it stored as an MD5 hash key?
> 
> Thx
> 
> Regards
> 
> Giovanni
> 
> -----Original Message-----
> From: Spce-user [mailto:spce-user-bounces at lists.sipwise.com] On Behalf Of Daniel Grotti
> Sent: lundi 30 mars 2015 16:20
> To: spce-user at lists.sipwise.com
> Subject: Re: [Spce-user] LDAP configuration
> 
> Hi,
> kamailio have a lot of modules we currently do not use deliberately.
> NGCP is and out-of-the-box class5 softwitches solution, it is not "only"
> kamailio.
> 
> I don't see LDAP connection useful in ISP/Carrier context, we've never had such requirements. It rather a PBX feature imho.
> Usually subscribers resides on the C5 server itself, not outside.
> You can have security issue, performances issue as well, also network issue.
> 
> Yes, with API I mean the REST API interface listening on port 1443.
> 
> Regards,
> 
> 
> 
> 
> --
> Meet us @ ANGACOM: Hall 10.1/booth N10
> Exhibition and Congress for Broadband, Cable & Satellite: 9-11 June 2015, Cologne
> --
> 
> Daniel Grotti
> VoIP Engineer
> 
> Phone: +43(0)1 301 2032
> Email: dgrotti at sipwise.com
> Website: www.sipwise.com
> 
> Particulars according Austrian Companies Code paragraph 14 "Sipwise GmbH" - Europaring F15 - 2345 Brunn am Gebirge FN:305595f, Commercial Court Vienna, ATU64002206
> 
> On 03/30/2015 04:10 PM, Victor Seva wrote:
>> On 03/30/2015 04:03 PM, Mele Giovanni wrote:
>>> Is it a limitation of sipwise? If I'm not wrong, Kamailio has an LDAP module (openLDAP). As sipwise uses Kamailio, I was thinking it was possible. Is there a security reason why you don't have a direct link with an LDAP?
>>
>> You need to add users to NGCP system using the API. For sure you can 
>> always hack the kamailio config and use the LDAP module to check AUTH 
>> but the user needs to exist in the system. We have a lot of 
>> preferences there. The only advantage I see is that the LDAP password 
>> will be used but the query for get the user preferences needs to be 
>> there anyhow. So, from my POW I see no benefit there.
>>
>> my 2 cents,
>> Victor
>>
>>
>>
>> _______________________________________________
>> Spce-user mailing list
>> Spce-user at lists.sipwise.com
>> https://lists.sipwise.com/listinfo/spce-user
>>
> _______________________________________________
> Spce-user mailing list
> Spce-user at lists.sipwise.com
> https://lists.sipwise.com/listinfo/spce-user
> _______________________________________________
> Spce-user mailing list
> Spce-user at lists.sipwise.com
> https://lists.sipwise.com/listinfo/spce-user
> 



More information about the Spce-user mailing list