Für die Integration von estos UCServer in die Active Directory® Benutzerverwaltung kann für die Speicherung eigener Benutzer, Computer und Gruppeneinstellungen wahlweise eine Schema Erweiterung oder ein bereits existierendes reserviertes Feld verwendet werden. Sie müssen sich vor der Installation des UCServer entscheiden, ob Sie das Schema erweitern wollen oder nicht. Ein erweitertes Schema kann nicht zurückgenommen werden.
Hinweis zu LDAP Standard-Attributen:
Der UCServer verwendet LDAP Standard-Attribute für die Benutzer, Gruppen und Computerverwaltung. Abhängig von den Einstellungen zur Benutzerverwaltung erlauben Sie dem UCServer Einstellungen in diese Attribute zurückzuschreiben.
Wenn Sie das Zurückschreiben für Standard-Attribute deaktivieren, schreibt der Dienst nur in die durch das Schema erweiterten Attribute bzw. die beiden Felder "extensionName" und "proxyAddresses". Konfigurationshinweise hierzu entnehmen Sie bitte der UCServer Anleitung.
Spezielle Felder
Es gibt zwei Felder im AD die im UCServer eine spezielle Bedeutung erlangen:
| Attribute | Type | Read/Write | Extended | Description |
|---|---|---|---|---|
| extensionName | String | Read/Write | no | Wenn das Schema nicht erweitert wird, werden alle benutzerdefinierten Einstellungen im Feld "extensionName" gespeichert. Beschreibung siehe unten. |
| proxyAddresses | String | Read/Write | no | Enthält standardmäßig die Kommunikationsadressen der Benutzer. UCServer fügt bei Bedarf die SIP-Adresse des Benutzers zu diesem Feld hinzu. |
Nicht erweitertes Schema
Wird das Schema nicht erweitert, werden die Informationen, die der UCServer zusätzlich zu den Standard-AD-Feldern benötigt, zusammengefasst und in 'extensionName' geschrieben.
Dabei werden die Daten in <key, value> Paaren formatiert abgelegt. 'key' ist dabei eine Zahl (ID), die das Feld im UCServer definiert und 'value' der dazugehörende Wert. Die jeweils möglichen Werte sind in der folgenden Schemareferenz angegebenen.
Werden als Wert bestimmte Formate benötigt (Bsp. wiederum Listen oder Paare), wird das auch in der Referenz beschrieben.
Das 'extensionName' Feld ist ein so genanntes "ldap multi value attribute". Ein einzelner String-Inhalt ("value") kann nur eine maximale Länge von 255 Zeichen beinhalten. Dafür können unter dem gleichen Feldnamen ("attribute") aber ein Liste von values abgerufen werden. Der UCServer erkennt die Länge der zu speichernden Information und zerlegt dann die Information passend in mehrere values.
Erweitertes Schema
Die folgende Liste zeigt welche Attribute der LDAP Objekte benutzt werden, und welche zu dem Standardschema hinzugefügt werden. Weiterhin sind die IDs vermerkt, unter der die Information entsprechend in extensionName hinterlegt ist.
objectClass computer:
| Attribute | Type | Read/Write | estos Extension | extension Name ID |
Description |
|---|---|---|---|---|---|
| sAMAccountName | String | Read | no | Computer Name | |
| distinguishedName | String | Read | no | Object path within the AD structure. | |
| objectGUID | String | Read | no | Object unique ID within the AD structure. | |
| ectisrv3CTIEnabled | Integer | Read/Write | yes | 0 | Enable this computer for CTI |
| ectisrv3SchemaVersion | Integer | Read/Write | yes | 17 | Version information about the schema extension |
| ectisrv3CTIPhonePrimary | String | Read/Write | yes | 4 | Primary phone number of the telephone located near the computer |
| ectisrv3CTIPhoneSecondary | String | Read/Write | yes | 5 | Secondary phone number of the (second) telephone located near the computer |
| ectisrv3CTILinesPermissions | Integer | Read/Write | yes | 3 | Access rights for the telephony devices that are listed in ectisrv3CTILines (Bitfield) 1 |
| ectisrv3CTILines | String | Read/Write | yes | 9 | List of telephone numbers (§ seperated) of the telephony devices that are available in the multiline tapi client on that computer |
| ectisrv3ComputerPassword | String | Read/Write | yes | 1 | Encrypted CTI password for this computer. |
| ectisrv3PropertyBag | String | Read/Write | yes | 18 / 20 | List of additional properties (§ seperated) for this computer. In case of the extensionName value, if the complete length of the PropertyBag needs more than one ldap value, use multible values using the ID 20. They will be added up, while multible values with ID 18 will replacing each other. The format of each value is like "<ID, key=value§key=value§...>" - with empty values are strings with zero length like "key=§". |
objectClass user:
| Attribute | Type | Read/Write | Extended | extension Name ID |
Description |
|---|---|---|---|---|---|
| sAMAccountName | String | Read | no | Logon name of the user | |
| userPrincipalName | String | Read | no | Username | |
| distinguishedName | String | Read | no | Object path within the AD structure. | |
| objectGUID | String | Read | no | Object unique ID within the AD structure. | |
| givenName | String | Read | no | First name of the user. | |
| sn | String | Read | no | Last name of the user. | |
| displayName | String | Read | no | Display name of the user. | |
| String | Read | no | E-Mail Adress of the user. Will be used for example to automatically send notifications to the user. | ||
| telephoneNumber | String | Read/Write | no | User`s 1. business telephone number | |
| otherTelephone | String | Read/Write | no | User`s 2. business telephone number | |
| homePhone | String | Read/Write | no | User`s private telephone number | |
| mobile | String | Read/Write | no | User`s mobile telephone number | |
| company | String | Read/Write | no | Company name | |
| title | String | Read/Write | no | User`s job title | |
| physicalDeliveryOfficeName | String | Read/Write | no | User`s office location information | |
| streetAddress | String | Read/Write | no | User`s office location street address | |
| postalCode | String | Read/Write | no | User`s office location postal code | |
| l | String | Read/Write | no | User`s office location city | |
| st | String | Read/Write | no | User`s office location state | |
| co | String | Read/Write | no | User`s office location country | |
| wWWHomePage | String | Read/Write | no | User`s office website address | |
| thumbnailPhoto | String | Read/Write | no | User`s thumbnail picture | |
| proxyAddresses | String | Read/Write | no | Stores users communication addresses. The UCServer adds the users SIP address to this field. | |
| ectisrv3CTIEnabled | Integer | Read/Write | yes | 0 | Enable this user for CTI |
| ectisrv3SchemaVersion | Integer | Read/Write | yes | 17 | Version information about the schema extension |
| ectisrv3UserSipUri | Integer | Read/Write | yes | 15 | Unique id for the user within a federation szenario. The adress should comply with the users email-address. |
| ectisrv3CTIPhonePrimary | String | Read/Write | yes | 4 | Primary phone number of the user (the own telephone) |
| ectisrv3CTIPhoneSecondary | String | Read/Write | yes | 5 | Secondary phone number of the user (second own telephone) |
| ectisrv3UserPhoneMailbox | String | Read/Write | yes | 8 | Phone number of the mailbox of the User |
| ectisrv3UserPhoneRecordingServer | String | Read/Write | yes | 7 | Phone number of the call recording server |
| ectisrv3CTILinesPermissions | Integer | Read/Write | yes | 3 | Access rights for the telephony devices that are listed in ectisrv3CTILines (Bitfield) 1 |
| ectisrv3CTILines | String | Read/Write | yes | 9 | List of telephone numbers (§ seperated) of the telephony devices that are available for the user as additional lines (busy lamp field). |
| ectisrv3CTIServices | Integer | Read/Write | yes | 2 | Some rights for the user (Bitfield) 2 |
| ectisrv3CTIServices2 | Integer | Read/Write | yes | 19 | More rights for the user (Bitfield) 4 (New with version 6) |
| ectisrv3UserPassword | String | Read/Write | yes | 1 | Encrypted password for this user profile |
| ectisrv3UserPermissions | Multivalue String | Read/Write | yes | 10 | Each string contains the permissions, the user gave to other users on his account in the monitor. The structure of the String is: "user name";"presence rights";"primary line rights";"secondary line rights"§ The contents of the rights sections are hex values of bitfields containing the rights. 3 |
| ectisrv3PropertyBag | String | Read/Write | yes | 18 / 20 | List of additional properties (§ seperated) for that user. In case of the extensionName value, if the complete length of the PropertyBag needs more than one ldap value, use multible values using the ID 20. They will be added up, while multible values with ID 18 will replacing each other. The format of each value is like "<ID, key=value§key=value§...>" - with empty values are strings with zero length like "key=§". |
| ectisrv3UserHomeServer | String | Read/Write | yes | 16 | Reserved for future use |
objectClass group:
| Attribute | Type | Read/Write | Extended | extension Name ID |
Description |
|---|---|---|---|---|---|
| sAMAccountName | String | Read | no | Group name | |
| distinguishedName | String | Read | no | Object path within the AD structure. | |
| objectGUID | String | Read | no | Object unique ID within the AD structure. | |
| member | String | Read/Write | no | Members of this active directory user group. | |
| String | Read | no | E-Mail Adress of the user. Will be used for example to automatically send notifications to the user. (New with version 6) |
||
| ectisrv3CTIEnabled | Integer | Read/Write | yes | 0 | Enable this group for CTI |
| ectisrv3SchemaVersion | Integer | Read/Write | yes | 17 | Version information about the schema extension |
| ectisrv3CTIServices | Integer | Read/Write | yes | 2 | Some rights for the members of the group (Bitfield) 2 |
| ectisrv3CTIServices2 | Integer | Read/Write | yes | 19 | More rights for the members of the group (Bitfield) 4 (New with version 6) |
| ectisrv3GroupLeaderDN | String | Read/Write | yes | 11 | The DN of the group leader |
| ectisrv3GroupDeputyDN | String | Read/Write | yes | 12 | The DN of the group leader deputy |
| ectisrv3GroupLeaderPermissions | String | Read/Write | yes | 13 | Permissions of the group leader (see also ectisrv3UserPermissions description, except here its only one entry). |
| ectisrv3GroupMembersPermissions | String | Read/Write | yes | 14 | Permissions of all group memebers among each other (see also ectisrv3UserPermissions description, except here its only one entry). |
| ectisrv3UserSipUri | Integer | Read/Write | yes | 15 | Unique id for the group. (New with version 6) |
| ectisrv3PropertyBag | String | Read/Write | yes | 18 / 20 | List of additional properties (§ seperated) for that group. (New with version 6) In case of the extensionName value, if the complete length of the PropertyBag needs more than one ldap value, use multible values using the ID 20. They will be added up, while multible values with ID 18 will replacing each other. The format of each value is like "<ID, key=value§key=value§...>" - with empty values are strings with zero length like "key=§". |
1 ectisrv3CTILinesPermissions:
| LINEACCESS_ACTIVE | Make calls | 0x00000004 |
| LINEACCESS_REDIRECT | Redirect or Pickup | 0x00000010 |
| LINEACCESS_NUMBERSOUT | Display outgoing phone numbers | 0x00000020 |
| LINEACCESS_MULTILINECHECKUSER | Only owner can excecute phoneactions | 0x00000200 |
| LINEACCESS_NUMBERSIN | Display incoming phone numbers | 0x00000800 |
2 ectisrv3CTIServices:
| USERRIGHTS_SENDUSERUSER | User is allowed to send User User Messages | 0x00000001 |
| USERRIGHTS_SENDSMS | User is allowed to send SMS Messages | 0x00000002 |
| USERRIGHTS_WEB | User is allowed to login to the web server (not used at the moment) | 0x00000004 |
| USERRIGHTS_USEPROCALL | User is allowed to user estos ProCall | 0x00000008 |
| USERRIGHTS_SELFADMIN | User is allowed to change own settings | 0x00000020 |
| USERRIGHTS_OFFLINE_JOURNAL | User uses the Offline Journal | 0x00000080 |
| USERRIGHTS_OFFLINE_MAIL | User receives Mails for unanswered calls | 0x00000100 |
| USERRIGHTS_CALLRECORDING | User may use Call Recording | 0x00000200 |
| USERRIGHTS_USEPHONEBOOK | User may use Phonebooks | 0x00000400 |
| USERRIGHTS_GROUP_ALLINMONITOR (only applicable for user groups) | All Members can see all group members in a special view in the monitor | 0x00001000 |
| USERRIGHTS_GROUP_VIEWJOURNAL (only applicable for user groups) | All Members may see the phone journal of all group members | 0x00004000 |
| USERRIGHTS_GROUP_VIEWJOURNALLEADER (only applicable for user groups) | The Groupleaders may see the phone journal of all group members | 0x00008000 |
| USERRIGHTS_AV_AUDIO | User may use AudioChat over estos UCServer | 0x02000000 |
| USERRIGHTS_AV_VIDEO | User may use VideoChat over estos UCServer | 0x04000000 |
3 ectisrv3UserPermissions:
| presence rights | UR_PRESENCE_VISIBLE | 0x000000001 |
| UR_PRESENCE_CHANGEABLE | 0x000000002 | |
| UR_PRESENCE_APPOINTMENT_PRIVATE | 0x000000010 | |
| UR_PRESENCE_APPOINTMENT_PUBLIC | 0x000000020 | |
| primary line rights | UR_PHONE_NUMBERS_OUTBOUND | 0x000000001 |
| UR_PHONE_NUMBERS_INBOUND | 0x000000002 | |
| UR_PHONE_NUMBERS_REDIRECTED | 0x000000004 | |
| UR_PHONE_SET_REDIRECTION | 0x000000100 | |
| UR_PHONE_PICKUP_CALLS | 0x000000200 | |
| secondary line rights | UR_PHONE_NUMBERS_OUTBOUND | 0x000000001 |
| UR_PHONE_NUMBERS_INBOUND | 0x000000002 | |
| UR_PHONE_NUMBERS_REDIRECTED | 0x000000004 | |
| UR_PHONE_SET_REDIRECTION | 0x000000100 | |
| UR_PHONE_PICKUP_CALLS | 0x000000200 |
4ectisrv3CTIServices2:
| USERRIGHTS2_ENABLE_FOR_ANONYMOUS_API | This bit allows user presence and a small set of user data to be visible for anonymous users. This is used for example by the contact card feature. | 0x00000001 |
| USERRIGHTS2_LOGIN_OVER_INTERNET | User is able to login from the internet on this ucserver. | 0x00000002 |
| USERRIGHTS2_LOGIN_BY_MOBILE | User is able to login using mobile clients. | 0x00000004 |
| USERRIGHTS2_ENABLE_AGENTMANAGER | User is activated as "agent". This must be set, if the user should be visible for the contact card for example. | 0x00000008 |
| USERRIGHTS2_IS_AGENT_SUPERVISOR | (Reserved for future use). | 0x00000010 |
| USERRIGHTS2_GROUP_FOR_PUBLIC_CHAT (only applicable for user groups) | The Group can receive special chat messages, which were sent to a agent group. (For LiveChat only) | 0x00000020 |
| USERRIGHTS2_GROUP_FOR_PORTAL (only applicable for user groups) | The Group is used for displaying its member in the contact portal feature. | 0x00000040 |
| USERRIGHTS2_GROUP_FOR_MONITOR (only applicable for user groups) | (Reserved for future use) | 0x00000080 |
| USERRIGHTS2_ENABLE_WEBCLIENT_ADMIN (only applicable for users) | Users have authorisation to use the WebClient Admin | 0x00000100 |
| USERRIGHTS2_ENABLE_CONTENTSHARING_FILES | Users have authorisation to send files via the 'Share content' function | 0x00000200 |
| USERRIGHTS2_ENABLE_CONTENTSHARING_LOCATION | (Reserved for future use) | 0x00000400 |
| USERRIGHTS2_ENABLE_CONTENTSHARING_CONTACTS | (Reserved for future use) | 0x00000800 |
| USERRIGHTS2_USECONFERENCING | (Reserved for future use) | 0x00001000 |
| USERRIGHTS2_USETEAMS | Users are able to use MS Teams integration | 0x00002000 |
| USERRIGHTS2_ALLOW_LOGIN_OVER_INTERNET_DESKTOP | Desktop clients should also be able to connect OPTIONALLY via the Internet. In contrast to mobiles (where this is actually the rule), this path is optional and the admin should simply be able to switch the feature on and off. Therefore, it should only be on by default in Global, not in Groups and Users. | 0x00004000 |
| USERRIGHTS2_USEWEBAPP | Users are able to use ProCall WebApp | 0x00008000 |
Version 8.9