<html><body><div style="font-family: lucida console,sans-serif; font-size: 12pt; color: #000000"><div>Hello Daniel,<br></div><div>Thank you for answer,<br></div><div><br></div><div>Regard my last message where Alex is answer me.<br></div><div>Can you please verify that this ldap authentication routing section is should work. Because call between two registered extension not working at all I don't see any attempts of negotiations, always get 404. I am trying don't use mysql for user management.<br></div><div><br></div><div>Error from debug.<br></div><div><br></div><div> 7(2668) DEBUG: tm [t_lookup.c:1373]: t_newtran(): DEBUG: t_newtran: msg id=1 , global msg id=1 , T on entrance=(nil)<br> 7(2668) DEBUG: tm [t_lookup.c:527]: t_lookup_request(): t_lookup_request: start searching: hash=24684, isACK=0<br> 7(2668) DEBUG: tm [t_lookup.c:485]: matching_3261(): DEBUG: RFC3261 transaction matching failed<br> 7(2668) DEBUG: tm [t_lookup.c:709]: t_lookup_request(): DEBUG: t_lookup_request: no transaction found<br> 7(2668) DEBUG: tm [t_hooks.c:374]: run_reqin_callbacks_internal(): DBG: trans=0x7f272e75acc0, callback type 1, id 0 entered<br> 7(2668) DEBUG: <core> [md5utils.c:67]: MD5StringArray(): DEBUG: MD5 calculated: 56120e176eec0cd31c62bcba6270de35<br> 7(2668) ERROR: *** cfgtrace: c=[/etc/kamailio/kamailio-ldap.cfg] l=697 a=21 n=switch<br> 7(2668) ERROR: *** cfgtrace: c=[/etc/kamailio/kamailio-ldap.cfg] l=692 a=26 n=send_reply<br> 7(2668) DEBUG: tm [t_lookup.c:1072]: t_check_msg(): DEBUG: t_check_msg: msg id=1 global id=1 T start=0x7f272e75acc0<br> 7(2668) DEBUG: tm [t_lookup.c:1144]: t_check_msg(): DEBUG: t_check_msg: T already found!<br> 7(2668) DEBUG: <core> [msg_translator.c:204]: check_via_address(): check_via_address(10.237.236.150, 10.237.236.150, 0)<br> 7(2668) DEBUG: <core> [mem/shm_mem.c:111]: _shm_resize(): WARNING:vqm_resize: resize(0) called<br> 7(2668) DEBUG: tm [t_reply.c:1663]: cleanup_uac_timers(): DEBUG: cleanup_uac_timers: RETR/FR timers reset<br> 7(2668) DEBUG: tm [t_hooks.c:288]: run_trans_callbacks_internal(): DBG: trans=0x7f272e75acc0, callback type 512, id 0 entered<br> 7(2668) DEBUG: acc [acc_logic.c:557]: tmcb_func(): acc callback called for t(0x7f272e75acc0) event type 512, reply code 404<br> 7(2668) DEBUG: tm [t_reply.c:728]: _reply_light(): DEBUG: reply sent out. buf=0x7f2738acb530: SIP/2.0 404 Not Foun..., shmem=0x7f272e753128: SIP/2.0 404 Not Foun<br> 7(2668) DEBUG: tm [t_reply.c:738]: _reply_light(): DEBUG: _reply_light: finished<br> 7(2668) DEBUG: sl [sl.c:280]: send_reply(): reply in stateful mode (tm)<br><br></div><div><br></div><div>#!ifdef WITH_LDAP<br>route[LDAP] {<br> if(is_method("REGISTER")) {<br><br> if(!(is_present_hf("Authorization") || is_present_hf("Proxy-Authorization"))) {<br> # no credentials header - send back challenge<br> auth_challenge("$fd", "1");<br> exit;<br> }<br><br> # ldap search<br> ldap_search("ldap://sipaccounts/ou=People,dc=networklab,dc=loc?sipDomain,sipMobileExtension,sipPassword?one?(&(objectClass=phonesipuser)(sipMobileExtension=$fU))");<br> $var(rc) = $rc;<br> if ($var(rc)<0) {<br> switch ($var(rc))<br> {<br> case -1:<br> # no LDAP entry found<br> sl_send_reply("404", "User Not Found");<br> exit;<br> case -2:<br> # internal error<br> sl_send_reply("500", "Internal server error");<br> exit;<br> default:<br> sl_send_reply("403", "Not allowed");<br> exit;<br> }<br> }<br><br> ldap_result("sipDomain/$avp(domain)");<br> ldap_result("sipMobileExtension/$avp(s:username)");<br><br> if (!ldap_result("sipPassword/$avp(s:password)")) {<br> sl_send_reply("404", "User Not Found");<br> exit;<br> }<br> <br> if ($fd != $avp(domain)) {<br> xlog("L_INFO", "Got ldap result $avp(domain). For user $avp(s:username) Not allowed $fd");<br> sl_send_reply("403","Not allowed $fd");<br> exit;<br> }<br> <br> xlog("L_INFO", "[Extension=$au] have $avp(s:password)\n"); # For test get ha1 from ldap<br> <br> if (!pv_auth_check("$fd", "$avp(s:password)", "1", "0")) {<br><br> #if (!pv_www_authenticate("$fd", "$avp(s:password)", "1")) {<br><br> if $rc == -1 xlog("L_WARN", "Authentication: RetVal -1 Invalid Auth User [Extension=$au]\n");<br> else if $rc == -2 xlog("L_WARN", "Authentication: RetVal -2 Invalid Password [Extension=$au]\n");<br> else if $rc == -3 xlog("L_INFO", "Authentication: RetVal -3 Stale nonce [Extension=$au]\n");<br> else if $rc == -5 xlog("L_WARN", "Authentication: RetVal -5 Generic Error [Extension=$au]\n");<br><br> # www_challenge("$td", "0");<br> # exit;<br> # sl_send_reply("200", "ok");<br> # exit;<br> #} else {<br> # www_challenge("$td", "1");<br> # exit;<br> #}<br><br> auth_challenge("$fd", "1");<br> exit;<br> sl_send_reply("403","Not allowed");<br> exit;<br> } else {<br> sl_send_reply("200", "ok");<br> exit;<br> }<br><br> if (!is_method("REGISTER|PUBLISH")) {<br> consume_credentials();<br> }<br> }<br>return;<br>}<br>#!endif<br><br></div><div><br></div><div>Thank you, <br></div><div> Slava.<br></div><div><br></div><hr id="zwchr"><div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;" data-mce-style="color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><b>From: </b>"Daniel-Constantin Mierla" <miconda@gmail.com><br><b>To: </b>"Kamailio (SER) - Users Mailing List" <sr-users@lists.sip-router.org><br><b>Sent: </b>Monday, March 24, 2014 4:47:36 AM<br><b>Subject: </b>Re: [SR-Users] Ldap auth<br><div><br></div>Hello,<br> <br> remove the double quotes in the IF expressions:<br> <br> if ("$avp(s:domain)" =~ "$fd") {<br> <br> Values in between double quotes are strings.<br> <br> Cheers,<br> Daniel<br> <br><div class="moz-cite-prefix">On 21/03/14 21:41, Slava Bendersky wrote:<br></div><blockquote cite="mid:931624263.7024214.1395434468812.JavaMail.zimbra@skillsearch.ca"><div style="font-family: lucida console,sans-serif; font-size:
12pt; color: #000000" data-mce-style="font-family: lucida console,sans-serif; font-size: 12pt; color: #000000;"><div><span style="color: #000000; font-family: Sans; font-size:
medium; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: pre-wrap; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px; display:
inline !important; float: none;" data-mce-style="color: #000000; font-family: Sans; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none;">Hello Everyone, </span></div><div><span style="color: #000000; font-family: Sans; font-size:
medium; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: pre-wrap; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px; display:
inline !important; float: none;" data-mce-style="color: #000000; font-family: Sans; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none;"><br> </span></div><div><span style="color: #000000; font-family: Sans; font-size:
medium; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: pre-wrap; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px; display:
inline !important; float: none;" data-mce-style="color: #000000; font-family: Sans; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none;">I am trying compare domain part of uri with ldap query result, getting some syntax warning </span></div><div><span style="color: #000000; font-family: Sans; font-size:
medium; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: pre-wrap; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px; display:
inline !important; float: none;" data-mce-style="color: #000000; font-family: Sans; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none;"><br> </span></div><div><span style="color: #000000; font-family: Sans; font-size:
medium; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: pre-wrap; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px; display:
inline !important; float: none;" data-mce-style="color: #000000; font-family: Sans; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none;"><span style="color: #000000; font-family:
Sans; font-size: medium; font-style: normal; font-variant:
normal; font-weight: normal; letter-spacing: normal;
line-height: normal; orphans: auto; text-align: start;
text-indent: 0px; text-transform: none; white-space:
pre-wrap; widows: auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px; display: inline
!important; float: none;" data-mce-style="color: #000000; font-family: Sans; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline
!important; float: none;"></span></span><div class="codewrap"><div class="text" style="word-wrap: break-word;" data-mce-style="word-wrap: break-word;"><ol><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;">arn_at(): warning in config file /etc/kamailio/kamailio-ldap.cfg, line 992, column 17-39: constant value in if(...)</div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> </div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> </div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> ldap_result("sipExtension/$avp(extension)");</div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> ldap_result("sipDomain/$avp(domain)");</div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> ldap_result("password/$avp(password)");</div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> </div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> }</div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> </div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> if ("$avp(s:domain)" =~ "$fd") {</div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> xlog("L_INFO", "Not alllowed $fd");</div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> sl_send_reply("403","Not allowed $fd");</div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> exit;</div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> }</div></li><li><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"> </div><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"><br></div><div style="font: normal normal 1em/1.2em monospace;
margin: 0; padding: 0; background: none;
vertical-align: top;" data-mce-style="font: normal normal 1em/1.2em monospace; margin: 0; padding: 0; background: none; vertical-align: top;"><span style="color: #000000; font-family: Sans;
font-size: medium; font-style: normal;
font-variant: normal; font-weight: normal;
letter-spacing: normal; line-height: normal;
orphans: auto; text-align: start; text-indent:
0px; text-transform: none; white-space: pre-wrap;
widows: auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px; display: inline
!important; float: none;" data-mce-style="color: #000000; font-family: Sans; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline
!important; float: none;">any help thank you </span></div></li></ol></div></div></div></div><br><fieldset class="mimeAttachmentHeader"></fieldset><br><pre>_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.sip-router.org" target="_blank" data-mce-href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a>
<a class="moz-txt-link-freetext" href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users" target="_blank" data-mce-href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre></blockquote><br><pre class="moz-signature">--
Daniel-Constantin Mierla - <a class="moz-txt-link-freetext" href="http://www.asipto.com" target="_blank" data-mce-href="http://www.asipto.com">http://www.asipto.com</a>
<a class="moz-txt-link-freetext" href="http://twitter.com/#!/miconda" target="_blank" data-mce-href="http://twitter.com/#!/miconda">http://twitter.com/#!/miconda</a> - <a class="moz-txt-link-freetext" href="http://www.linkedin.com/in/miconda" target="_blank" data-mce-href="http://www.linkedin.com/in/miconda">http://www.linkedin.com/in/miconda</a>
Kamailio World Conference - April 2-4, 2014, Berlin, Germany
<a class="moz-txt-link-freetext" href="http://www.kamailioworld.com" target="_blank" data-mce-href="http://www.kamailioworld.com">http://www.kamailioworld.com</a><br data-mce-bogus="1"></pre><br>_______________________________________________<br>SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list<br>sr-users@lists.sip-router.org<br>http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users<br></div><div><br></div></div></body></html>