1. Manuals
  2. Brands
  3. Mitel Manuals
  4. IP Phone
  5. MiVoice 6900 Series
  6. Manual

Secure Ldap Client Configuration; Certificate Configuration File; Conditions - Mitel MiVoice 6900 Series Manual

Hide thumbs Also See for MiVoice 6900 Series:
Table of Contents

Advertisement

LDAP (C
) D
ORPORATE
IRECTORY
:
NOTE
The Administrator can configure up to 10,000 contacts on the LDAP (Corporate) directory.
1.
The Mitel MiVoice 6900 Series IP phones now support LDAP in teleworker mode. Refer to the Mitel
2.
IP Sets Engineering Guidelines for details on configuration requirements.

Secure LDAP Client Configuration

You can enable secure LDAP for IP sets through the call server (that is MiVoice Business). If the LDAP
server presents a certificate that is not signed by a CA in the phone's trust store (for example, the LDAP
server presents a self-signed certificate), then the phone will need to download the public certificate in the
PEM file format to establish a secure LDAP connection. For the phone to download the certificate, you
must program the DHCP Option 125/43 or 66 on the configuration server (containing the configuration
file(.cfg)) with details from where the IP sets can download the certificate.
If the phone connects to the call server through MiVoice Border Gateway (MBG), then the DHCP options
need not be programmed. The configuration file must be placed on the MBG TFTP server (in the same
location as firmware files), and the certificate must be placed on a server that is accessible by the tele-
worker phones. If the certificate is placed on the MBG TFTP server, port 20001 must be specified in the
configuration file (for example, ldaps trusted certificates: tftp://<IP address of
FQDN>:20001/userCert.pem ).

Certificate Configuration File

The certificate configuration file must contain the following parameter:
ldaps trusted certificates: <URL of the location from where the IP sets
can download the certificate>
Examples
TFTP server:
ldaps trusted certificates: tftp:// <IP address or FQDN>/userCert.pem
FTP server:
ldaps trusted certificates: ftp://user:password@<IP address or
FQDN>/userCert.pem
HTTP server:
ldaps trusted certificates: http://<IP address or FQDN>/userCert.pem
HTTPS server:
ldaps trusted certificates: https://<IP address or FQDN>/userCert.pem

Conditions

If the configuration file is not present in the configuration server, then the system uses the mitel.cfg file.
If the mitel.cfg file also is not present, then the default startup.cfg is used.
Only one custom CA certificate is supported for secure LDAP.
This feature is not supported on the Mitel Flex Google Cloud Platform.
C
ONTACTS
S
LDAP C
C
ECURE
LIENT
ONFIGURATION
71
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Mitel MiVoice 6900 Series

Related Content for Mitel MiVoice 6900 Series

This manual is also suitable for:

Mivoice 6900w seriesMivoice 6905Mivoice 6910Mivoice 6920Mivoice 6920wMivoice 6930 ... Show all

Table of Contents