Number resolution via AudioCodes
This document describes the configuration of an AudioCodes Mediant Session Border Controller for the caller search in the XPhone Connect Directory and the name display in Microsoft Teams.
Versions and requirements
Tested die AudioCodes Versions:
7.40A.500.357
7.40A.251.284
The XPhone Connect Directory must be installed in version 9.0.271 or higher. Version-specific features are described in the text.
Microsoft Teams must be configured and licensed for the use of Direct Routing and Microsoft Teams Telephony. Contacts by XPhone must be licensed for the maximum number of users who can make calls via the telephone network.
XPhone Connect Directory configuration
General settings
Complete the dialing parameters via the Settings:
Switch to the Dialing parameters configuration menu:
Configure your individual dialing parameters:
LDAP Client Interface
Add a new client interface using the Add client interface button:
Select the type LDAP V2/V3 ANR clients:
General settings
In this step, you can define the basic settings for the client interface. Assign a name and a description and specify whether the client interface should be connected automatically when XPhone Connect Directory is started.
IP & Port
A large proportion of client interfaces are based on protocols that require an IP address and a port for operation. In this step, you can specify / customise the connection settings for the client interface. The IP address and port are already preset, but can be adjusted if required.
Configure the LDAPS protocol:
Select a certificate from the Windows operating system’s certificate store (you may need to import a certificate beforehand using the Windows certificate snap-in):
Select your certificate:
Hint
For test purposes, the unencrypted LDAP variant with port Port 389 can also be used initially. The port used and the encryption set must be consistent with the configuration of the LDAP server in the AudioCodes configuration.
Authentification
Define a user name and a password that will be configured later in the LDAP server configuration of the AudioCodes SBC as Bind DN and Password. Be sure to choose a sufficiently complex password:
Hint
The configuration of the login data by AudiCodes is described in chapter Audiocodes configuration.
Security
In this step you can specify whether you only want to allow access to XPhone Connect Directory for certain client IP addresses.
Hint
If possible, restrict access to the LDAP endpoint to the IP address of the respective AudioCodes SBC network adapter.
Search
When searching, you can specify whether data source prioritization is active and how public directories are to be included.
Phone number conversion
For call number conversion, you can define a dialing parameter per client interface with which the XPhone Connect Directory automatically completes call numbers as required. The XPhone Connect Directory uses dialling parameters to standardize phone numbers of contacts from different data sources, i.e. to bring them into a uniform format. This is the only way to ensure that users find the correct contact data when searching.
Important
For the interaction of XPhone, anynode and Teams, the format International, starts with + or International, starts with 00 must be selected for the phone number display.
Restricting the number of hits
In this step, you can define the maximum number of hits. The default setting is 25 hits per search. Limiting the number of hits reduces the load on the connected data sources. Too many search results can no longer be processed by users and indicate that a search criterion that is too broad.
Advanced settings
The following screenshots show the configuration of the LDAP attribute displayName in the format: <Name> <Vorname>, <Firma>
The setting must be made for each data source. This method allows the display format to be adapted to the data source and independently of the configuration of the SBC. Open the field mapping of the corresponding data source:
Map the desired fields with the display name. Hold down the Ctrl key to perform a multiple assignment:
Move the source fields into the desired order and define the separators. There is a space character in the text element between the first name and last name (invisible in the screenshot).
AudioCodes configuration
Activate the LDAP service under Setup > IP Network > AAA Servers > LDAP Settings. After changing the setting, the SBC must be restarted:
Create a new group under Setup > IP Network > AAA Servers > LDAP Server Groups:
Under Setup > IP Network > AAA Servers > LDAP Servers, add a new server that belongs to the group you have just created:
You have assigned the LDAP bind DN and the LDAP password in the ANR client interface configuration.
Enter vdir=VDir
as the base DN:
If encryption is activated, use a TLS context that only contains TLS1.2 (not TLS 1.3):
Now create a new rule under Setup > Signaling & Media > SIP Definitions > Call Setup Rules. Assign a unique ID and make a note of it. The simplest variant looks like this:
It requires that your SIP trunk provider provides the caller’s phone number in E.164 format. Make sure that the request target points to the name of the LDAP server group.
If you are using an XPhone Connect Directory newer than V9.0.271, insert a # character in front of the phone number and it will be converted to E-164 format based on the dialing parameters configured in the directory. This ensures that national numbers are also found correctly:
To change the display format of the name found, you can change the parameters under Attributes To Get and Action Value. If you want to set the display format in the XPhone Connect Directory, it is advisable to use the displayName attribute. Since configurations that differ from the default must be made in the XPhone Connect Directory, it is advisable not to use displayName for the first tests, but sn and givenName as shown above.
Here is the configuration if the displayName attribute is to be used. The advantage of this method is that the display format can be selected specifically for the data source (internal directories e.g. with display of the department and position, external directories with the company name). In addition, the display format can be changed independently of the SBC configuration.
Information on configuring displayName in the XPhone Connect Directory can be found in the chapter Advanced settings.
Activate the Call Setup Rule by entering its ID in the IP to IP Routing between your SIP trunk provider and Microsoft Teams:
Troubleshooting
LDAP debugging
The AudioCodes SBC enables a log output of the LDAP requests if LDAPDebugMode is set to 3 (after testing, do not forget to reset to the previous value). The quickest way to set/reset is via the Web-CLI https://<sbc-name>/AdminPage
under INI-Parameters.
Explanation of the permitted values: https://techdocs.audiocodes.com
The SBC syslog shows the LDAP search queries in the set search format for an incoming call:
The Softerra LDAP Browser tool is recommended for testing the LDAP functionality on the XPhone Connect Directory. The term (ANR=<rufnummer>)
or (ANR=#<rufnummer>)
is used as LDAP filter:
On the XPhone Connect Directory machine, the Wireshark tool can also be used to analyze LDAP requests and responses. The capture filter tcp port 389
(unencrypted mode) is recommended:
Checklist for troubleshooting
Information on the diagnostic methods mentioned can be found at LDAP Debugging.
Check whether the status
LDAP_CONNECTED
is displayed in the SBC under Setup > IP Network > AAA Servers > LDAP Servers:
If no:
Did you configure the correct IP address?
Do the firewalls allow the set port to pass?
Are the LDAP server password and LDAP bind DN configured the same in the SBC and in the directory?
Is the ANR-LDAP interface in the directory configured to the port set in the SBC? Is the port being used by another system? Note: The simultaneous binding of the Microsoft Teams client interface to the LDAP port 389 is permitted, as this is set to the IP address 127.0.0.1.
Does the SBC send the LDAP requests for an incoming call?
Set the LDAPDebugMode value to 3 and check in the AudioCodes syslog whether requests are being sent.
If no:
Does the LDAP server setting refer to the correct LDAP server group?
Is the ID of the call setup rule entered correctly in the IP-To-IP routing (correct direction of the IP route between SIP trunk and MS Teams)?
Do the requests arrive in the directory?
If possible, switch off the encryption and start Wireshark on the machine on which the directory is running. Check whether LDAP requests are received and whether they are positively acknowledged by the directory (BindRequest, SearchRequest).
Will the number be resolved?
Reproduce the SBC request from the syslog via the LDAP browser. If possible, use an unencrypted connection for testing. The syntax of the search query can be found under LDAP Debugging.
Is the LDAP connection unstable?
If the LDAP connection proves to be unstable, the No Op Timeout under Setup > IP Network > AAA Servers > LDAP Servers can be increased to the value 9:
Have you found a mistake on this page?
Or is something not formulated well or too vague? Then we look forward to receiving an e-mail, preferably with a suggestion for improvement, to doku@c4b.de. Thank you very much!