Update statusNovember 2023
Product relevance

estos ProCall 8 Enterprise

estos ProCall 7 Enterprise

LDAP directory as data source in the ProCall Enterprise client

ProCall Enterprise offers the option of setting up the ProCall Enterprise client as an LDAP client in order to integrate an LDAP directory:

  • For name resolution for incoming calls
  • During the search

You can find the corresponding documentation here:

Configuration notes

When setting up the connection of an LDAP directory, the details of the LDAP server to be connected must be entered in the directory service (LDAP) dialog:

Example screenshot: Search – Data sources – LDAP data sources 

Server nameThe FQHN of the LDAP server must be entered here
Port (Default: 389)

The listening port of the LDAP server for accessing the directory service is specified here.
The default value is 389 for unencrypted and STARTTLS connections.
The default value is 636 for a TLS or SSL connection.
LDAP connections via UDP are outside the standards.

Using SSL

Option to activate SSL encryption of the LDAP connection.

Using the Global Catalog

This option is not available here.

Paged search

Search result paging is only available in conjunction with LDAP version 3.

LDAP version

Depending on the directory service to be connected, the version of the LDAP protocol offered there, usually LDAP version 3.
LDAP version 2 is only offered by directory services for compatibility reasons to support older LDAP clients.

Example screenshot: Database wizard – Directory Service (LDAP) – Server name, Port, LDAP version

The accessibility of the addressed LDAP server is checked immediately via Next > to the next dialog..
If the LDAP server cannot be reached under the specified connection data, a corresponding error message appears.

Example screenshot: Database wizard – Accessibility of the LDAP server – Error message The connection to the server failed. Server shut down

Possible reasons for a failed connection:

  • Directory service on the LDAP server is not started or not activated
  • Network between ProCall Enterprise client and LDAP server does not allow connection between these hosts
  • A security device in the network prevents a connection between ProCall Enterprise client and LDAP server, e.g. firewall
  • The information for addressing the LDAP server (server name or port) is not correct

The user ID for an authenticated LDAP connection can be stored in the Login information dialog.

Example screenshot: Database wizard with login information

The selected authentication is checked via Next > to the next dialog.

If the login data cannot be authenticated by the addressed LDAP server, an error message appears The connection to the server failed. Invalid login information.

Example screenshot: Database wizard error message for invalid credentials

Search parameters in search options

You can set the parameters for the search in the Search options dialog:

Search parameters

Search base

The LDAP container is specified here as the BaseDN that is to be searched for.
By default, the LDAP scope sub is used so that all containers subordinate to the BaseDN are also searched.
(See setting option Search only in the search base (no sub-folders)).


The object class or other filter parameters can be set here to avoid unwanted hits or to optimize the search. 
The syntax to be used here is based on RFC 2254. One filter expression can be specified, the stringing together of several filter expressions is not intended to be LDAP-compliant.

Search only in search base 
(no subdirectories)

This option controls the LDAP scope for the search.
The LDAP protocol recognizes the three scopes:

  • base/baseObject – only the BaseDN (see search base) is searched, this scope is not available in ProCall Enterprise client,
  • one/singleLevel – in addition to the search in the BaseDN, a level below the BaseDN is also searched for matches.
  • sub/wholeSubtree – the BaseDN and the entire directory structure below the BaseDN are searched.

This option is deactivated by default and the scope sub is therefore set. 
If this option is activated, the search queries are executed in the scope base.

Timeout in seconds

Time period that must be exceeded between sending the search query and receiving the response in order to interpret an LDAP query as unsuccessful due to timeout.

Maximum number of entries displayed during the search

Here the size of the page is specified by the client in order to inform the LDAP server of the maximum number of hits to be returned within a result response.
For this setting to be taken into account, the paged search setting option must be activated in the directory service (LDAP) dialog.

Example screenshot: Database wizard – Search options for contacts in the LDAP directory – Search base, Filter, Timeout, Maximum number of entries

Click Next > to go to the next dialog Assigned fields to link the LDAP attributes of the LDAP source directory with the attributes used in ProCall Enterprise client:

Assign attributes/fields

Example screenshot: Database wizard – Map fields – Source – Destination

The attributes to be displayed in ProCall Enterprise client must be assigned the corresponding source attributes from the LDAP directory.

The fields can be assigned either using the arrow keys between the list elements or using drag-and-drop.

To simplify the mapping of the source and target attributes, the navigation buttons First and Next are located under the left-hand list element. These can be used to visualize the LDAP object contents from the source directory.

The Standard and Delete buttons are located under the right-hand list element. 
The Standard provides a frequently used assignment of source and target attributes, which must, however, be adapted to the actual situation or at least verified. The Delete button removes all mappings so that all required mappings must be selected from the start.

Export/import configuration file

In the bottom left-hand corner of the dialog, you will find the options for importing and exporting the assignment configuration:

Folder icon

Import assignment configuration

Diskette icon

Export assignment configuration
The file extension for this configuration file is .FXM.

Several source attributes can also be mapped to one target attribute.
However, this feature is not supported in all masks or dialogs of ProCall Enterprise client and leads to incorrect results in the parameterized search in connection with LDAP data sources.

The suitability of this configuration option must therefore be verified before it is used in productive operation.

Enter profile name

Finally, a Profile name is specified for the LDAP connection set up:

Example screenshot: Database wizard – Field mapping successfully completed – Specify profile name

This profile name for the LDAP connection is also displayed in the search results list as a categorization according to the source origin, which is why it is recommended to assign a meaningful data source name here.
In extensive hit lists, this categorization by data source origin ensures a better overview.

Calling up the configuration

With the exception of the profile name, all configuration steps and selected settings made above can be changed by editing the data source via Edit... - Advanced - Configure... is called up:

Example screenshot: LDAP Directory – Server – Port – Search base – Configuration

Search filters used

The ProCall Enterprise client search function on an LDAP directory service depends on a conscientious assignment of the source and target attributes
Therefore, here are some examples of the search in ProCall Enterprise client and the resulting LDAP search filter.


Name search

The name search searches for a character string in all name fields. No commas are used in this search query so as not to search for specifically selected attributes such as first name, surname, department, company or location. The LDAP search query then contains this search filter (using the example of the search for the character string Anderson):

(&(objectClass=*)(|(|(|(|(|(|(|(sn=Anderson*)(sn=* Anderson*))(givenName=Anderson*))(givenName=* Anderson*))(displayName=Anderson*))(displayName=* Anderson*))(company=Anderson*))(company=* Anderson*)))

Detailed search

estos ProCall Enterprise client can be customized for the detailed search. Further information on this can be found in the online help or the help (search term search parameters).

A specific search parameter can be selected by entering commas:

In the example shown, a company is searched for. The LDAP search filter then appears in this form:

(&(objectClass=*)(|(o=metacortex*)(o=* metacortex*)))

Combined detail search

The combined search for a first name (Thomas) and a company (metaCortex)

For example, shows the LDAP search filter like this:

(&(&(objectClass=*)(|(|(|(|(|(givenName=Thomas*)(givenName=* Thomas*))(sn=Thomas*))(sn=* Thomas*))(displayName=Thomas*))(displayName=* Thomas*)))(|(o=metacortex*)(o=* metacortex*)))

Test and analysis tools

In order to optimally connect an LDAP directory service to estos ProCall Enterprise client, detailed knowledge of the structure of the directory is required.
It is advisable to use an LDAP client or LDAP browser that is independent of the estos software to obtain a comprehensive picture of the LDAP schema (attributeTypes, ldapSyntaxes, matchingRules, objectClasses), i.e. the object classes, the objects and their attributes (with MUST and MAY constraints, comparison rules, permitted character types, ...) in the directory to be connected.
The OpenLDAP client tools, JXplorer, Softerra LDAP browser, LDAP admin, LDAP browser, ... are representative of many freely available LDAP client applications.

In order to verify the ProCall Enterprise client search functions in connection with an LDAP directory, these test tools offer the possibility to directly enter LDAP bindRequests and LDAP searchRequests including searchFilters, for example, in a simple way and thus verify the directory queries.

Further information

Best practice: Administrative specification of data sources and search nodes

estos ProCall 8 Enterprise customize – Search

estos ProCall 7 Enterprise customize – Search