AMI Permissions issue

In my manager.conf I have the permissions for a given user set to:
read = system,call,log,verbose,agent,user,config,dtmf,reporting,cdr,dialplan
write = originate

However, when I am using the AMI, and do “Action: ListCommands”, the list I get is:
WaitEvent: (Priv: )
MixMonitorMute: (Priv: )
ParkedCalls: (Priv: )
ListCommands: (Priv: )
Originate: (Priv: originate,all)
Ping: (Priv: )
Challenge: (Priv: )
Login: (Priv: )
Logoff: (Priv: )
Events: (Priv: )
DataGet: (Priv: )

I do not get access to any other commands, so I cannot do things like hangup calls, get channel information, etc. It seems like a command like “sip show channels” would be a “read” permission, and since I have all read permissions I should get a longer list than AMI returns to me for ListCommands.

How can I use other commands?

EDIT: I was also just trying to do a simple “Action: Originate” but this was also failing. My call looked like:
Action: Originate
Channel: SIP/@
Context: default
Priority: 1
Timeout: 30000
Callerid: 10

I’m very new to AMI and asterisk/SIP in general. However, I am watching the events happen via the CLI and am also sniffing all the SIP packets. Within the CLI I see the following warning:
WARNING[17320]: chan_sip.c:19568 handle_response_invite: Received response: “Forbidden” from '“10” sip:10@wrong_sip_domain;tage=asdasdfa
And then after the timeout specified in the call:
WARNING[17320]: chan_sip.c:retrans_pkt: Retransmission timeout reached on transmission

The domain that Asterisk shows in the first error is the wrong domain. I don’t reference it in my originate script, so I have no idea how it is getting there. Thanks.

sip show channels is a CLI command. I think you will find the permission is set on the ability to do CLI commands, which can certainly write, not for each specific CLI command.

Thanks david55. So I built my manager.conf off a template. I included in the read line every permission that was listed in the template. What else would I need to add to my manager.conf permissions to be able to get channel information (which seems like it would be a “read” permission)?

centos*CLI> manager show command command
Action: Command
Synopsis: Execute Asterisk CLI Command
Privilege: command,all

You are not getting channel information, you are running a CLI command, and may well require write for command, not just read for it. If you wanted non-SIP channel information, you would use:

Action: CoreShowChannels
Synopsis: List currently active channels
Privilege: system,reporting,all

which is internal to AMI and would ony need read permission.

Thanks again david55. I’m using this to try to to Conference, Transfer and Hangup. Using the command you suggested I can parse out the channel id, do a hangup. To create a transfer I’m going to just hang up the first leg, then do an “originate” to create the transfer leg of the call. What, though, does a conference call look like as done through AMI? Thanks in advance…hopefully soon I can versed enough to be a contributor as well.