Ldap realtime not work in asterisk 1.8.11

res_ldap.conf

[_general]
;
; Specify one of either host and port OR url.  URL is preferred, as you can
; use more options.
;host=192.168.1.1                    ; LDAP host
host=lync-demo.local                    ; LDAP host
port=389
url=ldap://ad.lync-demo.local:389
protocol=3                          ; Version of the LDAP protocol to use; default is 3.
basedn=dc=lync-demo,dc=local            ; Base DN
;user=cn=administrator,dc=lync-demo,dc=local  ; Bind DN
user=cn=administrator,cn=users,dc=lync-demo,dc=local  ; Bind DN
;user=dc=lync-demo,dc=local  ; Bind DN
pass=Esi888888 



[extensions]
;context  =  AstExtensionContext
;context  =  givenname
;exten  =  AstExtensionExten
attribute=exten=givenname
;priority = AstExtensionPriority
;attribute=priority=givenname
;app = AstExtensionApplication
;appdata = AstExtensionApplicationData
additionalFilter=(objectClass=user)
extconfig.conf
extensions => ldap,"dc=lync-demo,dc=local",extensions
[from-internal]
include => from-internal-xfer
include => bad-number
switch => Realtime/@extensions
exten=> William,1,Set(CHANNEL(secure_bridge_media)=1)
exten=> William,2,Set(_SIP_SRTP_SDES=1)
exten=> William,3,Set(_SIPSRTP=optional)
exten=> William,4,Set(_SIPSRTP_CRYPTO=enable)
exten => William,5,Set(b="${REALTIME(extensions,givenname,William)}")
exten => William,6,NoOp(${b})
exten => William,7,Set(pair=${CUT(b,"|",1)});
exten => William,8,Set(col_name=${CUT(pair,"=",2)});
exten=> William,n,Hangup()

I use realtime to connect ldap server at lync
But When I query the ldap , I get below error in full log .
I expect the ldap query will get back something according input givename=William .

The REALTiME function cannot retrevie the givename from lync and output null.
There is this key/attribute in lync server …

There is openration error .
The lync ldap server is working and I can use the filter (&(objectClass=user)(givenname=William)) to get the result by
php ldap_Search … it is work .

Please advice what is wrong in asterisk I use asterisk 1.8.11 …

[Oct 30 00:42:48] DEBUG[9260] app_queue.c: Device ‘SIP/3200’ changed to state ‘2’ (In use) but we don’t care because they’re not a member of any queue.
[Oct 30 00:42:48] WARNING[9264] res_config_ldap.c: Failed to query directory. Error: Operations error.
[Oct 30 00:42:48] WARNING[9264] res_config_ldap.c: Query: (&(objectClass=user)(givenname=William))
[Oct 30 00:42:48] DEBUG[9264] pbx.c: Function result is ‘(null)’
[Oct 30 00:42:48] DEBUG[9264] pbx.c: Launching ‘Set’
[Oct 30 00:42:48] VERBOSE[9264] pbx.c: – Executing [William@from-internal:5] Set(“SIP/3200-00000000”, “b=”"") in new stack

Log for asterisk full
dl.dropbox.com/u/68357652/full.rar

I solve it by myself. I hope I can share the related information with other …

I use ldap to connect to lync/microsoft AD.

I find the res_ldap.conf and its module cannot work if the lync only allow
ldap_bind with username and password like USERNAM@XXXX and PASSWD.
In full log, you wil see "operation error " or something like this …
In whireshark log ,view by protocol LDAP, you will find the LDAP bind request is not
normal to lync …
Lync OR Microsoft AD do not allow the username with format “CN=XXX,DC=XXXXX…”.
In order to connect to this lync , you need to set the option field in ldap_bind .

There is a opt in ldap_bind …

LDAP_OPT_REFERRALS=>LDAP_OPT_OFF or 0.

Then the ldap_bind can connect to lync server and search the related information .

The default module in asterisk 1.8.11 is not set this option .
You need to change the src code in /res_config_ldap.c
Set this option and the res_ldap in asterisk can work with lync .
After change src code and re-compile ,
I try to use function REALTIME(XXXXX) in extensions.conf and it work and I can
get the related attribute/key value I want through ldap to Lync/Microsoft AD server …