H.350 Conformance Test Suite
(Click here to download a Microsoft Word version of this document.)
Nadim El-Khoury
University of North Carolina
Nadim_Elkhoury@unc.edu
Tyler Miller Johnson
University of North Carolina
Tyler_Johnson@unc.edu
February 10, 2004
Scope
This test suite includes a procedure to analyze an LDAP directory and verify that it contains the properly defined attributes for H.350. This suite also provides access to a known good LDAP directory contain sample H.350 attributes. Call servers, endpoints and white pages can access this directory to ensure that they can read and interpret these attributes.
This test suite supports H.350 - H.350.5.
1. Confirm That An LDAP Server Has
The H.350 Schema Properly Defined
One of the quickest ways to check and see if an LDAP server has the H.350 schemas defined is by running the Internet2 LDAP Analyzer against it. The purpose of this service is to inspect schema and report on anomalies, inspect attributes for compliance with the H.350 object classes, and inspect operational characteristics of a directory to determine things such as whether or not certain critical attributes are properly indexed for searches.
The analyzer program is available at the following address:
http://ldap.mtu.edu/internet2/analyzer/index.shtml
To start analyzing your LDAP server click on setup, this is on the left hand side of the screen.
You will be taken to the screen shown below.
You need to fill in the hostname, Base Suffix and Port Number. Then make sure that you check mark the box for H.350 in the Available Schema checks. The final step of course to click Submit Query. Then wait for the result to be displayed on the screen. If you have run the test before, it will ask you if you want to display the result of the previously cached analysis or run a new analysis. Just make sure to click on new analysis.
The LDAP Analyzer can also connect to your LDAP server over SSL. You just need to provide your public key in the private CA section and also make sure to check mark the box use SSL?
2. Confirm That A
System Can Read H.350 Attributes
A known good H.350 entry exists in the ViDeNet directory. Use a web browser to go to https://videnet.unc.edu/vide-dod/ and search for 'IMTC'. The system will return the enterprise directory and H.350 information for the IMTC test account.
Selecting
'Name/Owner' will yield the user information for this account, including
commURI. Selecting 'Endpoint Name' will yield the H.350 information. The H.350
information for this endpoint is shown at right. This endpoint has one of each
H.350 attribute (see notes below).
Your system should make anonymous LDAP calls to Internet address videnet.unc.edu and attempt to retrieve each attribute.
When searching for a commURI the base search is
"ou=people,dc=vide,dc=net"
When searching for the rest of the H.350 attributes the base search is
"ou=h323identity,dc=vide,dc=net". The scope should be set to sub-tree
search
If your system is a call server, then the call server should use the H.350 information to register a corresponding endpoint. If your system is an endpoint, it should use the H.350 information to initiate a call. If you are using H.350 for endpoint configuration, you should use the H.350 information for endpoint configuration, registering securely with a call server.
Notes
1. The LDAP server will not return the following attributes for security reasons: SIPIdentityPassword, h235IdentityPassword
2. The LDAP server will return the following attributes, but they are not displayed in the ViDeNet web interface for security reasons: SIPIdentityUsername, h235IdentityEndpointID.
3. The LDAP server does not contain any X.509 certificates.
4. The LDAP server does not support SSL at this time.
5. This test suite does not include H.350.6 attributes.