10x for your replay.
Just follow them thoroughly, leaving not a bit aside when trying to copy examples to your Config.pm.
You may also try to thoroughly follow the advices given in the various messages on this list mentioning 'active' and 'directory'. Or
best: both. There must be some. S-}
Of course, this is not everything from my config. I'm sorry, my mistake, I've not post everything (I'm afraid this will be large and unreadable post).
And yes, I've done everything described in manuals and read everything in this list (searching LDAP, "directory", "active" adn so on), but with negative result.
Now complete story. Here is my full LDAP coniguration:
# *****
# This is an example configuration for an LDAP auth. backend.
# (take care that Net::LDAP is installed!)
# $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'Customer::AuthModule'} = Kernel::System::CustomerAuth::LDAP'; #$Self->{'Customer::AuthModule::LDAP::Host'} = 'ldap.example.com';
#$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=example,dc=com';
#$Self->{'Customer::AuthModule::LDAP::UID'} = 'uid'; $Self->{'AuthModule::LDAP::Host'} = 'heb-hdo-dc-03.hebros.bg';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=hebros,dc=bg';
$Self->{'AuthModule::LDAP::UID'} = 'uid';
# $Self->{'AuthModule::LDAP::UserAttr'} = 'UID'; # non Anonumous login, searching
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=OTRS,ou=Service
Users,ou=HeadOffice,dc=hebros,dc=bg'; CustomerUser
(customer user ldap backend and settings)
$Self->{CustomerUser} = {
Name => 'LDAP Source',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
# ldap host
Host => 'heb-hdo-dc-03.hebros.bg',
# ldap base dn
BaseDN => 'dc=hebros,dc=bg',
# search scope (one|sub)
SSCOPE => 'sub',
# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the
LDAP tree
UserDN => 'cn=OTRS,ou=Service
Users,ou=HeadOffice,dc=hebros,dc=bg',
UserPw => 'XXXXXXX',
# in case you want to add always one filter to each ldap
query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or
AlwaysFilter => '(objectclass=user)'
AlwaysFilter => '',
# Net::LDAP new params (if needed - for more info see perldoc
Net::LDAP)
Params => {
port => 389,
version => 3,
},
},
# customer uniq id
CustomerKey => 'uid',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['uid', 'cn', 'mail'],
CustomerUserSearchFields => ['uid', 'cn', 'mail'],
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'uid', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
# ***My AD structure is (AD server is heb-hdo-dc-03.hebros.bg):
root
|
+-> hebros.bg
|
+-> HeadOffice
|
+-> Service Users
|
+-> OTRS
I think string: cn=OTRS,ou=Service Users,ou=HeadOffice,dc=hebros,dc=bg
is correct enough. We disable anonymous search in AD. I think BaseDN is "dc=hebros,dc=bg". Am I on the right way?
I have no experiеnce with LDAP servers, but when I config my email
client to work with LDAP directory (with string above), everithing is OK (with this BaseDN).
Is there somethig Active Directory specific in sintax?
-- Best regards, Vladimir Gerdjikov
Communication and NOS Manager, HebrosBank Head Office, +359 32/903435, +359 888 578 458 KeyID:BC821E9B from http://wwwkeys.uk.pgp.net Fingerprint: 503C 54EE C1B0 B446 DD84 5A3A 4E05 4D62 BC82 1E9B
_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting fьr Ihr OTRS System? => http://www.otrs.de/
