I've followed everything to the sample config that it is listed in the otrs 1.3
AD documentation, but it still doesn't work. I believe I've correctly entered
my information, but I may not have.
Here's my config.pm ... again.
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'root';
# DatabasePw
# (The password of database user. You also can use bin/CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'hot';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} =
"DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# (The database DSN for PostgrSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} =
"DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = '/opt/otrs';
# **************************************************** #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# **************************************************** #
# $Self->{SessionUseCookie} = 0;
# $Self->{'CheckMXRecord'} = 1;
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'asf-fp1.allstatefastener.local';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=allstatefastener,dc=local';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN'} =
'cn=otrs,cn=Users,dc=allstatefastener,dc=local';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'asfcorp02';
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} =
'asf-fp1.allstatefastener.local';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =
'dc=allstatefastener,dc=local';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} =
'cn=otrs,cn=Users,dc=allstatefastener,dc=local';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'asfcorp02';
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'asf-fp1.allstatefastener.local',
BaseDN => 'dc=allstatefastener,dc=local',
SSCOPE => 'sub',
UserDN => 'cn=otrs,cn=Users,dc=allstatefastener,dc=local',
UserPw => 'asfcorp02',
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => 'sAMAccountName', 'cn', 'mail',
CustomerUserSearchFields => 'sAMAccountName', 'cn', 'mail',
CustomerUserPostMasterSearchFields => 'mail',
CustomerUserNameFields => 'givenname', 'sn',
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
# [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
# [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
# [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
# [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
# CustomerUser1
# (customer user ldap backend and settings)
$Self->{CustomerUser1} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
#ldap host
Host => 'asf-fp1.allstatefastener.local',
#ldap base dn
BaseDN => 'cn=Users, dc=allstatefastener, dc=local',
#search scope (one|sub)
SSCOPE => 'sub',
#The following is valid but would only be necessary if the
#anonymous user does NOT have permission to read from the LDAP tree
UserDN => 'cn=otrs, cn=Users, dc=allstatefastener, dc=local',
UserPw => 'asfcorp02',
AlwaysFilter => '',
SourceCharset => 'utf-8',
DestCharset => 'iso-8859-1',
},
# customer uniq id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
# [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
# [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
# [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
Thanks,
Mike Pietersen, A+, MCP
All State Fastener Corporation
IT (586) 498-1388
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Luca Corti
Sent: Thursday, January 19, 2006 9:38 AM
To: User questions and discussions about OTRS.org
Subject: RE: [otrs] Active Directory/LDAP authentication problem
On Thu, 2006-01-19 at 09:35 -0500, Mike Pietersen wrote:
> Does ANYONE have a working/authenticating AD/LDAP config.pm that they
> can post?
For Agents or Customers?
You can find detailed instructions in the 1.3 manual.
HTH
--
Luca Corti
PGP Key ID 1F38C091
BOFH excuse of the moment:
Electricians made popcorn in the power supply
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support oder Consulting für Ihr OTRS System?
=> http://www.otrs.de/
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support oder Consulting für Ihr OTRS System?
=> http://www.otrs.de/
