I am no expert in giving a step by step, but here is a copy of my
config.pm file which is working for customer LDAP auth via my Windows AD
domain... hope it helps:
As always, make a backup copy of the original Config.pm file before you
start modifying....
I created a user account in AD called "otrs ldap" and use that account
to authenticate the LDAP query from otrs. Windows AD will not allow
anonymous lookups so this is a necessary step...
# This is an example configuration for an LDAP auth. backend.
# (take care that Net::LDAP is installed!)
$Self->{'Customer::AuthModule'} =
'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '10.xxx.xxx.xx';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =
'dc=domain,dc=local';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=otrs
ldap,OU=Users,DC=domain,DC=local';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';
The section below is for the customer lookups via the Phone Ticket/Email
Ticket screen to add a new ticket for a customer. It allows the agent
type a piece of the customer info and search AD for the user... The
system must be able to verify the customer in AD before it will let you
enter a ticket.
# (customer user ldap backend and settings)
$Self->{CustomerUser1} = {
Name =>'LDAP Backend',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
# ldap host
Host => '10.xxx.xxx.xx',
# ldap base dn
BaseDN => 'dc=domain,dc=local',
# search scope (one|sub)
SSCOPE => 'sub',
# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the
LDAP tree
UserDN => 'CN=otrs ldap,OU=Users,DC=domain,DC=local',
UserPw => 'password',
AlwaysFilter => '',
#SourceCharset => 'utf-8',
#DestCharset => 'iso-8859-1',
},
# customer uniq id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
With Best Regards,
Tim Miller
Network Administrator
DBT America, Inc.
Houston, PA
________________________________
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
VI - Mario Tonin
Sent: Wednesday, November 22, 2006 6:30 AM
To: [email protected]
Subject: [otrs] LDAP Authentication
Is there anyone who can give me a step-by-step guide to configure ldap
autentiation for costumers?
I've added this entry:
$Self->{'Customer::AuthModule'} =
'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} =
'vidc2.battistolligroup.it';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =
'dc=battistolligroup,dc=it';
. . . . . . . . . . . . . . . . . . .
Mario Tonin
[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
B.T.V. s.p.a.- Sistemi Informativi
Via Luca della Robbia 60
36100 - Vicenza - Italy
w http://www.battistolli.it <http://www.battistolli.it/>
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support orr consulting for your OTRS system?
=> http://www.otrs.com/
