Sorry to take so long to reply. I'm afraid I didn't bookmark any URLs but found
them all on google.fr with "otrs ldap" - many were in french . . .
Here's the Config.pm that works for me - let me know if anything is not clear:
# **************************************************** #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# **************************************************** #
$Self->{'SendmailModule'} = 'Kernel::System::Email::SMTP';
$Self->{'SendmailModule::Host'} = 'our.smtp.server';
$Self->{'SendmailModule::Port'} = '25';
# UserSyncLDAPMap
# (map if agent should create/synced from LDAP to DB after login)
$Self->{UserSyncLDAPMap} = {
# DB -> LDAP
Firstname => 'givenName',
Lastname => 'sn',
Email => 'mail',
};
$Self->{'SystemID'} = 10;
$Self->{'SecureMode'} = 1;
$Self->{'Organization'} = 'our company';
use locale;
Self->{'AdminEmail'} = '[EMAIL PROTECTED]';
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'LDAP-AD.domain.suffixe';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=domain,dc=suffixe';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN'} =
'cn=otrs,cn=users,dc=domain,dc=suffixe';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'xxxxxxxx';
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'LDAP-AD.domain.suffixe';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=domain,dc=suffixe';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} =
'cn=otrs,cn=users,dc=domain,dc=suffixe';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'xxxxxxxx';
$Self->{CustomerUser1} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
# ldap host
Host => 'LDAP-AD.domain.suffixe',
# ldap base dn
BaseDN => 'dc=domain,dc=suffixe',
# search scope (one|sub)
SSCOPE => 'sub',
# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the LDAP tree
UserDN => 'cn=otrs,cn=users,dc=domain,dc=suffixe',
UserPw => 'xxxxxxxx',
AlwaysFilter => '',
SourceCharset => 'utf-8',
DestCharset => 'iso-8859-1',
},
# customer uniq id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'uid',
CustomerUserListFields => ['userPrincipalName'],
CustomerUserSearchFields => ['sAMAccountName', 'sn', 'givenname'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['uid'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'userPrincipalName', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
],
};
$Self->{CustomerUser2} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
# ldap host
Host => 'sfbelgique.suffixe.world',
# ldap base dn
BaseDN => 'dc=suffixe,dc=world',
# search scope (one|sub)
SSCOPE => 'sub',
# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the LDAP tree
UserDN => 'cn=otrs,cn=users,dc=suffixe,dc=world',
UserPw => 'xxxxxxxx',
AlwaysFilter => '',
SourceCharset => 'utf-8',
DestCharset => 'iso-8859-1',
},
# customer uniq id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'uid',
CustomerUserListFields => ['userPrincipalName'],
CustomerUserSearchFields => ['sAMAccountName','sn', 'givenname'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['uid'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'userPrincipalName', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
],
};
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# End of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of "Pussy da Silva
Green" <[EMAIL PROTECTED]>
Sent: Monday, June 25, 2007 10:26 AM
To: User questions and discussions about OTRS.org
Subject: Re: [otrs] ldap customer auth
Hello,
I'm having some troubles to configure my OTRS no authenticate the users via
LDAP. Can you send me some URLs that guided you and, perhaps, you config files?
Cheers,
On 6/23/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Hello,
I've ldap authentification set up and working perfectly (thanks to all those
whose tutorials were available by Google).
Now I'd like (but perhaps this is simply not possible ?) to let customers login
from another LDAP server (AD actually), I can see them from an admin login but
when they try to login it just looks in the first LDAP server (I must point out
that these ADs are completely autonomous and unrelated).
It would be great if it is possible but even without OTRS is fantastic !
Thanks in advance,
Adam
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support or consulting for your OTRS system?
=> http://www.otrs.com/
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support or consulting for your OTRS system?
=> http://www.otrs.com/
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support or consulting for your OTRS system?
=> http://www.otrs.com/
