This works for me SSL connection to OpenLDAP directory. I imagine AD is
something similar, you can follow the example tested 12-22-2007:
####################### 12-22-2007
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'ldaps://mblauth01.mbl.edu';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=mbl,dc=edu';
$Self->{'AuthModule::LDAP::UID'} = 'uid';
$Self->{'AuthModule::LDAP::GroupDN'} = 'cn=Information
Services,ou=MBL,ou=Institutions,ou=Groups,dc=mbl,dc=edu';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid';
$Self->{'AuthModule::LDAP::UserAttr'} = 'cn';
$Self->{'AuthModule::LDAP::SearchUserDN'} =
'uid=search,ou=users,dc=mbl,dc=edu';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'secret';
$Self->{'AuthModule::LDAP::Params'} = {
# port => 636,
timeout => 120,
verify => 'require',
cafile => '/etc/pki/tls/certs/mbl-ca.pem',
# async => 0,
# version => 3,
};
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} =
'ldaps://mblauth01.mbl.edu';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =
'ou=users,dc=mbl,dc=edu';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'uid';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} =
'uid=search,ou=users,dc=mbl,dc=edu';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'secret';
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'ldaps://mblauth01.mbl.edu',
BaseDN => 'dc=mbl,dc=edu',
SSCOPE => 'sub',
UserDN => 'uid=search,ou=users,dc=mbl,dc=edu',
UserPw => 'secret',
},
CustomerKey => 'cn',
CustomerID => '[customer_id]',
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => ['cn', 'mail'],
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# var, frontend, storage, shown (1=always,2=lite),
required,storage-type, http-link, readonly
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'cn', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'cn', 0, 1, 'var' ],
],
};
$Self->{UserSyncLDAPMap} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
####################### 12-22-2007
Kent
On Wed, 2007-12-26 at 10:12 -0800, Justin Holt wrote:
> Here is the story so far, I followed how to in the OTRS manual for how
> to set up LDAP to play nicely with Windows Active Directory. I just
> need to know if I provide
> you guys with the information for our configuration, can you tell me
> what the things
> like what BaseDN and ou can dc should be. Here is my information:
>
> Active Directory Server is @ 10.0.0.41
> Active Directory's host name is: vdp-dc-003
> Domain or Forest everyone is under is: VERNON_FR
> OTRS Active Directory User is: otrs_ldap
> OTRS Active Directory Password is: (You could just put stars so I know
> where to put it)
>
> Any help is greatly appreciated :-)
>
> _______________________________________________
> OTRS mailing list: otrs - Webpage: http://otrs.org/
> Archive: http://lists.otrs.org/pipermail/otrs
> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
> Support or consulting for your OTRS system?
> => http://www.otrs.com/
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support or consulting for your OTRS system?
=> http://www.otrs.com/
