Re: [otrs] OpenLDAP

Wed, 23 Jan 2008 14:46:13 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi Niels.

On Wed, 23 Jan 2008, Nielson, Adam wrote:


I am banging my head against the wall with LDAP authentication.  I have tried everything! 
 I now have access to a server, "ldap.test.com" and know the ou=People, and can 
use tools like Softerra LDAP Browser to confirm all this (via anonymous access).

What am I doing wrong?  All the documentation reflects an AD environment, is 
this my problem?


Should the line:          $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';  
<--- and related lines be something different for OpenLDAP?  I have tried leaving 
the login info blank, commented out, left in, etc.

I have tried the line:  $Self->{'AuthModule::LDAP::Host'} = 'ldap.test.com'; 
<--- with and without port number.

I have tried the line: $Self->{'AuthModule::LDAP::BaseDN'} = 'o=test.com'; <--- 
Ive also tried it with the ou=People added in, I don't see anything for a dc=, but 
ive tried all kinds of variants.
You've posted a scene where AD is the authentication backend. For OpenLDAP the next lines will show you the differences: 


    # LDAP auth
    $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
    $Self->{'AuthModule::LDAP::Host'} = 'your.ldapserver.company.com';
    $Self->{'AuthModule::LDAP::BaseDN'} = 'ou=users,dc=intra,dc=company,dc=com';
    $Self->{'AuthModule::LDAP::UID'} = 'uid';
If there is a need to bind an administrative account to read some attributes from your ldap you need to set config items like this: 

    $Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=admin,dc=company,dc=com';
    $Self->{'AuthModule::LDAP::SearchUserPw'} = 'admins secret';
To get some information about your ldap structure you should use 'ldapsearch'. 

Regards and HTH,

Rico
- -- Dipl.-Math. Rico Barth, Geschäftsführer/Projektleiter 
c.a.p.e. IT GmbH
Annaberger Straße 240 , 09125 Chemnitz
phone/fax: +49 371 5347-621 / -625
mobile:    +49 176 66680786
mailto:    [EMAIL PROTECTED] , PGP-Key: 0x874C8377
internet:  www.cape-it.de

Geschäftsführung Rico Barth, Thomas Maier
AG Chemnitz, HRB 23192
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFHl8Osmy4UBYdMg3cRAgiPAJ9MtyKEtSY4NGxJFCiavPDYaPzG0QCfarrm
gavFCa2nmvdWuUw887vnTCc=
=RaTQ
-----END PGP SIGNATURE-----

_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support or consulting for your OTRS system?
=> http://www.otrs.com/

Reply via email to