Hi, I am new to OTRS and the concept of using LDAP to authenticate with Active Directory. I have been working on this for 2 days straight and i've done loads of research and followed everything I have read to the best of my understanding but I can't seem to get it to work. Your help would be appreciated.
I have followed the official documentation without success, I have followed tutorials, http://trinityhome.org/Home/index.php?wpid=98&front_id=18 with the same result and I have searched and followed several examples from this forum but again without success. The customer login always gives me the error "Login failed! Your username or password was entered incorrectly." All this suggests to me that I am doing something wrong in the config.pm file but what I do not know. I have tried every combination of user logon I can think of just incase I was putting it in wrong. I've tried [username], [user] [name], [EMAIL PROTECTED], username.domain.com & domain\username. I have set up a user account to pull customer info of AD via LDAP as suggested. I called it otrs and it is in the Domain Users group & the Windows Authorisation Access Group as suggested in the tutorial I followed. I also created a group called otrs_allow_c and added a few user accounts in case i needed it. If I open AD Users and Computers at the top of the tree is our domain which is called woodberry.wbhltd.com. We are using Windows Small Business Server 2003 but I am sure it works in the same way with users as Windows Server 2003 does. I copied someones config.pm that was posted here and adapted it to our needs. This is the current version (after about 4 others). It is as follows: ## Set up LDAP for Customer authentication to the Frontend for customers. $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = '192.168.1.10'; # The ou= is your NT Domain name. The dc= (there may be more than one) is your AD domain name. $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=woodberry, dc=wbhltd, dc=com'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; # Our AD requures a valid login to do LDAP searches. Use a generic one, not admin, not your own. $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'whatever'; ## Set up LDAP for finding Customers when creating tickets in the Agent Frontend. $Self->{CustomerUser} = { Name => 'Exchange LDAP', Module => 'Kernel::System::CustomerUser::LDAP', Params => { # Parameters are basically the same as above. Host => '192.168.1.10', BaseDN => 'dc=woodberry, dc=wbhltd, dc=com', SSCOPE => 'sub', UserDN => 'otrs', UserPw => 'whatever', # if your frontend is e. g. iso-8859-1 and the charset of your # ldap server is utf-8, use this options (if not, ignore it) ### IMPORTANT FOR NON-ENGLISH USERS WITH SPECIAL CHARACTERS ### # You *have* to specify the SourceCharset below, else OTRS will default to # iso8859-1 (I think), and special characters will be garbled. This took me # half a day to figure out. SourceCharset => 'utf-8', DestCharset => 'utf-8', }, CustomerKey => 'sAMAccountName', CustomerID => 'mail', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ ## Set-up the fields you want to import from LDAP. I'm still looking ## for a good source on what fields are available in LDAP. # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type # [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], # [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], # [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], ], }; As I said i've tried several versions including the official version here http://doc.otrs.org/1.3/en/html/ldap-integration.html. I tried changing dc=woodberry to ou=woodberry (as some people use ou instead of dc) but that did nothing. Any help would be greatly appreciated. Thank you -- This message was sent on behalf of [EMAIL PROTECTED] at openSubscriber.com http://www.opensubscriber.com/messages/otrs@otrs.org/topic.html _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/
