I am trying to get OTRS to pull the customers from our AD through LDAP
but can't seem to get it working. I have dug through old posts and found
various suggestions (such as the #UserSyncLDAPMap section at the bottom
of my config) but none have seemed to work. My current config is:
#----config from C:\ProgramFiles\OTRS\Kernel\config.pm----
#Enable LDAP authentication for Customers / Users
$Self->{'Customer::AuthModule'} =
'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'DC.Domain.ORG';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =
'ou=users,dc=domain,dc=org';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#The following is valid but would only be necessary if the
#anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'Otrsuser';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'DC.Domain.ORG',
BaseDN => 'OU=staff,DC=domain,DC=org',
SSCOPE => 'sub',
UserDN =>'domain\Otrsuser',
UserPw => 'password',
},
# customer unique id
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
],
};
# UserSyncLDAPMap
# (map if agent should create/synced from LDAP to DB after login)
$Self->{UserSyncLDAPMap} = {
# DB -> LDAP
Firstname => 'givenName',
Lastname => 'sn',
Email => 'mail',
};
# UserSyncLDAPGroups
# (If "LDAP" was selected for AuthModule, you can specify initial
# user groups for first login.)
$Self->{UserSyncLDAPGroups} = [
'users',
];
Thanks for your help,
Ryan
______________________________________________________________________
This email has been scanned by the Rebekah Children's Services Email Security
System.
**** Confidentiality Notice *****
The information contained in this e-mail, and any attachment, is private and
confidential and is the property of Rebekah Children's Services. The
information is intended only for the use of the intended recipient. If you are
not the intended recipient, you are hereby notified that any disclosure,
copying, distribution, or taking of any action in reliance on the contents of
the information is strictly prohibited. If you have received this e-mail in
error, please immediately notify the sender and destroy all copies of the
original message.
All reasonable precautions have been taken to ensure no viruses are present in
this e-mail. We do not accept responsibility for any loss or damage arising
from the use of this e-mail or attachments. We recommend that you subject
these to your virus checking procedures prior to use.
______________________________________________________________________---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/
