Re: [otrs] LDAP: Agent-Login works, but Customer-Login does not. Problem with AuthModule::LDAP::AlwaysFilter

Mon, 27 Aug 2012 21:11:32 -0700 

This is how I made mine work.  You can adapt as needed.........


# Enable LDAP Authentication Sync for Agent #
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'ldap://172.16.223.2:389';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=yourdomain,dc=com';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::UserAttr'} = 'DN';
$Self->{'AuthSyncModule::LDAP::AccessAttr'} = 'member';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'cn=OTRS,ou=Technical 
Support,dc=yourdomain,dc=com';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'LookupPasswordHere';

# Enable Agent Mapping from LDAP to DB #
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};

# Enable Customer Authentication
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'dc1.yourdomain.com';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=yourdomain,dc=com';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 
'CN=Users,DC=yourdomain,DC=com';
$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
#$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID';
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';

$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=OTRS,ou=Technical 
Support,dc=yourdomain,dc=com';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'LookupPasswordHere';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '';
$Self->{'Customer::AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
};



Timothy J. Deerinck
Owner / Senior Network & Systems Engineer


This e-mail and any attachments may contain confidential and
privileged information. If you are not the intended recipient,
please notify the sender immediately by return e-mail, delete this
e-mail and destroy any copies. Any dissemination or use of this
information by a person other than the intended recipient is
unauthorized and is strictly prohibited by law.
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Reply via email to