Thanks for the information, I found the right information here: http://forums.otterhub.org/viewtopic.php?f=61&t=19875
You were right about the groupDN - didn't need it. Simon From: [email protected] [mailto:[email protected]] On Behalf Of Gerald Young Sent: 15 May 2013 15:09 To: User questions and discussions about OTRS. Subject: Re: [otrs] LDAP customer information Check this: https://www.google.com/search?q=site:forums.otterhub.org+scalars+leaked and https://www.google.com/search?q=site:forums.otterhub.org%20sizelimit%20exceeded On Wed, May 15, 2013 at 10:03 AM, Simon Allison <[email protected]<mailto:[email protected]>> wrote: Sorry about that, I had commented out a lot of the config, as this is on windows. Here is our system OTRS 3.2.2 Windows 2003 Apache log shows : Message: Sizelimit exceeded RemoteAddress: 172.16.52.51 RequestURI: /otrs/index.pl?Action=AdminCustomerUser;Nav=Agent<http://index.pl?Action=AdminCustomerUser;Nav=Agent> Traceback (536): Module: Kernel::System::CustomerUser::LDAP::CustomerSearch (v1.74) Line: 383 Module: Kernel::System::CustomerUser::CustomerSearch (v1.72) Line: 198 Module: Kernel::Modules::AdminCustomerUser::_Overview (v1.105) Line: 665 Module: Kernel::Modules::AdminCustomerUser::Run (v1.105) Line: 602 Module: Kernel::System::Web::InterfaceAgent::Run (v1.73) Line: 866 Module: ModPerl::ROOT::ModPerl::Registry::C_3a_Program_20Files_OTRS_OTRS_bin_cgi_2dbin_index_2epl::handler (unknown version) Line: 48 Module: (eval) (v1.94) Line: 204 Module: ModPerl::RegistryCooker::run (v1.94) Line: 204 Module: ModPerl::RegistryCooker::default_handler (v1.94) Line: 170 Module: ModPerl::Registry::handler (v1.99) Line: 31 Scalars leaked: 1 Scalars leaked: 1 Scalars leaked: 1 Scalars leaked: 1 Scalars From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Gerald Young Sent: 14 May 2013 15:19 To: User questions and discussions about OTRS. Subject: Re: [otrs] LDAP customer information half of that post is commented out, so it's a bit difficult to address your issue specifically. Next time, please consider removing large chunks of commented sections when posting. What do the logs say? Especially, otrs.log or apache error.log or what version of OTRS, what operating system is it installed on, etc. The general "feel" of the answer is that you have a problem in CustomerUser. Specifically, you may have too strict of a filter or improper GroupDN. When you say, > The link below is where I get page cannot be displayed the apache log probably can tell you more information. On Tue, May 14, 2013 at 6:16 AM, Simon Allison <[email protected]<mailto:[email protected]>> wrote: Hi Gerald, Sorry I forgot to send this yesterday, here is a copy of the config.pm<http://config.pm> (obvious bits removed) Simon # This is customer LDAP configuration for an LDAP auth. backend. # (make sure Net::LDAP is installed!) $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = ''; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=,dc=internal'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; # Check if the user is allowed to auth in a posixGroup # (e. g. user needs to be in a group xyz to use otrs) $Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'OU=SDC,OU=Establishments,DC=,DC=INTERNAL'; $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member'; # for ldap posixGroups objectclass (just uid) #$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID'; # for non ldap posixGroups objectclass (full user dn) $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'; # The following is valid but would only be necessary if the # anonymous user does NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=otrs,cn=Users,dc=,dc=internal'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = ''; # in case you want to add always one filter to each ldap query, use # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)' $Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(mail=*)'; # in case you want to add a suffix to each customer login name, then # you can use this option. e. g. user just want to use user but # in your ldap directory exists user@domain. #$Self->{'Customer::AuthModule::LDAP::UserSuffix'} = '@.internal'; # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) $Self->{'Customer::AuthModule::LDAP::Params'} = { port => 389, timeout => 120, async => 0, version => 3, }; # Enable LDAP lookups for Customer account information. $Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => '', BaseDN => 'dc=,dc=internal', SSCOPE => 'sub', UserDN => 'cn=otrs,cn=Users,dc=,dc=internal', UserPw => '', AlwaysFilter => '(objectclass=user)', GroupDN => 'ou=SDC,ou=establishments,dc=,dc=internal', # GroupDN => 'cn=OTRS Customers,cn=Users,dc=,dc=internal', AccessAttr => 'member', UserAttr => 'DN', }, # customer uniq id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'mail', CustomerUserListFields => ['givenname', 'sn', 'mail'], CustomerUserSearchFields => ['displayName','sAMAccountName','givenname', 'sn', 'mail','description'], CustomerUserPostMasterSearchFields => ['displayName','sAMAccountName','givenname','sn','mail','description'], CustomerUserNameFields => ['givenname', 'sn'], # show not own tickets in customer panel, CompanyTickets CustomerUserExcludePrimaryCustomerID => 0, # add an ldap filter for valid users (expert setting) # CustomerUserValidFilter => '(!(description=locked))', # administrator can't change customer preferences AdminSetPreferences => 0, # # cache time to live in sec. - cache any database queries #CacheTTL => 0, Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], #[ 'UserCustomerIDs', 'CustomerIDs', 'wWWHomePage', 1, 0, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], ], }; ********************************************************************** This message may contain privileged and confidential information. It is intended solely for the person to whom it is addressed. If you are not the intended recipient, please notify the sender and delete the message immediately. The text in this e-mail and any attachments should not be altered or tampered with in any way. Any views expressed in this message are those of the individual sender and do not necessarily reflect the views of South Downs College<http://www.southdowns.ac.uk>. ********************************************************************** --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs ********************************************************************** This message may contain privileged and confidential information. It is intended solely for the person to whom it is addressed. If you are not the intended recipient, please notify the sender and delete the message immediately. The text in this e-mail and any attachments should not be altered or tampered with in any way. Any views expressed in this message are those of the individual sender and do not necessarily reflect the views of South Downs College. **********************************************************************
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
