[otrs] LDAP Alias authentication

Thomas Nilsen Thomas.Nilsen at roxar.com
Fri Mar 10 13:04:57 CET 2006


Would it not be better to use the LDAP Group check to verify if a user is allowed Agent access etc? As long as you use Open LDAP this should work fine. (Won't work with Active Directory).

Check the manual for : $Self->{'AuthModule::LDAP::GroupDN'}

Thomas

-----Original Message-----
From: otrs-bounces at otrs.org [mailto:otrs-bounces at otrs.org] On Behalf Of Tojo RANDRIANAIVOJAONA
Sent: Thursday, March 09, 2006 6:34 PM
To: otrs at otrs.org
Subject: [otrs] LDAP Alias authentication

hi !

I succeed the authentication OTRS with the classic ldif LDAP (using objectClass InetOrgPerson with its attributes). Now, I tried to do the authentification LDAP with an Alias of an InetOrgPerson LDAP but it's always failed.

Is it possible in OTRS ?

My ldif scripts is like this:

...

# Entry 2: uid=llg,ou=osc,ou=person,dc=otrs,dc=demo
dn:uid=llg,ou=osc,ou=person,dc=otrs,dc=demo
cn: Laurent Le Grandois
departmentNumber: OSC
description: xxxx
givenName: llg
mail: Lcxcxcxraxcxs at atxcxcxcgin.com
mobile: +33 6 70 01 25 61
o: xxxx
objectClass: inetOrgPerson
sn: Le Grxcxcxc
telephoneNumber: +33 1 55 58 72 38
title: Architecte J2EE
uid: llg
userPassword: ****


dn:uid=llg,ou=systemusers,ou=otrsusers,dc=otrs,dc=demo
aliasedObjectName:
uid=llg,ou=osc,ou=person,dc=otrs,dc=demo
uid: llg
objectClass: alias
objectClass: extensibleObject
objectClass: top


With the standard configuration of Config.pm:


# Authentification au niveau de l'admin
# Contrainte: il faut que le mail (ou le mail) soit valide
    # (take care that Net::LDAP is installed!)

    $Self->{'AuthModule'} =
'Kernel::System::Auth::LDAP';
    $Self->{'AuthModule::LDAP::Host'} = 'localhost';
    $Self->{'AuthModule::LDAP::BaseDN'} = 'ou=systemusers,ou=otrsusers,dc=otrs,dc=demo';
    $Self->{'AuthModule::LDAP::UID'} = 'uid';



# Authentification au niveau utilisateur # Rque: Bien verifier l'arbre LDAP (faire attention aux espaces --> il faut les mettre) #tojo Customer

# This is an example configuration for an LDAP auth.
backend.
    # (take care that Net::LDAP is installed!)


    $Self->{'Customer::AuthModule'} =
'Kernel::System::CustomerAuth::LDAP';
    $Self->{'Customer::AuthModule::LDAP::Host'} = 'localhost';
    $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=customerusers,ou=otrsusers,dc=otrs,dc=demo';
    $Self->{'Customer::AuthModule::LDAP::UID'} = 'uid';


# CustomerUser
...

Can You help me?



        Tojo Randrianaivojaona
18, rue Fouré
c.319
44 000 NANTES
Tel: 06 33 56 94 84
  ra_tojo at yahoo.fr
  Tojo.Randrianaivojaona at polytech.univ-nantes.fr










	
___________________________________________________________________________
Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs exceptionnels pour appeler la France et l'international.
Téléchargez sur http://fr.messenger.yahoo.com _______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support oder Consulting für Ihr OTRS System?
=> http://www.otrs.de/

DISCLAIMER:
This message contains information that may be privileged or confidential and is the property of the Roxar Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorised to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.


More information about the otrs mailing list