[otrs] OTRS2 (Debian and LDAP) problems

Tobias Lütticke tobias.luetticke at inovex.de
Thu May 31 14:30:47 GMT 2007 

Hey Jim,

> features to work... probably the firwst thing to ask is - how can I get
> a decent level of debugging (I've set apache to run as debug but this

you can increase the log output by inserting
  $Self->{Debug} = 1;
in Kernel/Config.pm.

You can really make OTRS spill its guts by setting "my $Debug = 0; " to "my
$Debug = 1;" instead.

This setting is located in bin/cgi-bin/index.pl around line no 38 (OTRS 2.1.6).


> Does anyone have any tips, opr could you send me a working Config.pm to
> compare please?

You can check the mailing list archives for that as this problem is not uncommon :-(

Anyways, in your config is something missing. LDAP authentication has to be done
in two parts for both agents and customers. Therefore you have to have, say, 4
content blocks:

1. Agent LDAP auth
2. Agent LDAP sync (missing in your config)
3. Customer LDAP auth (missing in your config)
4. Customer LDAP sync

For 2. insert something like this (change to fit your needs):

    # UserSyncLDAPMap
    # (map if agent should create/synced from LDAP to DB after login)
    $Self->{UserSyncLDAPMap} = {
        # DB -> LDAP
        Firstname => 'givenName',
        Lastname => 'sn',
        Email => 'mail',
    };

For 3. insert (again, needs to be customized):

    # customer user authentication
    $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
    $Self->{'Customer::AuthModule::LDAP::Host'} = '<host>';
    $Self->{'Customer::AuthModule::LDAP::BaseDN'} = '<dn>';
    $Self->{'Customer::AuthModule::LDAP::UID'} = 'uid';

    $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = '<dn>';
    $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '<pw>';

    # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
    $Self->{'Customer::AuthModule::LDAP::Params'} = {
        port => 389,
        timeout => 120,
        async => 0,
        version => 3,
    };

OTRS needs to sync user information to its local database and needs the config
blocks 2 and 4 for it. Blocks 1 and 3 are for authentication, which has to be
set up for agents and customers separately.

Hope this helps
 Tobias

-- 
50% of the high school graduates in this country graduated in the bottom half
of their class.

More information about the otrs mailing list