Re: [otrs-de] Übernahme der Benuzter aus W2k AD in O TRS per LDAP

Hallo! Vielen Dank für deine Anregung. Habe diese entsprechend geändert und noch ein wenige rumgespielt :-) Ich habe auch die ou=Verwaltung rausgenommen, da diese nur eine Untergruppe meiner Franz-Benutzer ist, der Domäne Franz.local. Und da auch die anderen Unter-OU sich demnächst anmelden sollen, sich dann auch anmelden können. Nur leider klappt es mit der Anmeldung immer noch nicht so recht. Wenn ich mich unter http://localhost/otrs/customer.pl mit einen User der Gruppe "OU=Verwaltung,OU=Franz-Benutzer,dc=Franz,dc=local", erscheint die Meldung "Panic! No UserData!!!" :-) Wenn der Benutzer sich aber im index.pl anmeldet, erscheint die Meldung, das das Konto angelegt wurde und er kann sich dann beim wiederholten male anmelden und ist als Agent 'drinne'. Im Syslog erscheint die Meldung "Data for 'Bernhard.Mainusch (CN=Bernhard Mainusch,OU=Verwaltung,OU=Franz-Benutzer,DC=Franz,DC=local)' created in RDBMS, proceed." Was ja so wohl auch nichts negatives ist. Jedoch möchte ich das der User nicht als Agent in OTRS arbeitet sondern als Kunde(Anmeldung in der customer.pl). Doch das geht nicht, obwahl in der SysLog der Erfolgreiche Eintrag "CustomerUser: Bernhard.Mainusch logged in (REMOTE_ADDR: 172.16.5.42)." steht. Die Rechte unter /opt/otrs sind alle auf root.root gesetzt. Reicht das aus? Was kann ich denn da jetzt machen? Mit Dank für jede Hilfe Bernhard Mainusch PS: Hier noch mal die Config.pm # -- # Kernel/Config.pm - Config file for OTRS kernel # Copyright (C) 2001-2003 Martin Edenhofer # -- # $Id: Config.pm.dist,v 1.9 2004/01/22 19:52:20 martin Exp $ # -- # This software comes with ABSOLUTELY NO WARRANTY. For details, see # the enclosed file COPYING for license information (GPL). If you # did not receive this file, see http://www.gnu.org/licenses/gpl.txt. # -- # Note: # # -->> OTRS does have a lot of config settings. For more settings # (Notifications, TicketViewAccelerator, TicketNumberGenerator, # LDAP, PostMaster, Session, Preferences, ...) see # Kernel/Config/Defaults.pm and copy your wanted lines into "this" # config file. This file will not be changed on update! # # -- package Kernel::Config; # -- sub Load { my $Self = shift; # ---------------------------------------------------- # # ---------------------------------------------------- # # # # Start of your own config options!!! # # # # ---------------------------------------------------- # # ---------------------------------------------------- # # ---------------------------------------------------- # # system data # # ---------------------------------------------------- # # SecureMode # (Enable this so you can't use the installer.pl) $Self->{SecureMode} = 1; # SystemID # (The identify of the system. Each ticket number and # each http session id starts with this number) $Self->{SystemID} = 10; # TicketHook # (To set the Ticket identifier. Some people want to # set this to e. g. 'Call#', 'MyTicket#' or 'TN'.) $Self->{TicketHook} = 'Ticket-Nummer#'; # FQDN # (Full qualified domain name of your system.) $Self->{FQDN} = 'localhost'; # AdminEmail # (Email of the system admin.) $Self->{AdminEmail} = 'edv@localhost.de'; # Organization # (If this is anything other than '', then the email will have an # Organization X-Header) $Self->{Organization} = 'Support-Zentrum'; # ---------------------------------------------------- # # database settings # # ---------------------------------------------------- # # DatabaseHost # (The database host.) $Self->{DatabaseHost} = 'localhost'; # Database # (The database name.) $Self->{Database} = 'otrs'; # DatabaseUser # (The database user.) $Self->{DatabaseUser} = 'otrs'; # DatabasePw # (The password of database user.) $Self->{DatabasePw} = 'password'; # DatabaseDSN # (The database DSN for MySQL ==> more: "man DBD::mysql") $Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};"; # (The database DSN for PostgrSQL ==> more: "man DBD::Pg") # $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};"; # (The database DSN for Oracle ==> more: "man DBD::oracle") # $Self->{DatabaseDSN} = "DBI:Oracle:sid=$Self->{Database};host=$Self->{DatabaseHost};port=1521;"; # if needed, oracle env settings # $ENV{ORACLE_HOME} = '/opt/ora9/product/9.2'; # $ENV{NLS_DATE_FORMAT} = 'YYYY-MM-DD HH24:MI:SS'; # $ENV{NLS_LANG} = "german_germany.we8iso8859p15"; # (The database DSN for DBI:ODBC ==> more: "man DBD::ODBC") # $Self->{DatabaseDSN} = "DBI:ODBC:$Self->{Database}"; # If you use ODBC, no database auto detection is possible, # so set the database type here. Possible: mysq,postgresql,oracle,sapdb # $Self->{'Database::Type'} = 'sapdb'; # ---------------------------------------------------- # # fs root directory # ---------------------------------------------------- # $Self->{Home} = '/opt/otrs'; # **************************************************** # # insert your own config settings "here" # # config settings taken from Kernel/Config/Defaults.pm # # **************************************************** # # $Self->{SessionUseCookie} = 0; # **************************************************** # # ---------------------------------------------------- # # data inserted by installer # # ---------------------------------------------------- # # $DIBI$ $Self->{TicketNumberGenerator} = 'Kernel::System::Ticket::Number::AutoIncrement'; $Self->{LogModule::LogFile} = '/tmp/otrs.log'; $Self->{LogModule} = 'Kernel::System::Log::SysLog'; $Self->{DefaultLanguage} = 'de'; $Self->{DefaultCharset} = 'iso-8859-1'; $Self->{CheckMXRecord} = 1; # event data directory $Self->{CalendarDataDir} = '/opt/otrs/var/calendar'; # event admin group $Self->{CalendarAdminGroup} = 'users'; $Self->{SystemStatus} = { 'report process status' => 'ps -ax|grep httpd ', 'show who is logged on and what they are doing' => 'w', 'free memory' => 'free', 'show last login user' => 'last -10', }; # ---------------------------------------------------- # # ---------------------------------------------------- # # Die Konfiguration fuer LDAP von Bernhard Mainusch # # Bernhard.Mainusch@Franz.local # #This is an example configuration for an LDAP auth. backend. #(take care that Net::LDAP is installed # $Self->{AgentCanBeCustomer} = 1; # $Self->{Debug} = 1; $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; $Self->{'AuthModule::LDAP::Host'} = '172.16.2.1'; $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=Franz,dc=local'; $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=Administrator,ou=Verwaltung,ou=Franz-Benutzer,dc=Franz,dc=local'; $Self->{'AuthModule::LDAP::SearchUserPw'} = 'password'; $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = '172.16.2.1'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=Franz-Benutzer,dc=Franz,dc=local'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; # $Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=Administrator,ou=Verwaltung,ou=Franz-Benutzer,dc=Franz,dc=local'; # $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'cn=Administrator,ou=Verwaltung,ou=Franz-Benutzer,dc=Franz,dc=local'; ## $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'memberUid'; $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=Administrator,ou=Verwaltung,ou=Franz-Benutzer,dc=Franz,dc=local' $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = "password"; # $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'; $Self->{'Customer::AuthModule::LDAP::Params'} = { port => 389, version => 3, }; $Self->{UserSyncLDAPMap} = { # DB -> LDAP Firstname => 'givenName', Lastname => 'sn', Email => 'mail', }; # CustomerUser # (customer user database backend and settings) $Self->{CustomerUser} = { Name => 'Datenbank', Module => 'Kernel::System::CustomerUser::DB', Params => { Table => 'customer_user', # to use an external database # DSN => 'DBI:odbc:yourdsn', # DSN => 'DBI:mysql:database=customerdb;host=customerdbhost', # User => '', Password => '', }, # customer uniq id CustomerKey => 'login', CustomerID => 'customer_id', CustomerValid => 'valid_id', CustomerUserListFields => ['first_name', 'last_name', 'email'], # CustomerUserListFields => ['login', 'first_name', 'last_name', 'customer_id', 'email'], CustomerUserSearchFields => ['login', 'last_name', 'customer_id'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['email'], CustomerUserNameFields => ['salutation', 'first_name', 'last_name'], # ReadOnly => 1, Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type, http-link [ 'UserSalutation', 'Salutation', 'salutation', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'first_name', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'last_name', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'login', 1, 1, 'var' ], [ 'UserPassword', 'Password', 'pw', 0, 1, 'var' ], [ 'UserEmail', 'Email', 'email', 0, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var' ], [ 'UserComment', 'Comment', 'comments', 1, 0, 'var' ], [ 'ValidID', 'Valid', 'valid_id', 0, 1, 'int' ], ], }; #customerUser1 #(Customer user ldap backend and settings) $Self->{CustomerUser} = { Name => 'LDAP Quelle Franz', Module => 'Kernel::System::CustomerUser::LDAP', Params => { # ldap host Host => '172.16.2.1', # ldap base dn BaseDN => 'ou=Franz-Benutzer,dc=Franz,dc=local', # search scope (one|sub) SSCOPE => 'sub', # The following is valid but would only be necessary if the # anonymous user does NOT have permission to read from the LDAP tree UserDN => 'cn=Administrator,ou=Verwaltung,ou=Franz-Benutzer,dc=Franz,dc=local', UserPW => 'password', AlwaysFilter => '', SourceCharset => 'utf-8', DestCharset => 'iso-8859-1', }, # customer uniq id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'mail', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type # [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'uid', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], # [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], # [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], # [ 'Userorganisation', 'Organisation', 'ou', 1, 0, 'var' ] ], }; # ---------------------------------------------------- # # ---------------------------------------------------- # # ---------------------------------------------------- # # ---------------------------------------------------- # # # # End of your own config options!!! # # # # ---------------------------------------------------- # # ---------------------------------------------------- # } # ---------------------------------------------------- # # needed system stuff (don't edit this) # # ---------------------------------------------------- # use strict; use vars qw(@ISA $VERSION); use Kernel::Config::Defaults; push (@ISA, 'Kernel::Config::Defaults'); $VERSION = '$Revision: 1.9 $'; $VERSION =~ s/^\$.*:\W(.*)\W.+?$/$1/; # -----------------------------------------------------# 1; _____________________________________________________________________ Endlich SMS mit Bildern versenden! Das Bild selbst ist dabei gratis, Sie bezahlen lediglich den Versand. http://freemail.web.de/?mc=021195