Re: [otrs-de] Customer Auth. via LDAP (AD) - Konfigurationsdatei benötigt

Hallo, Mit diesen Settings funktioniert das ohne Fehlermeldungen, Allerdings werden die User auch nicht in der Tabelle gespeichert. Und beim CustomerLogin werden noch falsche Zeichen für Umlaute angezeigt. Meine Config macht folgendes: Bei Agent und Kunde: Suche zuerst in der OTRS DB dann in LDAP OTRS 2.3.4 (linux, mysql, utf8) ITSM 1.2.3 Active Directory Windows 2003 $Self->{'DefaultCharset'} = 'utf-8'; #---------------------------------------------------- # # Auth against Customer DB # ---------------------------------------------------- # $Self->{'AuthModule1'} = 'Kernel::System::Auth::DB'; # ========================================================= # # LDAP Settings for user authentication # ========================================================= # $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; $Self->{'AuthModule::LDAP::Host'} = 'aohdc03.asamer.holding.ah'; $Self->{'AuthModule::LDAP::BaseDN'} = 'DC=asamer,DC=holding,DC=ah'; $Self->{'AuthModule::LDAP::UID'} = 'uid'; $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=otrs,OU=ServicesAccounts,DC=asamer,DC=holding,DC=ah'; $Self->{'AuthModule::LDAP::SearchUserPw'} = ; $Self->{'AuthModule::LDAP::AlwaysFilter'} = '(objectclass=user)'; # <-- $Self->{'AuthModule::LDAP::Params'} = { port => 389, timeout => 120, #--> activate LDAP 120, async => 0, version => 3, }; $Self->{UserSyncLDAPGroups} = ['user',]; # ==================================================== # # ---- LDAP/DB Customer Configuration settings ------ # # ==================================================== # # CustomerUser # (customer user database backend and settings) $Self->{CustomerUser} = { Name => 'Database Backend', Module => 'Kernel::System::CustomerUser::DB', Params => { Table => 'customer_user', }, # customer uniq id CustomerKey => 'login', # customer # CustomerID => 'customer_id', CustomerValid => 'valid_id', CustomerUserListFields => [ 'first_name', 'last_name', 'email' ], CustomerUserListFields => ['login', 'first_name', 'last_name', 'customer_id', 'email'], CustomerUserSearchFields => [ 'login', 'first_name', 'last_name', 'customer_id' ], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['email'], CustomerUserNameFields => [ 'salutation', 'first_name', 'last_name' ], #CustomerUserEmailUniqCheck => 1,## # show now own tickets in customer panel, CompanyTickets #CustomerUserExcludePrimaryCustomerID => 0, # generate auto logins #AutoLoginCreation => 0, # generate auto login prefix #AutoLoginCreationPrefix => 'auto', # admin can change customer preferences #AdminSetPreferences => 1, # use customer company support (reference to company, See CustomerCompany settings) #CustomerCompanySupport => 1, # cache time to life in sec. - cache any database queris #CacheTTL => 0, # just a read only source RealdOnly => 1, Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly, http-link-target # [ 'UserSalutation', 'Salutation', 'salutation', 1, 0, 'var', '', 0 ], [ 'UserFirstname', 'Firstname', 'first_name', 1, 1, 'var', '', 0 ], [ 'UserLastname', 'Lastname', 'last_name', 1, 1, 'var', '', 0 ], [ 'UserLogin', 'Username', 'login', 1, 1, 'var', '', 0 ], # [ 'UserPassword', 'Password', 'pw', 1, 1, 'var', '', 0 ], [ 'UserEmail', 'Email', 'email', 1, 1, 'var', '', 0 ], [ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var', '', 0 ], [ 'UserPhone', 'Phone', 'phone', 1, 0,'var', '', 0 ], [ 'UserMobile', 'Mobile', 'mobile', 1, 0,'var', '', 0 ], # [ 'UserEmail', 'Email', 'email',1, 1, 'var', '$Env{"CGIHandle"}?Action=AgentTicketCompose&ResponseID=1&TicketID=$Data{"TicketID"}&ArticleID=$Data{"ArticleID"}', 0 ], # [ 'UserCustomerIDs', 'CustomerIDs', 'customer_ids', 1, 0, 'var', '', 0 ], # [ 'UserComment', 'Comment', 'comments', 1, 0, 'var', '', 0 ], # [ 'ValidID', 'Valid', 'valid_id', 0, 1, 'int', '', 0 ], ], }; # =================================================== # LDAP Customer User Authentication [WF] # =================================================== $Self->{CustomerUser1} = { Name => 'Active Directory ', Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => 'aohdc03.asamer.holding.ah', BaseDN => 'DC=holding,DC=ah', SSCOPE => 'sub', UserDN => 'CN=otrs,OU=ServicesAccounts,DC=asamer,DC=holding,DC=ah', UserPw => '', AlwaysFilter => '(objectclass=user)', DestCharset => 'iso-8859-1', SourceCharset => 'utf-8', Params => { # port => 389, port => 3268, timeout => 120, async => 0, version => 3, }, }, CustomerKey => 'sAMAccountName', CustomerID => 'mail', CustomerUserListFields => ['cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], CustomerUserExcludePrimaryCustomerID => 0, AdminSetPreferences => 0, Map => [ #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1,'var', '', 0 ], [ 'UserLastname', 'Lastname', 'sn', 1, 1,'var', '', 0 ], [ 'UserLogin', 'Username', 'sAMAccountName', 1, 1,'var', '', 0 ], [ 'UserEmail', 'Email', 'mail', 1, 1,'var', '', 0 ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1,'var', '', 0 ], [ 'UserPhone', 'Phone', 'phone', 1, 0,'var', '', 0 ], [ 'UserMobile', 'Mobile', 'mobile', 1, 0,'var', '', 0 ], # [ 'UserAddress', 'Address', 'postaladdress', 1, 0,'var', '', 0 ], # [ 'UserComment', 'Comment', 'description', 1, 0,'var', '', 0 ], ], }; # This is the auth. module againt the otrs db $Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::DB'; $Self->{'Customer::AuthModule::DB::Table1'} = 'customer_user'; $Self->{'Customer::AuthModule::DB::CustomerKey1'} = 'login'; $Self->{'Customer::AuthModule::DB::CustomerPassword1'} = 'pw'; $Self->{'Customer::AuthModule2'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host2'} = 'aohdc03.asamer.holding.ah'; $Self->{'Customer::AuthModule::LDAP::BaseDN2'} = 'DC=holding,DC=ah'; $Self->{'Customer::AuthModule::LDAP::UID2'} = 'sAMAccountName'; $Self->{'Customer::AuthModule::LDAP::SearchUserDN2'} = 'CN=otrs,OU=ServicesAccounts,DC=asamer,DC=holding,DC=ah'; $Self->{'Customer::AuthModule::LDAP::AlwaysFilter2'} = '(objectclass=user)'; $Self->{'Customer::AuthModule::LDAP::Params2'} = { port => 3268, timeout => 120, async => 0, version => 3, }; 1; -----Ursprüngliche Nachricht----- Von: otrs-de-bounces@otrs.org [mailto:otrs-de-bounces@otrs.org] Im Auftrag von Elias Probst Gesendet: Mittwoch, 13. Mai 2009 03:03 An: otrs-de@otrs.org Betreff: [otrs-de] Customer Auth. via LDAP (AD) - Konfigurationsdatei benötigt Hallo zusammen, nachdem wir immer noch mit der Customer-Authentifizierung via LDAP (Active Directory an W2k3 Server) kämpfen und ich nun mehr oder weniger alle Möglichkeiten ausgeschöpft habe, sehe ich momentan als letzte Möglichkeit mal meine Konfiguration auf Basis einer funktionierenden bereits vorhandenen Konfiguration aufzusetzen. Die Authentifizierung via LDAP funktioniert soweit einwandfrei, aber die Synchronisierung mit der OTRS-DB funktioniert nicht, es werden keine Customer in der Tabelle 'customer_user' angelegt und somit bekommt man beim Login als Customer lediglich die Meldung 'Panic! No UserData!!!' zu Gesicht. Wer kann mir mir Kernel/Config.pm und Kernel/Config/Files/ZZZAuto.pm (natürlich ohne evtl. vorhandene Passwörter ;-) ) von einem System zukommen lassen? Vielen tausend Dank! Gruß, Elias P.