LDAP Einrichtung fehler

18 Apr 2007

      Hallo zusammen,

Ich habe heute gelesen das das OTRS 1.3.2 auch das LDAP unterstützt. Da habe
ich mir gedacht Perfeckt das richte ich gleich mal ein.

Ich möchte den Usern nämlich die möglichkeit geben sich einzuloggen und
frühere Tickets zu durchsuchen. Wenn ein Problem erneut auftritt können sie
es vielleicht vorab lösen.

Folgende schritte habe ich gemacht (Infos zur Domäne steht unten):

1. Im AD einen User OTRS angelegt. PW: OTRS (möchte ich aber dann später
wenns läuft sowieso anpassen)

2. NET::LDAP von ldap.perl.org installiert.
Config angepasst:
(/etc/ldap/ldap.conf)
____________________________________________________________________________
________________
# $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.9 2000/09/04 19:57:01
kurt Exp $
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

BASE	dc=ti, dc=heyco, dc=ads
URI	ldap://ti.heyco.ads ldap://ti.heyco.ads:666

#SIZELIMIT	12
#TIMELIMIT	15
#DEREF		never
____________________________________________________________________________
________________

3. unter /etc/otrs/Kernel die config.pm angepasst bzw. das folgende
hinzugefügt:
(Unter sub Load {)
____________________________________________________________________________
________________

#------------------------------------------------------------------------
  # Start of Example Config
  $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
  $Self->{'AuthModule::LDAP::Host'} = '10.155.10.1';
  $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=ti, dc=heyco, dc=ads';
  $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';

  $Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=OTRS, ou=Users, dc=ti,
dc=example, dc=com';
  $Self->{'AuthModule::LDAP::SearchUserPw'} = 'otrs';

  # This is an example configuration for an LDAP auth. backend.
  # (take care that Net::LDAP is installed!)
  $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
  $Self->{'Customer::AuthModule::LDAP::Host'} = 'ti.heyco.ads';
  $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=Users, dc=ti,
dc=heyco, dc=ads';
  $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

  # The following is valid but would only be necessary if the
  # anonymous user do NOT have permission to read from the LDAP tree
  $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=OTRS, ou=USERS,
dc=ti, dc=heyco, dc=ads';
  $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'secret';

  # CustomerUser
  # (customer user database backend and settings)
    $Self->{CustomerUser} = {
        Name => 'Datenbank',
        Module => 'Kernel::System::CustomerUser::DB',
        Params => { Table => 'customer_user',
            # to use an external database
#           DSN => 'DBI:odbc:yourdsn',
#           DSN => 'DBI:mysql:database=customerdb;host=customerdbhost',
#           User => '', Password => '',
        },
        # customer uniq id
        CustomerKey => 'login',
        CustomerID => 'customer_id',
        CustomerValid => 'valid_id',
        CustomerUserListFields => ['first_name', 'last_name', 'email'],
#       CustomerUserListFields => ['login', 'first_name', 'last_name',
'customer_id', 'email'],
        CustomerUserSearchFields => ['login', 'last_name', 'customer_id'],
        CustomerUserSearchPrefix => '',
        CustomerUserSearchSuffix => '*',
        CustomerUserSearchListLimit => 250,
        CustomerUserPostMasterSearchFields => ['email'],
        CustomerUserNameFields => ['salutation', 'first_name', 'last_name'],
#       ReadOnly => 1,
        Map => [
            # note: Login, Email and CustomerID needed!
            # var, frontend, storage, shown, required, storage-type,
http-link
            [ 'UserSalutation', 'Salutation', 'salutation', 1, 0, 'var' ],
            [ 'UserFirstname', 'Firstname', 'first_name', 1, 1, 'var' ],
            [ 'UserLastname', 'Lastname', 'last_name', 1, 1, 'var' ],
            [ 'UserLogin', 'Login', 'login', 1, 1, 'var' ],
            [ 'UserPassword', 'Password', 'pw', 0, 1, 'var' ],
            [ 'UserEmail', 'Email', 'email', 0, 1, 'var' ],
            [ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var' ],
            [ 'UserComment', 'Comment', 'comments', 1, 0, 'var' ],
            [ 'ValidID', 'Valid', 'valid_id', 0, 1, 'int' ],
        ],
    };

  # CustomerUser1
  # (customer user ldap backend and settings)
  $Self->{CustomerUser1} = {
    Module => 'Kernel::System::CustomerUser::LDAP',
    Params => {
      # ldap host
      Host => 'ti.heyco.ads',
      # ldap base dn
      BaseDN => 'ou=Users, dc=ti, dc=heyco, dc=ads',
      # search scope (one|sub)
      SSCOPE => 'sub',
      # The following is valid but would only be necessary if the
      # anonymous user does NOT have permission to read from the LDAP tree
      UserDN => 'cn=OTRS, ou=Users, dc=ti, dc=heyco, dc=ads',
      UserPw => 'otrs',
      AlwaysFilter => '',
      SourceCharset => 'utf-8',
      DestCharset => 'iso-8859-1',
    },
    # customer uniq id
    CustomerKey => 'sAMAccountName',
    # customer #
    CustomerID => 'mail',
    CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
    CustomerUserSearchListLimit => 250,
    CustomerUserPostMasterSearchFields => ['mail'],
    CustomerUserNameFields => ['givenname', 'sn'],
    Map => [
      # note: Login, Email and CustomerID needed!
      # var, frontend, storage, shown, required, storage-type
      #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
      [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
      [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
      [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
      [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
      [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
      [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
      #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
      #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
    ],
  };
  # End example config
  #------------------------------------------------------------------------
____________________________________________________________________________
________________

Leider funktioniert es aber nicht und es kommt folgender fehler wenn ich die
index.pl aufrufe:

____________________________________________________________________________
________________

Software error:

Can't locate object method "new" via package
"Kernel::System::CustomerUser::LDAP" at
/usr/share/otrs/bin/cgi-bin/../../Kernel/System/CustomerUser.pm line 53.

For help, please send mail to the webmaster (webmaster@localhost), giving
this error message and the time and date of the error. 
____________________________________________________________________________
________________

Hier mal zur Info:
Die Domäne heißt Heyco-TI (ti.heyco.ads)
Der OTRS User befindet sich unter der Organisationseinheit <Users>
Die Heyco-TI Benutzer befinden sich unter der Organisationseinheit
<HEYCO-TI>. Darunter sind auch noch Ordner (Abteilungsbezogen)

Kann mir einer sagen was ich da falsch gemacht habe?

Gruß
Helmut

HEYCO-WERK Heynen GmbH & Co. KG, Birgden III/1, 42855 Remscheid
Registergericht Wuppertal HRA-Nr. 17993 
Persoenlich haftende Gesellschaft: HEYCO Beteiligungs- und 
Geschaeftsfuehrungsgesellschaft mit beschraenkter Haftung,
Remscheid, Registergericht Wuppertal HRB-Nr. 11101 
Geschaeftsfuehrer: Markus Heynen, Gerhard Voss

Anetzberger Helmut

Rico Barth

tags

participants (2)