Hi I think that your problem is that in Host name you are using
your domain name and not your pdc domain, you must use
pdc.exampleComapny.com.br if your pdc is named pdc… and your BASEDN
must be add ou=users
$Self->{'AuthModule::LDAP::Host'} = '
pdc.examplecompany.com.br';
$Self->{'AuthModule::LDAP::BaseDN'} = 'ou=users,dc=examplecompany,dc=com,dc=br';
mmmm… I see other errors…!!
please see the other BASEDN configuration
change the CN for OU..
Try to do this…
Best regards…
Luis Rodriguez
IT Manager
BMART S.A.
Guatemala C.A.
Email: lrodriguez@bmartgroup.com
Msn: luisgrodriguez@hotmail.com
Tel. (502) 2285-4514
Cel. (502) 5608-3521
From: otrs-bounces@otrs.org
[mailto:otrs-bounces@otrs.org] On Behalf Of Marcus Vinicius Barbato
Gonzaga
Sent: viernes, 10 de julio de 2009 01:21 p.m.
To: otrs@otrs.org
Subject: [otrs] problems with LDAP
HI!
We are testing the OTRS in our company, but i'm having some problems with the
autentication in LDAP.
I configurate my config.pm based on the example
of this page: http://www.mail-archive.com/otrs@otrs.org/msg25382.html
BUT when i try to connect, i get the follow error:
Can't connect to exampleCompany.com.br: IO::Socket::INET: connect: Connection refused at /opt/otrs//Kernel/System/CustomerUser/LDAP.pm line 124.
For help, please send mail to the webmaster (webmaster@localhost), giving this error
message and the time and date of the error.
And this is my config.pm.
Because it's needed a user that has the permission to query the LDAP directory,
i put the user otrs_ldap in Builtin OU.
And Create 2 groups:
otrs_allow_C - for the clients
and otrs_allow_A for the agents
I put myself in this 2 groups, but i got the error when i try to connect.
Someone could help me?
Best Regards
Marcus Vinicius
package Kernel::Config;
sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
#
#
# Start of
your own config
options!!! #
#
#
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# database
settings
#
# ---------------------------------------------------- #
# DatabaseHost
# (The database host.)
$Self->{DatabaseHost} = 'localhost';
# Database
# (The database name.)
$Self->{Database} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{DatabaseUser} = 'otrs';
# DatabasePw
# (The password of database user. You also can use
bin/CryptPassword.pl
# for crypted passwords.)
$Self->{DatabasePw} = '123123';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man
DBD::mysql")
# $Self->{DatabaseDSN} =
"DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# (The database DSN for PostgreSQL ==> more: "man
DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} =
"DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
$Self->{DatabaseDSN} =
"DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = '/opt/otrs';
# ---------------------------------------------------- #
# insert your own config settings
"here"
#
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{CheckMXRecord} = 0;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# data inserted by
installer
#
# ---------------------------------------------------- #
# $DIBI$
############## Start of Config.pm ################
#we want to use LDAP for Auth#
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'examplecompany.com.br';
$Self->{'AuthModule::LDAP::BaseDN'} =
'dc=examplecompany,dc=com,dc=br';
$Self->{'AuthModule::LDAP::UID'} = 'uid';
#The username and password of the user you setup to access
LDAP information in AD#
$Self->{'AuthModule::LDAP::SearchUserDN'} =
'CN=otrs_ldap,CN=Users,DC=examplecompany,DC=com,DC=br';
$Self->{'AuthModule::LDAP::SearchUserPw'} = '12345678';
#We want our Customer/users to Auth using LDAP#
$Self->{'Customer::AuthModule'} =
'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'examplecompany.com.br';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =
'CN=Users,DC=examplecompany,DC=com,DC=br';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'uid';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} =
'CN=otrs_ldap,CN=Users,DC=examplecompany,DC=com,DC=br';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} =
'12345678';
$Self->{CustomerUser} = {
Module =>
'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'examplecompany.com.br',
BaseDN =>
'CN=Users,DC=examplecompany,DC=com,DC=br',
SSCOPE => 'sub',
UserDN
=>'CN=otrs_ldap,CN=Users,DC=examplecompany,DC=com,DC=br',
UserPw => '12345678',
},
CustomerKey => 'uid',
CustomerID => 'userPrincipalName',
CustomerUserListFields => ['displayName',
'userPrincipalName'],
CustomerUserSearchFields => ['displayName',
'userPrincipalName'],
CustomerUserPostMasterSearchFields => userPrincipalName,
CustomerUserNameFields => ['givenName', 'sn'],
#the following must map to valid fields in your AD
(givenname,sn,sAMAccountName,...)#
Map => [
[ 'UserFirstname', 'Firstname', 'givenname', 1,
1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var'
],
[ 'UserLogin', 'Login', 'uid', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'userPrincipalName', 1,
1, 'var' ],
[ 'UserCustomerID', 'CustomerID',
'userPrincipalName', 0, 1, 'var' ],
],
};
#OK now lets have our agents use LDAP#
$Self->{'AuthModule::LDAP::GroupDN'} =
'CN=otrs_allow_A,CN=Users,DC=examplecompany,DC=com,DC=br';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'CN=otrs_allow_C,CN=Users,DC=examplecompany,DC=com,DC=br';
$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';
# UserSyncLDAPMap#
# (map if agent should create/synced from LDAP to DB after login must
match your AD)#
$Self->{UserSyncLDAPMap} = {
# DB -> LDAP#
Firstname => 'givenName',
Lastname => 'sn',
Email => 'userPrincipalName',
};
# UserSyncLDAPGroups#
# (If "LDAP" was selected for AuthModule, you can
specify#
# initial user groups for first login.)#
$Self->{UserSyncLDAPGroups} = [
'users',
];
##################### End of Config.pm ####################
# ---------------------------------------------------- #
# ---------------------------------------------------- #
#
#
# End of your own
config options!!! #
#
#
# ---------------------------------------------------- #
# ---------------------------------------------------- #
}
# ---------------------------------------------------- #
# needed system stuff (don't edit
this)
#
# ---------------------------------------------------- #
use strict;
use warnings;
use vars qw(@ISA $VERSION);
use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');
use vars qw(@ISA $VERSION);
$VERSION = qw($Revision: 1.20 $)[1];
# -----------------------------------------------------#
1;
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4232 (20090710) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com