I am trying to setup an LDAP connect, but I just can’t seem to get it to connect, if someone could take a look at my config and let me know what I am missing, that would be great…

 

    # This is an example configuration for an LDAP auth. backend.

    # (take care that Net::LDAP is installed!)

    $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';

    $Self->{'AuthModule::LDAP::Host'} = '192.168.1.23';

    $Self->{'AuthModule::LDAP::BaseDN'} = 'OU=GW Export,DC=corp,DC=stamant,DC=mb,DC=ca';

    $Self->{'AuthModule::LDAP::UID'} = 'uid';

 

    # Check if the user is allowed to auth in a posixGroup

    # (e. g. user needs to be in a group xyz to use otrs)

#    $Self->{'AuthModule::LDAP::GroupDN'} = 'cn=otrsallow,ou=posixGroups,dc=example,dc=com';

#    $Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid';

    # for ldap posixGroups objectclass (just uid)

    $Self->{'AuthModule::LDAP::UserAttr'} = 'UID';

    # for non ldap posixGroups objectclass (with full user dn)

#    $Self->{'AuthModule::LDAP::UserAttr'} = 'DN';

 

    # The following is valid but would only be necessary if the

    # anonymous user do NOT have permission to read from the LDAP tree

    $Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=otrs,OU=GW Export,DC=corp,DC=stamant,DC=mb,DC=ca';

    $Self->{'AuthModule::LDAP::SearchUserPw'} = '********';

 

    # in case you want to add always one filter to each ldap query, use

    # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'

#    $Self->{'AuthModule::LDAP::AlwaysFilter'} = '';

 

    # in case you want to add a suffix to each login name, then

    # you can use this option. e. g. user just want to use user but

    # in your ldap directory exists user@domain.

#    $Self->{'AuthModule::LDAP::UserSuffix'} = '@domain.com';

 

    # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)

#    $Self->{'AuthModule::LDAP::Params'} = {

#        port => 389,

#        timeout => 120,

#        async => 0,

#        version => 3,

#    };

 #==========================================================#

 

     # CustomerUser

    # (customer user ldap backend and settings)

    $Self->{CustomerUser} = {

        Name => 'LDAP St.Amant',

        Module => 'Kernel::System::CustomerUser::LDAP',

        Params => {

            # ldap host

            Host => '192.168.1.23',

            # ldap base dn

            BaseDN => 'OU=GW Export,DC=corp,DC=stamant,DC=mb,DC=ca',

            # search scope (one|sub)

            SSCOPE => 'sub',

#            # The following is valid but would only be necessary if the

#            # anonymous user does NOT have permission to read from the LDAP tree

            UserDN => 'CN=otrs,OU=GW Export,DC=corp,DC=stamant,DC=mb,DC=ca',

            UserPw => '********',

            # in case you want to add always one filter to each ldap query, use

            # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'

            AlwaysFilter => '',

            # if your frontend is e. g. iso-8859-1 and the charset of your

            # ldap server is utf-8, use this options (if not, ignore it)

#            SourceCharset => 'utf-8',

#            DestCharset => 'iso-8859-1',

            # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)

            Params => {

                port => 389,

                timeout => 120,

                async => 0,

                version => 3,

            },

        },

        # customer uniq id

        CustomerKey => 'uid',

        # customer #

        CustomerID => 'mail',

        CustomerUserListFields => ['cn', 'mail'],

        CustomerUserSearchFields => ['uid', 'cn', 'mail'],

        CustomerUserSearchPrefix => '',

        CustomerUserSearchSuffix => '*',

        CustomerUserSearchListLimit => 2000,

        CustomerUserPostMasterSearchFields => ['mail'],

        CustomerUserNameFields => ['givenname', 'sn'],

        # show now own tickets in customer panel, CompanyTickets

        CustomerUserExcludePrimaryCustomerID => 0,

        # add a ldap filter for valid users (expert setting)

#       CustomerUserValidFilter => '(!(description=gesperrt))',

        # admin can't change customer preferences

        AdminSetPreferences => 0,

        Map => [

            # note: Login, Email and CustomerID needed!

            # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly

            [ 'UserSalutation', 'Title',      'title',           1, 0, 'var', '', 0 ],

            [ 'UserFirstname',  'Firstname',  'givenname',       1, 1, 'var', '', 0 ],

            [ 'UserLastname',   'Lastname',   'sn',              1, 1, 'var', '', 0 ],

            [ 'UserLogin',      'Username',   'uid',             1, 1, 'var', '', 0 ],

            [ 'UserEmail',      'Email',      'mail',            1, 1, 'var', '', 0 ],

            [ 'UserCustomerID', 'CustomerID', 'mail',            0, 1, 'var', '', 0 ],

#            [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],

            [ 'UserPhone',      'Phone',      'telephonenumber', 1, 0, 'var', '', 0 ],

            [ 'UserAddress',    'Address',    'postaladdress',   1, 0, 'var', '', 0 ],

            [ 'UserComment',    'Comment',    'description',     1, 0, 'var', '', 0 ],

        ],

    };

 

 

Dan O'Connor CNA

Network Support Technician

St. Amant

Ph: (204) 256-4301 ext. 2321

Fax: (204) 254-3768

Email: doconnor@stamant.mb.ca