RE: [otrs] LDAP Authentication of Agents

You're using Windows AD, right? I think i once came to the conclusion that the "Users" container is exactly that: A container. Not an OU. So i think that you'll have to access it with "cn=Users" instead of "ou=Users", unless you've renamed the original Users container and created a new OU. And i see that your customer part is accessing "People" instead of "Users". Makes sense? Or am i way off... -- /Sune _____ From: otrs-bounces@otrs.org [mailto:otrs-bounces@otrs.org] On Behalf Of Ezra Taylor Sent: 25. marts 2008 15:14 To: User questions and discussions about OTRS.org Subject: Re: [otrs] LDAP Authentication of Agents What errors are you getting? Post the complete errors to your email. Also, make sure you have ldap working correctly before you use it to authorize and authenticate users. On Tue, Mar 25, 2008 at 9:31 AM, ammad shah mailto:mammadshah@gmail.com > wrote: i did alot of configuratios foudn on internet, but getting erros on httpd error log my Config.pm http://Config.pm is $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; $Self->{'AuthModule::LDAP::Host'} = 'cc-pdc.test.local'; $Self->{'AuthModule::LDAP::BaseDN'} = 'ou=test, dc=test, dc=local'; $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=otrs ldap, cn=Users, dc=test, dc=local'; $Self->{'AuthModule::LDAP::SearchUserPw'} = '0tr$2008'; # This is an test configuration for an LDAP auth. backend. # (take care that Net::LDAP is installed!) $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = 'cc-pdc.test.local'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=Users, dc=test, dc=local'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; # The following is valid but would only be necessary if the # anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=otrs ldap, ou=Users, dc=test, dc=local'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '0tr$2008'; # CustomerUser # (customer user database backend and settings) $Self->{CustomerUser} = { Name => 'Datenbank', Module => 'Kernel::System::CustomerUser::DB', Params => { Table => 'customer_user', # to use an external database # DSN => 'DBI:odbc:yourdsn', # DSN => 'DBI:mysql:database=customerdb;host=customerdbhost', # User => '', Password => '', }, # customer uniq id CustomerKey => 'login', CustomerID => 'customer_id', CustomerValid => 'valid_id', CustomerUserListFields => ['first_name', 'last_name', 'email'], # CustomerUserListFields => ['login', 'first_name', 'last_name', 'customer_id', 'email'], CustomerUserSearchFields => ['login', 'last_name', 'customer_id'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['email'], CustomerUserNameFields => ['salutation', 'first_name', 'last_name'], # ReadOnly => 1, Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type, http-link [ 'UserSalutation', 'Salutation', 'salutation', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'first_name', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'last_name', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'login', 1, 1, 'var' ], [ 'UserPassword', 'Password', 'pw', 0, 1, 'var' ], [ 'UserEmail', 'Email', 'email', 0, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var' ], [ 'Userlocalment', 'localment', 'localments', 1, 0, 'var' ], [ 'ValidID', 'Valid', 'valid_id', 0, 1, 'int' ], ], }; # CustomerUser1 # (customer user ldap backend and settings) $Self->{CustomerUser1} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { # ldap host Host => 'cc-pdc.test.local', # ldap base dn BaseDN => 'dc=test, dc=local', # search scope (one|sub) SSCOPE => 'sub', # The following is valid but would only be necessary if the # anonymous user does NOT have permission to read from the LDAP tree UserDN => 'cn=otrs ldap, ou=People, dc=test, dc=local', UserPw => '0tr$2008', AlwaysFilter => '', SourceCharset => 'utf-8', DestCharset => 'iso-8859-1', }, # customer uniq id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'mail', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], #[ 'Userlocalment', 'localment', 'description', 1, 0, 'var' ], ], }; when i try to login otrs otrs@test.local mailto:otrs@test.local using password. but getting errors. help required by all of you. -- M Ammad Shah _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/ http://www.otrs.com/ -- Ezra Taylor