You're using Windows AD, right?
 
I think i once came to the conclusion that the "Users" container is exactly that: A container. Not an OU.
 
So i think that you'll have to access it with "cn=Users" instead of "ou=Users", unless you've renamed the original Users container and created a new OU.
 
And i see that your customer part is accessing "People" instead of "Users".
 
Makes sense?
Or am i way off...

--
/Sune

 

From: otrs-bounces@otrs.org [mailto:otrs-bounces@otrs.org] On Behalf Of Ezra Taylor
Sent: 25. marts 2008 15:14
To: User questions and discussions about OTRS.org
Subject: Re: [otrs] LDAP Authentication of Agents

What errors are you getting?  Post the complete errors to your email.  Also, make sure you have ldap working correctly before you use it to authorize and authenticate users.

On Tue, Mar 25, 2008 at 9:31 AM, ammad shah <mammadshah@gmail.com> wrote:
 i  did alot of configuratios foudn on internet, but getting erros on httpd error log my Config.pm is

 $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
  $Self->{'AuthModule::LDAP::Host'} = 'cc-pdc.test.local';
  $Self->{'AuthModule::LDAP::BaseDN'} = 'ou=test, dc=test, dc=local';
  $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';

  $Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=otrs ldap, cn=Users, dc=test, dc=local';
  $Self->{'AuthModule::LDAP::SearchUserPw'} = '0tr$2008';


  # This is an test configuration for an LDAP auth. backend.
  # (take care that Net::LDAP is installed!)
  $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
  $Self->{'Customer::AuthModule::LDAP::Host'} = 'cc-pdc.test.local';
  $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=Users, dc=test, dc=local';
  $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

  # The following is valid but would only be necessary if the
  # anonymous user do NOT have permission to read from the LDAP tree
  $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=otrs ldap, ou=Users, dc=test, dc=local';
  $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '0tr$2008';

  # CustomerUser
  # (customer user database backend and settings)
    $Self->{CustomerUser} = {
        Name => 'Datenbank',
        Module => 'Kernel::System::CustomerUser::DB',
        Params => { Table => 'customer_user',
            # to use an external database
#           DSN => 'DBI:odbc:yourdsn',
#           DSN => 'DBI:mysql:database=customerdb;host=customerdbhost',
#           User => '', Password => '',
        },
        # customer uniq id
        CustomerKey => 'login',
        CustomerID => 'customer_id',
        CustomerValid => 'valid_id',
        CustomerUserListFields => ['first_name', 'last_name', 'email'],
#       CustomerUserListFields => ['login', 'first_name', 'last_name', 'customer_id', 'email'],
        CustomerUserSearchFields => ['login', 'last_name', 'customer_id'],
        CustomerUserSearchPrefix => '',
        CustomerUserSearchSuffix => '*',
        CustomerUserSearchListLimit => 250,
        CustomerUserPostMasterSearchFields => ['email'],
        CustomerUserNameFields => ['salutation', 'first_name', 'last_name'],
#       ReadOnly => 1,
        Map => [
            # note: Login, Email and CustomerID needed!
            # var, frontend, storage, shown, required, storage-type, http-link
            [ 'UserSalutation', 'Salutation', 'salutation', 1, 0, 'var' ],
            [ 'UserFirstname', 'Firstname', 'first_name', 1, 1, 'var' ],
            [ 'UserLastname', 'Lastname', 'last_name', 1, 1, 'var' ],
            [ 'UserLogin', 'Login', 'login', 1, 1, 'var' ],
            [ 'UserPassword', 'Password', 'pw', 0, 1, 'var' ],
            [ 'UserEmail', 'Email', 'email', 0, 1, 'var' ],
            [ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var' ],
            [ 'Userlocalment', 'localment', 'localments', 1, 0, 'var' ],
            [ 'ValidID', 'Valid', 'valid_id', 0, 1, 'int' ],
        ],
    };

  # CustomerUser1
  # (customer user ldap backend and settings)
  $Self->{CustomerUser1} = {
    Module => 'Kernel::System::CustomerUser::LDAP',
    Params => {
      # ldap host
      Host => 'cc-pdc.test.local',
      # ldap base dn
      BaseDN => 'dc=test, dc=local',
      # search scope (one|sub)
      SSCOPE => 'sub',
      # The following is valid but would only be necessary if the
      # anonymous user does NOT have permission to read from the LDAP tree
      UserDN => 'cn=otrs ldap, ou=People, dc=test, dc=local',
      UserPw => '0tr$2008',
      AlwaysFilter => '',
      SourceCharset => 'utf-8',
      DestCharset => 'iso-8859-1',
    },
    # customer uniq id
    CustomerKey => 'sAMAccountName',
    # customer #
    CustomerID => 'mail',
    CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
    CustomerUserSearchListLimit => 250,
    CustomerUserPostMasterSearchFields => ['mail'],
    CustomerUserNameFields => ['givenname', 'sn'],
    Map => [
      # note: Login, Email and CustomerID needed!
      # var, frontend, storage, shown, required, storage-type
      #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
      [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
      [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
      [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
      [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
      [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
      [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
      #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
      #[ 'Userlocalment', 'localment', 'description', 1, 0, 'var' ],
    ],
  };



when i try to login otrs

otrs@test.local using password. but getting errors.  help required by all of you.

--
M Ammad Shah
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support or consulting for your OTRS system?
=> http://www.otrs.com/



--
Ezra Taylor