It WORKS!
I did read more about ldap and downloaded the windows xp systems tools so I can toy with adsi edit , and eventually i figured things out
The lines I totally got wrong were
$Self->{'AuthModule::LDAP::BaseDN'} = 'cn=servername01, ou=ou_l1, ou=sub_ou, dc=somethingdomain, dc=somethingelse, dc=com';
I previously entered the DN for the Active Directory server, and you should enter the DN for the branch that contain the Users DN(s)
and
I also had this line wrong
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'somethingdomain\name';
I previously entered the user name just as i entered it in the windows login screen, and you should enter the DN for the user instead (just as the param name implies :$)
I do recommend everyone interested in using AD with OTRS to down asdi edit to figure out the DN for everything on his corporate AD, if you work for a big company the tree can be huge and you might find it hard to find what you want asdi edit does not have a search capability, sou you might need your sys admin help to tip you on which branches contain the users etc ....
On 2/11/08, Ali M. <tclwarrior@gmail.com> wrote:
Well, yes, sorry but I can't see what you are pointing at.
I entered in my
config.pm file the exact lines everyone said it worked for them, just to repeat here they are
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'servername01';
$Self->{'AuthModule::LDAP::BaseDN'} = 'cn=servername01, ou=ou_l1, ou=sub_ou, dc=somethingdomain, dc=somethingelse, dc=com';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; #what is this for anyway!!!
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'somethingdomain\name'; #notice that somethingdomain is the same as the first dc in thebasedn
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'nontrivialpassword'
And OTRS do seem to notice them! since its removed the how-to get a new password pard from the index page.
My best guess is that I am sending or have entered wrong values in those parameters, my problem is OTRS doesn't confirm this!
For example for the parameter
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'something'
i tried it with domain\usrname and with the username only, but OTRS doesn't seem to indicate to me which one is wrong and which is right!
note that i did create two users inside otrs one with the domain\ as part of the name and another without it
my best bet now is to learn more about Perl ldap support, and try to write my own ldap perl script to just be sure about the correct parameter values for the parameters in
config.pm