This is how I made mine work. You can adapt as needed......... # Enable LDAP Authentication Sync for Agent # $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP'; $Self->{'AuthSyncModule::LDAP::Host'} = 'ldap://172.16.223.2:389'; $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=yourdomain,dc=com'; $Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'AuthSyncModule::LDAP::UserAttr'} = 'DN'; $Self->{'AuthSyncModule::LDAP::AccessAttr'} = 'member'; $Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'cn=OTRS,ou=Technical Support,dc=yourdomain,dc=com'; $Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'LookupPasswordHere'; # Enable Agent Mapping from LDAP to DB # $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = { UserFirstname => 'givenName', UserLastname => 'sn', UserEmail => 'mail', }; # Enable Customer Authentication $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = 'dc1.yourdomain.com'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=yourdomain,dc=com'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'CN=Users,DC=yourdomain,DC=com'; $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member'; #$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID'; $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'; $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=OTRS,ou=Technical Support,dc=yourdomain,dc=com'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'LookupPasswordHere'; $Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = ''; $Self->{'Customer::AuthModule::LDAP::Params'} = { port => 389, timeout => 120, async => 0, version => 3, }; Timothy J. Deerinck Owner / Senior Network & Systems Engineer This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and is strictly prohibited by law.