-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Niels. On Wed, 23 Jan 2008, Nielson, Adam wrote:
I am banging my head against the wall with LDAP authentication. I have tried everything! I now have access to a server, "ldap.test.com" and know the ou=People, and can use tools like Softerra LDAP Browser to confirm all this (via anonymous access).
What am I doing wrong? All the documentation reflects an AD environment, is this my problem?
Should the line: $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; <--- and related lines be something different for OpenLDAP? I have tried leaving the login info blank, commented out, left in, etc.
I have tried the line: $Self->{'AuthModule::LDAP::Host'} = 'ldap.test.com'; <--- with and without port number.
I have tried the line: $Self->{'AuthModule::LDAP::BaseDN'} = 'o=test.com'; <--- Ive also tried it with the ou=People added in, I don't see anything for a dc=, but ive tried all kinds of variants.
You've posted a scene where AD is the authentication backend. For OpenLDAP the next lines will show you the differences: # LDAP auth $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; $Self->{'AuthModule::LDAP::Host'} = 'your.ldapserver.company.com'; $Self->{'AuthModule::LDAP::BaseDN'} = 'ou=users,dc=intra,dc=company,dc=com'; $Self->{'AuthModule::LDAP::UID'} = 'uid'; If there is a need to bind an administrative account to read some attributes from your ldap you need to set config items like this: $Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=admin,dc=company,dc=com'; $Self->{'AuthModule::LDAP::SearchUserPw'} = 'admins secret'; To get some information about your ldap structure you should use 'ldapsearch'. Regards and HTH, Rico - -- Dipl.-Math. Rico Barth, Geschäftsführer/Projektleiter c.a.p.e. IT GmbH Annaberger Straße 240 , 09125 Chemnitz phone/fax: +49 371 5347-621 / -625 mobile: +49 176 66680786 mailto: rico.barth@cape-it.de , PGP-Key: 0x874C8377 internet: www.cape-it.de Geschäftsführung Rico Barth, Thomas Maier AG Chemnitz, HRB 23192 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFHl8Osmy4UBYdMg3cRAgiPAJ9MtyKEtSY4NGxJFCiavPDYaPzG0QCfarrm gavFCa2nmvdWuUw887vnTCc= =RaTQ -----END PGP SIGNATURE-----