Re: [otrs] Another painful LDAPS problem

30 Jun 2017


      Hi Evan,

this is my working config on a test system:

$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'ldaps://xxx';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=domain,dc=tld';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrsbinduser@domain.tld';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = ‘xxx';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(mail=*)’;

$Self->{CustomerUser} = {
    Name => 'LDAP Backend',
    Module => 'Kernel::System::CustomerUser::LDAP',
    Params => {
        Host => 'ldaps://xxx',
        BaseDN => 'dc=domain,dc=tld',
        SSCOPE => 'sub',
        UserDN => 'otrsbinduser@domain.tld',
        UserPw => ‘xx',
        AlwaysFilter => '(mail=*)',
        SourceCharset => 'utf-8',
        DestCharset => 'utf-8',
        Die => 0,
        Params => {
            verify  => 'none',
            timeout => 30,
            async   => 0,
            version => 3,
        },
    },
    # customer unique id
    CustomerKey => 'sAMAccountName',
    # customer #
    CustomerID => 'mail’,

…

hth, Roy

Re: [otrs] Another painful LDAPS problem

Roy Kaldung