On Tuesday, March 16, 2004 7:25 AM
Vladimir Gerdjikov
# This is an example configuration for an LDAP auth. backend. # (take care that Net::LDAP is installed!) # $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
OTRS doesn't AUTH against LDAP with this setting. Ok for you.
$Self->{'Customer::AuthModule'} = Kernel::System::CustomerAuth::LDAP';
Now it does it for the CustomerUsers.
#$Self->{'Customer::AuthModule::LDAP::Host'} = 'ldap.example.com';
But with which host? Uncomment and adapt this to your needs.
#$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=example,dc=com';
And which DN? Uncomment and adapt this, too.
#$Self->{'Customer::AuthModule::LDAP::UID'} = 'uid';
$Self->{'AuthModule::LDAP::Host'} = 'heb-hdo-dc-03.hebros.bg'; $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=hebros,dc=bg'; $Self->{'AuthModule::LDAP::UID'} = 'uid';
Here you give the necessary informations for AUTHing the _agents_ against LDAP, again - it's commented above, therefore these settings ar useless.Comment them. The rest is OK so far. So, to sum up: Don't mess up the settings for: $Self->{'AuthModule'} $Self->{'Customer::AuthModule'} $Self->{'Customer'} Each of these are capable of reading from an LDAP tree, each are configured independendly from one another.
I think string: cn=OTRS,ou=Service Users,ou=HeadOffice,dc=hebros,dc=bg is correct enough. We disable anonymous search in AD. I think BaseDN is "dc=hebros,dc=bg". Am I on the right way? I have no experiеnce with LDAP servers, but when I config my email client to work with LDAP directory (with string above), everithing is OK (with this BaseDN).
So we take it for good.
Is there somethig Active Directory specific in sintax?
Ask them, please ;) - but there shouldn't be. hth, Robert Kehl -- ((otrs.de)) :: OTRS GmbH :: Norsk-Data-Str. 1 :: 61352 Bad Homburg http://www.otrs.de/ :: Tel. +49 (0)6172 4832388