Hi Kurt,
PERFECT, that was the right hint!
Thanks for helping me!
All right, heres what I see. You set the LDAP
Params twice and I didn't need them at all. You need to replace every
instance of 'uid' with 'sAMAccountName.' I also had to layout the username
differently. Thats just what I see.
#
CustomerUser
# (customer user ldap
backend and settings)
$Self->{CustomerUser} = {
Name
=> 'Active Directory',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'ADServer.domainname.com',
BaseDN => 'dc=domainname,dc=com',
SSCOPE => 'sub',
UserDN => 'cn=ADUsername,ou=users,dc=domainname,dc=com',
UserPw => 'password',
},
# customer uniq
id
CustomerKey => 'sAMAccountName',
#
customer #
CustomerID => 'mail',
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
#
show now own tickets in customer panel, CompanyTickets
CustomerUserExcludePrimaryCustomerID => 0,
#
admin can't change customer preferences
AdminSetPreferences => 0,
Map
=> [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown (1=always,2=lite), required,
storage-type, http-link, readonly
[ 'UserSalutation', 'Title', 'title',
1, 0, 'var', '', 0 ],
[ 'UserFirstname',
'Firstname',
'givenname',
1, 1, 'var', '',
0 ],
[ 'UserLastname',
'Lastname', 'sn',
1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName',
1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail',
1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail',
0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone',
'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress',
'Address',
'postaladdress', 1, 0,
'var', '', 0 ],
[ 'UserComment',
'Comment',
'description',
1, 0, 'var', '', 0 ],
],
};
Kurt O'Connor
Linn State Technical
College
kurt.oconnor@linnstate.edu
573-897-5275
----------------------------------------------------------
hi,
i'm searching now 3
hrs and can't find the error. i did the setup for ldap auth in the config.pm.
The LDAP Auth. works, but after the logon, i receive the following
error:
Fehler: Need CustomerID!!!
Kommentar:
Traceback: ERROR: OTRS-CGI-10
Perl: 5.8.8 OS: linux Time: Thu Sep 20 11:42:08 2007
Message: Need
CustomerID!!!
Traceback (4519):
Module:
Kernel::Output::HTML::Layout::CustomerError (v1.48) Line: 3308
Module:
Kernel::Modules::CustomerTicketOverView::Run (v1.42) Line: 72
Module:
Kernel::System::Web::InterfaceCustomer::Run (v1.20) Line: 704
Module:
/opt/otrs/bin/cgi-bin/customer.pl (v1.37) Line: 47
My
config:
#
#########################################################
#
CUSTOMER Auth
#
#########################################################
#
This is an example configuration for an LDAP auth. backend.
#
(take care that Net::LDAP is installed!)
$Self->{'Customer::AuthModule'} =
'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'MeinDC';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =
'dc=company,dc=local';
$Self->{'Customer::AuthModule::LDAP::UID'} =
'sAMAccountName';
# Check if the user is allowed to auth in
a posixGroup
# (e. g. user needs to be in a group xyz to use
otrs)
#$Self->{'Customer::AuthModule::LDAP::GroupDN'} =
'cn=otrsallow,ou=posixGroups,dc=example,dc=com';
#$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'memberUid';
# for ldap posixGroups objectclass (just uid)
#$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID';
#
for non ldap posixGroups objectclass (full user dn)
# #
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';
# The following is valid but would only be necessary if the
#
anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} =
'domain\username';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} =
'password';
# in case you want to add always one filter to
each ldap query, use
# this option. e. g. AlwaysFilter =>
'(mail=*)' or AlwaysFilter => '(objectclass=user)'
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} =
'(mail=*)';
# in case you want to add a suffix to each
customer login name, then
# you can use this option. e. g. user
just want to use user but
# in your ldap directory exists
user@domain.
#
$Self->{'Customer::AuthModule::LDAP::UserSuffix'} =
'@domain.com';
# Net::LDAP new params (if needed - for more
info see perldoc Net::LDAP)
$Self->{'Customer::AuthModule::LDAP::Params'} = {
port => 389,
timeout =>
120,
async => 0,
version => 3,
};
#
CustomerUser
# (customer user ldap backend and
settings)
$Self->{CustomerUser} = {
Name => 'LDAP Backend',
Module =>
'Kernel::System::CustomerUser::LDAP',
Params
=> {
# # ldap host
Host => 'meinDC',
#
# ldap base dn
BaseDN => 'ou=company,o=local',
#
# search scope (one|sub)
SSCOPE
=> 'sub',
# # The following is
valid but would only be necessary if the
#
# anonymous user does NOT have permission to read from the LDAP
tree
UserDN =>
'domain\user',
UserPw =>
'meinpassword',
# # in case you want
to add always one filter to each ldap query, use
#
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter
=> '(objectclass=user)'
AlwaysFilter => '(mail=*)',
# #
if your frontend is e. g. iso-8859-1 and the charset of your
#
# ldap server is utf-8, use this options (if not,
ignore it)
SourceCharset =>
'utf-8',
DestCharset =>
'utf-8',
# # die if backend can't
work, e. g. can't connect to server
Die => 1,
# # Net::LDAP new
params (if needed - for more info see perldoc Net::LDAP)
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
# # customer
uniq id
CustomerKey => 'uid',
#
# customer #
CustomerID
=> 'mail',
CustomerUserListFields => ['cn',
'mail'],
CustomerUserSearchFields => ['uid',
'cn', 'mail'],
CustomerUserSearchPrefix =>
'',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname',
'sn'],
# # show now own tickets in customer panel,
CompanyTickets
CustomerUserExcludePrimaryCustomerID => 0,
# #
add a ldap filter for valid users (expert setting)
#
# CustomerUserValidFilter => '(!(description=gesperrt))',
#
# admin can't change customer preferences
AdminSetPreferences => 0,
# #
cache time to life in sec. - cache any ldap queris
CacheTTL => 0,
Map => [
#
# note: Login, Email and CustomerID
needed!
# # var, frontend, storage,
shown (1=always,2=lite), required, storage-type, http-link, readonly
[ 'UserSalutation', 'Title',
'title', 1, 0, 'var', '', 0
],
[ 'UserFirstname',
'Firstname', 'givenname', 1, 1, 'var', '', 0
],
[ 'UserLastname',
'Lastname', 'sn',
1, 1, 'var', '', 0 ],
[
'UserLogin', 'Username', 'uid',
1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email',
'mail', 1, 1, 'var', '', 0
],
[ 'UserCustomerID',
'CustomerID', 'mail', 0, 1, 'var', '',
0 ],
# [ 'UserCustomerIDs',
'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
[ 'UserPhone', 'Phone',
'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address',
'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment',
'description', 1, 0, 'var', '', 0 ],
],
};