I am able to see customer users, search for them, add them to tickets and even send e-mails to them but they can’t login through the customer.pl script. My settings are shown below.

 

 

 

 

 

My config.pm

 

.

.

.

#Enable LDAP authentication for Customers a.k.a non-IT employees

  $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';

  $Self->{'Customer::AuthModule::LDAP::Host'} = 'server.domain.org';

  $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=users,dc=domain,dc=org';

  $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

 

#CustomerUser

#(customer user database backend and settings)

    $Self->{CustomerUser} = {

      Module => 'Kernel::System::CustomerUser::LDAP',

      Params => {

      Host => 'server.domain.org',

      BaseDN => 'OU=staff,DC=domain,DC=org',

      SSCOPE => 'sub',

      UserDN =>'domain\otrsagent',

      UserPw => 'secret',

    },

# customer unique id

    CustomerKey => 'sAMAccountName',

    CustomerID => 'mail',

    CustomerUserListFields => ['sAMAccountName', 'mail'],

    CustomerUserSearchFields => ['sAMAccountName','givenname','sn' ],

    CustomerUserSearchPrefix => '*',

    CustomerUserSearchSuffix => '*',

    CustomerUserSearchListLimit => 250,

    CustomerUserPostMasterSearchFields => ['mail', 'givenname', 'sn'],

    CustomerUserNameFields => ['cn', 'sn'],

    Map => [

# var,frontend,storage,shown,required,storage-type, http-link, readonly

      [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '',0 ],

      [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '',0],

      [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var', '',0],

      [ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '',0],

      [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '',0],

      [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '',0],

    ],

  };

.

.

.

 

 

 

sync-ldap2db

 

.

.

.

 

my $UidLDAP = 'domain\otrstest';

my $UidDB   = 'otrs';

 

my %Map = (

 

    # db => ldap

    email       => 'mail',

    customer_id => 'mail',

    first_name  => 'givenname',

    last_name   => 'sn',

    pw          => 'test',

 

);

 

my $LDAPHost    = 'server.domain.org';

my %LDAPParams  = ();

my $LDAPBaseDN  = 'ou=staff,dc=rcskids,dc=org';

my $LDAPBindDN  = 'domain\otrstest';

my $LDAPBindPW  = 'secret';

my $LDAPScope   = 'sub';

my $LDAPCharset = 'utf-8';

 

#my $LDAPFilter = '';

my $LDAPFilter = '(ObjectClass=*)';

 

my $DBCharset = 'iso-8859-1';

my $DBTable   = 'customer_user';

 

.

.

.

 

Thanks,

 

Ryan

 


______________________________________________________________________

This email has been scanned by the Rebekah Children's Services Email Security System.

**** Confidentiality Notice *****

The information contained in this e-mail, and any attachment, is private and confidential and is the property of Rebekah Children's Services. The information is intended only for the use of the intended recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or taking of any action in reliance on the contents of the information is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and destroy all copies of the original message.

All reasonable precautions have been taken to ensure no viruses are present in this e-mail. We do not accept responsibility for any loss or damage arising from the use of this e-mail or attachments. We recommend that you subject these to your virus checking procedures prior to use.
______________________________________________________________________