Hi Israel,

 

this is what my LDAP config looks like:

 

$Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';

$Self->{'AuthModule::LDAP::Host1'} = x.x.x.x';

$Self->{'AuthModule::LDAP::BaseDN1'} = 'dc=xxx,dc=xxx,dc=xxx';

$Self->{'AuthModule::LDAP::UID1'} = 'samaccountname';

$Self->{'AuthModule::LDAP::GroupDN1'} = 'CN=OTRS-Users,OU=Groups,DC=xxx,DC=xxx,DC=xxx'; # users that are allowed to login

$Self->{'AuthModule::LDAP::AccessAttr1'} = 'member';

$Self->{'AuthModule::LDAP::UserAttr1'} = 'DN';

$Self->{'AuthModule::LDAP::SearchUserDN1'} = 'CN=otrs,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx'; # user to query LDAP

$Self->{'AuthModule::LDAP::SearchUserPw1'} = 'xxxxxxxxxxxxxx';

 

     $Self->{'UserSyncLDAPMap1'} =  {

     'UserEmail' => 'mail',

     'UserFirstname' => 'givenName',

     'UserLastname' => 'sn',

     'UserLogin' => 'sAMAccountName'

        };

 

$Self->{UserSyncLDAPMap};

$Self->{UserSyncLDAPGroups};

$Self->{'UserSyncLDAPGroupsDefination'};

$Self->{'UserSyncLDAPRolesDefination'};

$Self->{'UserSyncLDAPAttibuteGroupsDefination'};

$Self->{'UserSyncLDAPAttibuteRolesDefination'};

$Self->{'UserSyncLDAPGroupsDefination'};

 

With this setup, I’m able to authenticate local users and, if they don’t have a valid password in the local database, LDAP users as well.

 

Hope this helps, if you need more information let me know.

 

Regards

 

Daniel

 

 

Von: otrs-bounces@otrs.org [mailto:otrs-bounces@otrs.org] Im Auftrag von iga3725@yahoo.com
Gesendet: Mittwoch, 26. Februar 2014 15:45
An: OTRS. User questions and discussions about
Betreff: [otrs] Authenticate ldap and local, possible?

 

Hi again,

After otrs has been setup with ldap backend, reading from the manual,  now it's time for authenticate them.. I have added this  lines to Config.pm but it's not working...

################ LDAP AUTH #####################
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'domain.net';
$Self->{'AuthModule::LDAP::BaseDN'} = 'OU=domain,DC=domain,DC=net';
$Self->{'AuthModule::LDAP::UID'} = 'uid';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=Israel Garcia Alvarez,OU=Sistemes,OU=Usuaris Roureda,OU=BIBM,DC=bibm,DC=net';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'Password-:)';

# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
$Self->{'AuthModule::LDAP::AlwaysFilter'} = 'uid';

# in case you want to add a suffix to each login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
#    $Self->{'AuthModule::LDAP::UserSuffix'} = '@domain.com';

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
};
############################################

Otrs are not able to authenticate any user... Am I missing something in the setup to allow users (customers and agents) to login to our Otrs?

Also, is possible to authenticate ldap and local-database users?

Thanks much!!!!!!!!!!

regards,

Israel.