Hi all, Having finally got OTRS LDAP functions to work on my Windows 2000 Professional test environment, I tried plugging the values into the config.pm of our live RedHat Linux box which has been running for months. I found that this bit of the code seems OK: # ---------------------------------------------------- # # # # LDAP - RPV 30 June 2005 # # # # ---------------------------------------------------- # # For secure LDAP; try host of 'ldaps://xxxx.solar.local'; # Customer Authentication # Added by RPV 30 June 2005 # $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = 'xxxx.solar.local'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=staff,dc=solar,dc=local'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=xxxx,ou=staff,dc=solar,dc=local'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'xxxx'; # # OTRS runs fine with this in Bizarrely, as soon as I plug in the following, which works on the Windows 2000 test server; # Customer User # Added by RPV 29 June 2005 # # CustomerUser # (customer user ldap backend and settings) $Self->{CustomerUser} = { Name => 'LDAP Source', Module => 'Kernel::System::CustomerUser::LDAP', Params => { # ldap host Host => 'xxxx.solar.local', # ldap base dn BaseDN => 'ou=staff,dc=solar,dc=local', # search scope (one|sub) SSCOPE => 'sub', # The following is valid but would only be necessary if the # anonymous user does NOT have permission to read from the LDAP tree UserDN => 'cn=xxxx,ou=staff,dc=solar,dc=local', UserPw => 'xxxx', # in case you want to add always one filter to each ldap query, use # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)' AlwaysFilter => '(objectclass=user)', # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) Params => { # # RPV - Normal : 389 # port => 389, # # RPV - Secure : 636 # # port => 636, # RPV - Default Version : 2 version => 3, }, }, # customer uniq id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'mail', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 600, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], AdminSetPreferences => 0, Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], [ 'UserFax', 'Fax', 'facsimileTelephoneNumber', 1, 0, 'var' ], [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], ], }; # # I get this response: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. ------------------------------------------------------------------------ -------- Apache/2.0.46 (Red Hat) Server at comet2 Port 80 I've tried changing the Params => {version number from 3 to 2 but that makes no difference. What have I done wrong? VERY confused Rajendrakumar Varsani BSc (Hons) Tel: (01904) 455805 (GTN 5138 5805) Fax: (01904) 455711 (GTN 5138 5711) Mobile: 07968 243125 Email: rajendrakumar.varsani@psd.defra.gsi.gov.uk Department for Environment, Food and Rural Affairs (Defra) This email and any attachments is intended for the named recipient only. If you have received it in error you have no authority to use, disclose, store or copy any of its contents and you should destroy it and inform the sender. Whilst this email and associated attachments will have been checked for known viruses whilst within Defra systems we can accept no responsibility once it has left our systems. Communications on Defra's computer systems may be monitored and/or recorded to secure the effective operation of the system and for other lawful purposes.