I am able to see customer users, search for them, add them to tickets and even send e-mails to them but they can't login through the customer.pl script. My settings are shown below. My config.pm . . . #Enable LDAP authentication for Customers a.k.a non-IT employees $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = 'server.domain.org'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=users,dc=domain,dc=org'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; #CustomerUser #(customer user database backend and settings) $Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => 'server.domain.org', BaseDN => 'OU=staff,DC=domain,DC=org', SSCOPE => 'sub', UserDN =>'domain\otrsagent', UserPw => 'secret', }, # customer unique id CustomerKey => 'sAMAccountName', CustomerID => 'mail', CustomerUserListFields => ['sAMAccountName', 'mail'], CustomerUserSearchFields => ['sAMAccountName','givenname','sn' ], CustomerUserSearchPrefix => '*', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail', 'givenname', 'sn'], CustomerUserNameFields => ['cn', 'sn'], Map => [ # var,frontend,storage,shown,required,storage-type, http-link, readonly [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '',0 ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '',0], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var', '',0], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '',0], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '',0], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '',0], ], }; . . . sync-ldap2db . . . my $UidLDAP = 'domain\otrstest'; my $UidDB = 'otrs'; my %Map = ( # db => ldap email => 'mail', customer_id => 'mail', first_name => 'givenname', last_name => 'sn', pw => 'test', ); my $LDAPHost = 'server.domain.org'; my %LDAPParams = (); my $LDAPBaseDN = 'ou=staff,dc=rcskids,dc=org'; my $LDAPBindDN = 'domain\otrstest'; my $LDAPBindPW = 'secret'; my $LDAPScope = 'sub'; my $LDAPCharset = 'utf-8'; #my $LDAPFilter = ''; my $LDAPFilter = '(ObjectClass=*)'; my $DBCharset = 'iso-8859-1'; my $DBTable = 'customer_user'; . . . Thanks, Ryan ______________________________________________________________________ This email has been scanned by the Rebekah Children's Services Email Security System. **** Confidentiality Notice ***** The information contained in this e-mail, and any attachment, is private and confidential and is the property of Rebekah Children's Services. The information is intended only for the use of the intended recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or taking of any action in reliance on the contents of the information is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and destroy all copies of the original message. All reasonable precautions have been taken to ensure no viruses are present in this e-mail. We do not accept responsibility for any loss or damage arising from the use of this e-mail or attachments. We recommend that you subject these to your virus checking procedures prior to use. ______________________________________________________________________
Hi, First off all try to put this : $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=ldapsearcher,cn=users,dc=domain,dc=local'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password'; And in $Self->{CustomerUser} = { change UserDN =>'domain\otrsagent', by UserDN => 'cn=ldapsearcher,cn=users,dc=domain,dc=local', Keep me in touch about evolution. Hope this help. Le 22/04/2010 22:18, Ryan Miguel a écrit :
I am able to see customer users, search for them, add them to tickets and even send e-mails to them but they can't login through the customer.pl script. My settings are shown below.
My config.pm
.
.
.
#Enable LDAP authentication for Customers a.k.a non-IT employees
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'server.domain.org';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=users,dc=domain,dc=org';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'server.domain.org',
BaseDN => 'OU=staff,DC=domain,DC=org',
SSCOPE => 'sub',
UserDN =>'domain\otrsagent',
UserPw => 'secret',
},
# customer unique id
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'mail'],
CustomerUserSearchFields => ['sAMAccountName','givenname','sn' ],
CustomerUserSearchPrefix => '*',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail', 'givenname', 'sn'],
CustomerUserNameFields => ['cn', 'sn'],
Map => [
# var,frontend,storage,shown,required,storage-type, http-link, readonly
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '',0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '',0],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var', '',0],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '',0],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '',0],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '',0],
],
};
.
.
.
sync-ldap2db
.
.
.
my $UidLDAP = 'domain\otrstest';
my $UidDB = 'otrs';
my %Map = (
# db => ldap
email => 'mail',
customer_id => 'mail',
first_name => 'givenname',
last_name => 'sn',
pw => 'test',
);
my $LDAPHost = 'server.domain.org';
my %LDAPParams = ();
my $LDAPBaseDN = 'ou=staff,dc=rcskids,dc=org';
my $LDAPBindDN = 'domain\otrstest';
my $LDAPBindPW = 'secret';
my $LDAPScope = 'sub';
my $LDAPCharset = 'utf-8';
#my $LDAPFilter = '';
my $LDAPFilter = '(ObjectClass=*)';
my $DBCharset = 'iso-8859-1';
my $DBTable = 'customer_user';
.
.
.
Thanks,
Ryan
______________________________________________________________________
This email has been scanned by the Rebekah Children's Services Email Security System.
**** Confidentiality Notice *****
The information contained in this e-mail, and any attachment, is private and confidential and is the property of Rebekah Children's Services. The information is intended only for the use of the intended recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or taking of any action in reliance on the contents of the information is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and destroy all copies of the original message.
All reasonable precautions have been taken to ensure no viruses are present in this e-mail. We do not accept responsibility for any loss or damage arising from the use of this e-mail or attachments. We recommend that you subject these to your virus checking procedures prior to use. ______________________________________________________________________
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! http://www.otrs.com/en/support/enterprise-subscription/
-- Guillaume REHM Centre de Ressources Informatiques Responsable Sécurité du Système d'Information (RSSI) Bibliothèque Nationale et Universitaire de Strasbourg 5 rue du Maréchal Joffre BP 51029 67070 Strasbourg tél: 03 88 25 28 23 fax: 03 88 25 28 03 mail: guillaume.rehm@bnu.fr web: http://www.bnu.fr
participants (2)
-
Guillaume Rehm -
Ryan Miguel