Hi David,
Thanks for your prompt reply, really appreciate it. Please do send me the blank
config to me. But my current config does have the SearchUserDN.
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';
Thanks.
Regards,
Zak
From: [email protected] [mailto:[email protected]] On Behalf Of David
Holder
Sent: Tuesday, November 24, 2009 5:42 PM
To: User questions and discussions about OTRS.
Subject: Re: [otrs] LDAP Intregration
Hi Zak
Do you have the full Distinguished Name for the search account?
($Self->{'Customer::AuthModule:
:LDAP::SearchUserDN'})
I can always send you my blank config which is working OK if you want?
Regards,
David
On Tue, Nov 24, 2009 at 9:08 AM, Mohamed Zakaria
<[email protected]<mailto:[email protected]>> wrote:
Hi,
I am not able to intergrate my current AD to the otrs system. The system log
shows this message:
Tue Nov 24 17:03:25 2009 error OTRS-CGI-10 First bind
failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error,
data 525, vece�
This is my config.pm<http://config.pm> the portion that is above “End of own
config”. Can anyone help me with this? Thanks.
#Start of LDAP
#Enable LDAP authentication for Customers / Users
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '10.200.1.1';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=Users,dc=abc,dc=com';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#The following is valid but would only be necessary if the
#anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '10.200.1.1',
BaseDN => 'OU=Users,DC=abc,DC=com',
SSCOPE => 'sub',
UserDN =>'CN=otrs,OU=Users,DC=abc,DC=com',
UserPw => 'password',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
#Add the following lines when only users are allowed to login if they reside in
the spicified security group
#Remove these lines if you want to provide login to all users specified in the
User Base DN
#example: $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=BaseOU,
dc=example, dc=com';
# $Self->{'Customer::AuthModule::LDAP::GroupDN'} =
'CN=otrs_ldap_allow_C,OU=Groups,OU=BaseOU,DC=example,DC=com';
# $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
# $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'
#End of LDAP
Regards,
Zak
________________________________
This email is confidential and intended solely for the use of the individual to
whom it is addressed. If you are not the intended recipient, be advised that
you have received this email in error and that any use, dissemination,
forwarding, printing or copying of this email is strictly prohibited. If you
have received this email in error please contact the sender.
________________________________
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/
#####################################################################################
This email is confidential and intended solely for the use of the individual to
whom
it is addressed. If you are not the intended recipient, be advised that you
have received
this email in error and that any use, dissemination, forwarding, printing or
copying
of this email is strictly prohibited. If you have received this email in error
please contact the sender.
#####################################################################################
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/
