Re: [otrs] LDAP Intregration

Tue, 24 Nov 2009 01:56:05 -0800 

Hi Zak, E-mail has been sent to you directly,

With regards to my previous comment I was just wondering if your config
contains the full DN of the otrs searcher account, so where you've put:

$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs';

but in your live config it's actually:

 $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=otrs,ou=OTRS LDAP
Searcher,dc=companyname,dc=local';

Let us know how you get on :)

Regards,

David

On Tue, Nov 24, 2009 at 9:46 AM, Mohamed Zakaria <
[email protected]> wrote:

>  Hi David,
>
>
>
> Thanks for your prompt reply, really appreciate it. Please do send me the
> blank config to me. But my current config does have the SearchUserDN.
>
>   $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs';
>
>   $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';
>
> Thanks.
>
> Regards,
>
> Zak
>
>
>
>
>
> *From:* [email protected] [mailto:[email protected]] *On Behalf Of
> *David Holder
> *Sent:* Tuesday, November 24, 2009 5:42 PM
> *To:* User questions and discussions about OTRS.
> *Subject:* Re: [otrs] LDAP Intregration
>
>
>
> Hi Zak
>
> Do you have the full Distinguished Name for the search account?
> ($Self->{'Customer::AuthModule:
>
> :LDAP::SearchUserDN'})
>
> I can always send you my blank config which is working OK if you want?
>
> Regards,
>
> David
>
>
>
>
>
> On Tue, Nov 24, 2009 at 9:08 AM, Mohamed Zakaria <
> [email protected]> wrote:
>
> Hi,
>
>
>
> I am not able to intergrate my current AD to the otrs system. The system
> log shows this message:
>
> Tue Nov 24 17:03:25 2009             error      OTRS-CGI-10      First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece�
>
>
>
> This is my config.pm the portion that is above “End of own config”. Can
> anyone help me with this? Thanks.
>
>
>
> #Start of LDAP
>
> #Enable LDAP authentication for Customers / Users
>
>   $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
>
>   $Self->{'Customer::AuthModule::LDAP::Host'} = '10.200.1.1';
>
>   $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=Users,dc=abc,dc=com';
>
>   $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
>
>
>
> #The following is valid but would only be necessary if the
>
> #anonymous user do NOT have permission to read from the LDAP tree
>
>   $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs';
>
>   $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';
>
>
>
> #CustomerUser
>
> #(customer user database backend and settings)
>
>     $Self->{CustomerUser} = {
>
>       Module => 'Kernel::System::CustomerUser::LDAP',
>
>       Params => {
>
>       Host => '10.200.1.1',
>
>       BaseDN => 'OU=Users,DC=abc,DC=com',
>
>       SSCOPE => 'sub',
>
>       UserDN =>'CN=otrs,OU=Users,DC=abc,DC=com',
>
>       UserPw => 'password',
>
>     },
>
> # customer unique id
>
>     CustomerKey => 'sAMAccountName',
>
>     # customer #
>
>     CustomerID => 'mail',
>
>     CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
>
>     CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
>
>     CustomerUserSearchPrefix => '',
>
>     CustomerUserSearchSuffix => '*',
>
>     CustomerUserSearchListLimit => 250,
>
>     CustomerUserPostMasterSearchFields => ['mail'],
>
>     CustomerUserNameFields => ['givenname', 'sn'],
>
>     Map => [
>
>       # note: Login, Email and CustomerID needed!
>
>       # var, frontend, storage, shown, required, storage-type
>
>       #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
>
>       [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
>
>       [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
>
>       [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
>
>       [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
>
>       [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
>
>       [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
>
>       #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
>
>       #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
>
>     ],
>
>   };
>
>
>
> #Add the following lines when only users are allowed to login if they
> reside in the spicified security group
>
> #Remove these lines if you want to provide login to all users specified in
> the User Base DN
>
> #example: $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=BaseOU,
> dc=example, dc=com';
>
>  # $Self->{'Customer::AuthModule::LDAP::GroupDN'} =
> 'CN=otrs_ldap_allow_C,OU=Groups,OU=BaseOU,DC=example,DC=com';
>
>  # $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
>
>  # $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'
>
>
>
>
>
> #End of LDAP
>
>
>
>
>
> Regards,
>
> Zak
>   ------------------------------
>
> This email is confidential and intended solely for the use of the
> individual to whom it is addressed. If you are not the intended recipient,
> be advised that you have received this email in error and that any use,
> dissemination, forwarding, printing or copying of this email is strictly
> prohibited. If you have received this email in error please contact the
> sender.
>  ------------------------------
>
>
> ---------------------------------------------------------------------
> OTRS mailing list: otrs - Webpage: http://otrs.org/
> Archive: http://lists.otrs.org/pipermail/otrs
> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
>
> NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
> http://www.otrs.com/en/support/enterprise-subscription/
>
>
>  ------------------------------
> This email is confidential and intended solely for the use of the
> individual to whom it is addressed. If you are not the intended recipient,
> be advised that you have received this email in error and that any use,
> dissemination, forwarding, printing or copying of this email is strictly
> prohibited. If you have received this email in error please contact the
> sender.
> ------------------------------
>
> ---------------------------------------------------------------------
> OTRS mailing list: otrs - Webpage: http://otrs.org/
> Archive: http://lists.otrs.org/pipermail/otrs
> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
>
> NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
> http://www.otrs.com/en/support/enterprise-subscription/
>

---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/

Reply via email to