Guillaume,
I just tried changing the script to...
"cn=otrsagent,*cn*=users,dc=domain,dc=org"
instead of...
"cn=otrsagent,*ou*=users,dc=domain,dc=org"
as you suggested but it still didn't work. I have attached my full
config.pm file and sync-ldap2db script. Perhaps I am skipping over
something?
Is there a setting where I have to specify that I want to use the local
database for customer users and agents?
Or that I want to have the LDAP synced to the local DB (in the config.pm
or agent config frontend)?
Thanks,
Ryan
______________________________________________________________________
This email has been scanned by the Rebekah Children's Services Email Security
System.
**** Confidentiality Notice *****
The information contained in this e-mail, and any attachment, is private and
confidential and is the property of Rebekah Children's Services. The
information is intended only for the use of the intended recipient. If you are
not the intended recipient, you are hereby notified that any disclosure,
copying, distribution, or taking of any action in reliance on the contents of
the information is strictly prohibited. If you have received this e-mail in
error, please immediately notify the sender and destroy all copies of the
original message.
All reasonable precautions have been taken to ensure no viruses are present in
this e-mail. We do not accept responsibility for any loss or damage arising
from the use of this e-mail or attachments. We recommend that you subject
these to your virus checking procedures prior to use.
______________________________________________________________________
#!C:/PROGRA~1/OTRS/StrawberryPerl/perl/bin/perl.exe -w
# --
# scripts/tools/sync-ldap2db.pl - sync a ldap directory to database
# Copyright (C) 2001-2009 OTRS AG, http://otrs.org/
# --
# $Id: sync-ldap2db.pl,v 1.10 2009/02/16 12:40:23 tr Exp $
# --
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU AFFERO General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
# or see http://www.gnu.org/licenses/agpl.txt.
# --
# use ../ as lib location
use File::Basename;
use FindBin qw($RealBin);
use lib dirname($RealBin) . "/../";
use lib dirname($RealBin) . "/../Kernel/cpan-lib";
use strict;
use warnings;
use vars qw($VERSION);
$VERSION = qw($Revision: 1.10 $) [1];
use Net::LDAP;
use Kernel::Config;
use Kernel::System::Log;
use Kernel::System::Main;
use Kernel::System::DB;
use Kernel::System::Encode;
# create common objects
my %CommonObject = ();
$CommonObject{ConfigObject} = Kernel::Config->new();
$CommonObject{LogObject} = Kernel::System::Log->new(
LogPrefix => 'OTRS-sync-ldap2db',
%CommonObject,
);
$CommonObject{MainObject} = Kernel::System::Main->new(%CommonObject);
$CommonObject{EncodeObject} = Kernel::System::Encode->new(%CommonObject);
$CommonObject{DBObject} = Kernel::System::DB->new(%CommonObject);
my $UidLDAP = 'otrsagent';
my $UidDB = 'otrs';
my %Map = (
# db => ldap
email => 'mail',
customer_id => 'mail',
first_name => 'givenname',
last_name => 'sn',
pw => 'test',
# comments => 'description',
comments => 'postaladdress',
);
my $LDAPHost = 'dc-gilroy-2.rcskids.org';
my %LDAPParams = ();
my $LDAPBaseDN = 'ou=users,dc=rcskids,dc=org';
my $LDAPBindDN = 'cn=otrsagent,cn=users,dc=rcskids,dc=org';
my $LDAPBindPW = 'password';
my $LDAPScope = 'sub';
my $LDAPCharset = 'utf-8';
#my $LDAPFilter = '';
my $LDAPFilter = '(ObjectClass=*)';
my $DBCharset = 'iso-8859-1';
my $DBTable = 'customer_user';
# ldap connect and bind (maybe with SearchUserDN and SearchUserPw)
my $LDAP = Net::LDAP->new( $LDAPHost, %LDAPParams ) or die "$@";
if ( !$LDAP->bind( dn => $LDAPBindDN, password => $LDAPBindPW ) ) {
$CommonObject{LogObject}->Log(
Priority => 'error',
Message => "Bind failed!",
);
exit 1;
}
# split request of all accounts
for (qw(0 1 2 3 4 5 6 7 8 9 a b c d e f g h i j k l m n o p q r s t u v w x y
z)) {
my $Filter = "($UidLDAP=$_*)";
if ($LDAPFilter) {
$Filter = "(&$LDAPFilter$Filter)";
}
# perform user search
my $Result = $LDAP->search(
base => $LDAPBaseDN,
scope => $LDAPScope,
filter => $Filter,
);
#print "F: ($UidLDAP=$_*)\n";
for my $entry ( $Result->all_entries ) {
my $UID = $entry->get_value($UidLDAP);
if ($UID) {
# check if uid existsis in db
my $Insert = 1;
$CommonObject{DBObject}->Prepare(
SQL => "SELECT $UidDB FROM $DBTable WHERE $UidDB = '"
. $CommonObject{DBObject}->Quote($UID) . "'",
Limit => 1,
);
while ( my @Row = $CommonObject{DBObject}->FetchrowArray() ) {
$Insert = 0;
}
my $SQLPre = '';
my $SQLPost = '';
my $Type = '';
if ($Insert) {
$Type = 'INSERT';
}
else {
$Type = 'UPDATE';
}
for ( keys %Map ) {
my $Value = $CommonObject{DBObject}->Quote(
_ConvertTo( $entry->get_value( $Map{$_} ) ) || ''
);
if ( $Type eq 'UPDATE' ) {
if ($SQLPre) {
$SQLPre .= ", ";
}
$SQLPre .= " $_ = '$Value'";
}
else {
if ($SQLPre) {
$SQLPre .= ", ";
}
$SQLPre .= "$_";
if ($SQLPost) {
$SQLPost .= ", ";
}
$SQLPost .= "'$Value'";
}
}
my $SQL = '';
if ( $Type eq 'UPDATE' ) {
print "UPDATE: $UID\n";
$SQL
= "UPDATE $DBTable SET $SQLPre, valid_id = 1, change_time =
current_timestamp, change_by = 1 ";
$SQL .= " WHERE $UidDB = '" .
$CommonObject{DBObject}->Quote($UID) . "'";
}
else {
print "INSERT: $UID\n";
$SQL
= "INSERT INTO $DBTable ($SQLPre, $UidDB, valid_id,
create_time, create_by, change_time, change_by) VALUES ($SQLPost, '"
. $CommonObject{DBObject}->Quote($UID)
. "', 1, current_timestamp, 1, current_timestamp, 1)";
}
$CommonObject{DBObject}->Do( SQL => $SQL );
}
}
}
sub _ConvertTo {
my $Text = shift;
return if !defined $Text;
return $CommonObject{EncodeObject}->Convert(
Text => $Text,
To => $DBCharset,
From => $LDAPCharset,
);
}
# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2009 OTRS AG, http://otrs.org/
# --
# $Id: Config.pm.dist,v 1.21 2009/02/16 12:01:43 tr Exp $
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --
# Note:
#
# -->> OTRS does have a lot of config settings. For more settings
# (Notifications, Ticket::ViewAccelerator, Ticket::NumberGenerator,
# LDAP, PostMaster, Session, Preferences, ...) see
# Kernel/Config/Defaults.pm and copy your wanted lines into "this"
# config file. This file will not be changed on update!
#
# --
package Kernel::Config;
sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# Start of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'otrs';
# DatabasePw
# (The password of database user. You also can use bin/CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'hot';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} =
"DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} =
"DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = 'C:/PROGRA~1/OTRS/OTRS';
# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{'CheckMXRecord'} = 1;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #
$Self->{LogModule} = 'Kernel::System::Log::File';
$Self->{'LogModule::LogFile'} = 'C:/PROGRA~1/OTRS/OTRS/var/log/otrs.log';
$Self->{SpellChecker} = '0';
# $DIBI$
$Self->{'SystemID'} = 10;
$Self->{'SecureMode'} = 0;
$Self->{'Organization'} = 'Rebekah Childrens Services';
$Self->{'LogModule'} = 'Kernel::System::Log::File';
$Self->{'FQDN'} = 'helpdesk.rcskids.org';
$Self->{'DefaultLanguage'} = 'en';
$Self->{'AdminEmail'} = '[email protected]';
$Self->{'DefaultCharset'} = 'utf-8';
######################################################################
#--------------------------------my stuff----------------------------#
######################################################################
#Enable LDAP authentication for Customers / Users
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'dc-gilroy-2.rcskids.org';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=users,dc=rcskids,dc=org';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'dc-gilroy-2.rcskids.org',
BaseDN => 'OU=staff,DC=rcskids,DC=org',
SSCOPE => 'sub',
UserDN =>'rcskids\otrsagent',
UserPw => 'password',
},
# customer unique id
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'mail'],
CustomerUserSearchFields => ['sAMAccountName','givenname','sn' ],
CustomerUserSearchPrefix => '*',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail', 'givenname', 'sn'],
CustomerUserNameFields => ['cn', 'sn'],
Map => [
# var,frontend,storage,shown,required,storage-type, http-link, readonly
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '',0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '',0],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var', '',0],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '',0],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '',0],
#[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '',0],
],
};
# SendmailModule
$Self->{"SendmailModule"} = 'Kernel::System::Email::SMTP';
$Self->{"SendmailModule::Host"} = 'neo.rcskids.org';
$Self->{"SendmailModule::AuthUser"} = '[email protected]';
$Self->{"SendmailModule::AuthPassword"} = 'password';
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# End of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
}
# ---------------------------------------------------- #
# needed system stuff (don't edit this) #
# ---------------------------------------------------- #
use strict;
use warnings;
use vars qw(@ISA $VERSION);
use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');
use vars qw(@ISA $VERSION);
$VERSION = qw($Revision: 1.21 $)[1];
# -----------------------------------------------------#
1;---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/
