Re: [otrs] Authenticate ldap and local, possible?

Wed, 26 Feb 2014 06:58:28 -0800 

Hi Israel,

this is what my LDAP config looks like:

$Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host1'} = x.x.x.x';
$Self->{'AuthModule::LDAP::BaseDN1'} = 'dc=xxx,dc=xxx,dc=xxx';
$Self->{'AuthModule::LDAP::UID1'} = 'samaccountname';
$Self->{'AuthModule::LDAP::GroupDN1'} = 
'CN=OTRS-Users,OU=Groups,DC=xxx,DC=xxx,DC=xxx'; # users that are allowed to 
login
$Self->{'AuthModule::LDAP::AccessAttr1'} = 'member';
$Self->{'AuthModule::LDAP::UserAttr1'} = 'DN';
$Self->{'AuthModule::LDAP::SearchUserDN1'} = 
'CN=otrs,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx'; # user to query LDAP
$Self->{'AuthModule::LDAP::SearchUserPw1'} = 'xxxxxxxxxxxxxx';

     $Self->{'UserSyncLDAPMap1'} =  {
     'UserEmail' => 'mail',
     'UserFirstname' => 'givenName',
     'UserLastname' => 'sn',
     'UserLogin' => 'sAMAccountName'
        };

$Self->{UserSyncLDAPMap};
$Self->{UserSyncLDAPGroups};
$Self->{'UserSyncLDAPGroupsDefination'};
$Self->{'UserSyncLDAPRolesDefination'};
$Self->{'UserSyncLDAPAttibuteGroupsDefination'};
$Self->{'UserSyncLDAPAttibuteRolesDefination'};
$Self->{'UserSyncLDAPGroupsDefination'};

With this setup, I'm able to authenticate local users and, if they don't have a 
valid password in the local database, LDAP users as well.

Hope this helps, if you need more information let me know.

Regards

Daniel


Von: otrs-boun...@otrs.org [mailto:otrs-boun...@otrs.org] Im Auftrag von 
iga3...@yahoo.com
Gesendet: Mittwoch, 26. Februar 2014 15:45
An: OTRS. User questions and discussions about
Betreff: [otrs] Authenticate ldap and local, possible?

Hi again,

After otrs has been setup with ldap backend, reading from the manual,  now it's 
time for authenticate them.. I have added this  lines to Config.pm but it's not 
working...

################ LDAP AUTH #####################
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'domain.net';
$Self->{'AuthModule::LDAP::BaseDN'} = 'OU=domain,DC=domain,DC=net';
$Self->{'AuthModule::LDAP::UID'} = 'uid';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=Israel Garcia 
Alvarez,OU=Sistemes,OU=Usuaris Roureda,OU=BIBM,DC=bibm,DC=net';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'Password-:)';

# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => 
'(objectclass=user)'
$Self->{'AuthModule::LDAP::AlwaysFilter'} = 'uid';

# in case you want to add a suffix to each login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
#    $Self->{'AuthModule::LDAP::UserSuffix'} = '@domain.com';

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
};
############################################

Otrs are not able to authenticate any user... Am I missing something in the 
setup to allow users (customers and agents) to login to our Otrs?

Also, is possible to authenticate ldap and local-database users?

Thanks much!!!!!!!!!!

regards,

Israel.


---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Reply via email to