da ich irgendwann mal den Znuny Server übernehmen soll und noch totaler Anfänger bin, habe ich versucht mir einen Server selber aufzusetzen
Znuny:6.5.3 (und mit 6.0.48 getestet)
Debian 5.10
Ich habe die Grundinstallation abgeschlossen und kann mich mit root@localhost auf "http://IP-Adresse/otrs/index.pl" anmelden.
Mail Konfiguration habe ich erstmal übersprungen.
Jetzt habe ich einen Testuser eingerichtet und dem Adminrechte verpasst. Mit diesem kann ich mich jedoch nicht im customer.pl anmelden...
Zudem kommt mein eigentliches Problem...
Ich habe versucht eine LDAP-Anbindung durchzuführen, damit mehrere hundert User im customer.pl sich an dem System anmelden können, ohne dass ich die Accounts selber erstellen muss.
Normal müsste ich doch nur vom funktionierenden Server die /opt/otrs/Kernel/Config.pm kopieren und bei mir einfügen bzw. folgenden Inhalt:
Code: Select all
# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2015 xxx, http://otrs.com/
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --
# Note:
#
# -->> Most OTRS configuration should be done via the OTRS web interface
# and the SysConfig. Only for some configuration, such as database
# credentials and customer data source changes, you should edit this
# file. For changes do customer data sources you can copy the definitions
# from Kernel/Config/Defaults.pm and paste them in this file.
# Config.pm will not be overwritten when updating OTRS.
# --
package Kernel::Config;
use strict;
use warnings;
use utf8;
sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# The database host
$Self->{'DatabaseHost'} = '127.0.0.1';
# The database name
$Self->{'Database'} = "otrsdb";
# The database user
$Self->{'DatabaseUser'} = "otrs";
# The password of database user. You also can use bin/otrs.CryptPassword.pl
# for crypted passwords
$Self->{'DatabasePw'} = 'Passwort';
# The database DSN for MySQL ==> more: "perldoc DBD::mysql"
$Self->{'DatabaseDSN'} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost}";
# The database DSN for PostgreSQL ==> more: "perldoc DBD::Pg"
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a TCP/IP connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# The database DSN for Microsoft SQL Server - only supported if OTRS is
# installed on Windows as well
# $Self->{DatabaseDSN} = "DBI:ODBC:driver={SQL Server};Database=$Self->{Database};Server=$Self->{DatabaseHost},1433";
# The database DSN for Oracle ==> more: "perldoc DBD::oracle"
# $Self->{DatabaseDSN} = "DBI:Oracle://$Self->{DatabaseHost}:1521/$Self->{Database}";
#
# $ENV{ORACLE_HOME} = '/path/to/your/oracle';
# $ENV{NLS_DATE_FORMAT} = 'YYYY-MM-DD HH24:MI:SS';
# $ENV{NLS_LANG} = 'AMERICAN_AMERICA.AL32UTF8';
# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = '/opt/otrs';
# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{CheckMXRecord} = 0;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #
# $DIBI$
# CustomerUser
# (customer ldap backend and settings)
$Self->{CustomerUser} = {
Name => 'LDAP Datenbank',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
# ldap host
Host => 'ldaps://xxxxx.de',
# ldap base dn
BaseDN => 'o=xxxx',
# search scope (one|sub)
SSCOPE => 'sub',
sizelimit => 0,
# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the LDAP tree
UserDN => 'cn=xxxxx,ou=xxx,o=xxxxx',
UserPw => 'xxxxxx',
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
AlwaysFilter => '',
# if both your frontend and your LDAP are unicode, use this:
SourceCharset => 'utf-8',
DestCharset => 'utf-8',
# if your frontend is unicode and the charset of your
# ldap server is iso-8859-1, use these options.
# SourceCharset => 'iso-8859-1',
# DestCharset => 'utf-8',
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
Params => {
port => 636,
timeout => 600,
async => 0,
version => 3,
},
},
# customer unique id
CustomerKey => 'cn',
# customer #
CustomerID => 'cn',
CustomerUserListFields => ['givenname', 'sn', 'mail'],
CustomerUserSearchFields => ['uid', 'cn', 'mail', 'givenname', 'sn', 'xxxxmailPreferredAddress'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 150000,
CustomerUserPostMasterSearchFields => ['xxxxmailPreferredAddress', 'mail', 'cn', 'sn'],
CustomerUserNameFields => ['givenname', 'sn'],
# show not own tickets in customer panel, CompanyTickets
CustomerUserExcludePrimaryCustomerID => 0,
# add an ldap filter for valid users (expert setting)
# CustomerUserValidFilter => '(!(description=locked))',
# administrator can't change customer preferences
AdminSetPreferences => 0,
# # cache time to live in sec. - cache any database queries
# CacheTTL => 0,
Map => [
# note: Login, Email and CustomerID are mandatory!
# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'cn', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'xxxxmailPreferredAddress', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'cn', 0, 1, 'var', '', 0 ],
# [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
# [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
# [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
# [ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# end of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
}
Wenn ich mich nun mit dem ldap Benutzer anmelden möchte, taucht die Meldung: "Anmeldung fehlgeschlagen! Benutzername oder Passwort wurden falsch eingegeben."
- Dachte, ich schau mal in der /var/log/syslog, aber da wird kein Eintrag gefunden.
- Mit nmap "ldap-Server" sind ldap und ldapssl "STATE: Open"
- Server neustart hat auch nichts gebracht
Muss ich noch irgendwo Einstellungen ändern?
Habe ich eine Verbindung zum LDAP-Server?
edit:
In der Config.pm steht ja Module => 'Kernel::System::CustomerUser::LDAP. Wenn ich im Frontend in der Systemkonfiguration
"Customer::AuthModule" eingebe, steht der Eintrag drin: "Kernel::System::CustomerAuth::DB"
Ändere ich den Eintrag manuell und trage alle LDAP Daten im Frontend ein, dann funktionierts. Woran liegts? Greift die Config.pm überhaupt?
Er scheint keine Einstellungen im Frontend abzuändern. WIe gesagt, es gibt eine bestehende erfolgrieche Konfig von einem anderen Server.
Welche Dateien müssen noch angepasst werden?