Hallo ich habe mal die OTRS Virtual Appliance von http://www.vmware.com/vmtn/appliances/directory/591
heruntergeladen und dann folgende Einstallungen vorgenommen:
IP-Adresse: 192.168.2.211
Netmask: 255.255.255.0
Gateway: 192.168.2.1
Dns: 192.168.2.1
nehmen wir dann noch an es gibt einen ADS mit der IP: 192.168.2.191 (fc4.example.de)
dann gibt es noch einen User otrss der im ADS suchen darf dieser hat das passwort otrsspass
meiner Meinung nach müsste dann die config.pm für die Authentifizierung gegeg LDAP ADS so aussehen:
#------------------------------------------------------------------------
# This is an example configuration for an LDAP auth. backend.
#(take care that Net::LDAP is installed!)
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '192.168.2.191';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=example,dc=de';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'uid';
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID';
$Self->{'Customer::AuthModule::LDAP::GroupDN'} = '';
$Self->{'Customer::AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
# ----------------------------------------------------
# customer Auth
# ----------------------------------------------------
$Self->{CustomerUser} = {
Name => 'LDAP Datenquelle',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '192.168.2.191',
BaseDN => 'dc=example,dc=de',
SSCOPE => 'sub',
UserDN => '',
UserPw => '',
AlwaysFilter => '',
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
CustomerKey => 'uid',
CustomerID => 'mail',
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => ['uid', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CustomerUserExcludePrimaryCustomerID => 0,
AdminSetPreferences => 0,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'uid', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
# End example config
#------------------------------------------------------------------------
ist dies absolut korrekt oder wie sieht für obigen Fall die config.pm aus. Was ist zu beachten wenn das OTRS-System auf linux läuft und was ist zu beachten wenn das OTRS System auf windows 2003 server r2 läuft!
Aufruf an Experten für korrekte config.pm zur Auth::LDAP
-
Andre Bauer
- Znuny guru
- Posts: 2189
- Joined: 08 Dec 2005, 17:01
- Znuny Version: 5.0.x
- Real Name: André Bauer
- Company: Magix Software GmbH
- Location: Dresden
- Contact:
@ zrako02
Das nächste mal reicht es, wenn du nur einen Thread dazu aufmachst.
Ich habe den anderen gelöscht.
Das nächste mal reicht es, wenn du nur einen Thread dazu aufmachst.
Ich habe den anderen gelöscht.
Prod: Ubuntu Server 16.04 / Zammad 1.2
DO NOT PM ME WITH OTRS RELATED QUESTIONS! ASK IN THE FORUMS!
OtterHub.org
DO NOT PM ME WITH OTRS RELATED QUESTIONS! ASK IN THE FORUMS!
OtterHub.org
Agenten Auth LDAP
Hallo ich habe folgende config.pm
# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2006 OTRS GmbH, http://otrs.org/
# --
# $Id: Config.pm.dist,v 1.18 2006/09/07 16:15:41 mh Exp $
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (GPL). If you
# did not receive this file, see http://www.gnu.org/licenses/gpl.txt.
# --
# Note:
#
# -->> OTRS does have a lot of config settings. For more settings
# (Notifications, Ticket::ViewAccelerator, Ticket::NumberGenerator,
# LDAP, PostMaster, Session, Preferences, ...) see
# Kernel/Config/Defaults.pm and copy your wanted lines into "this"
# config file. This file will not be changed on update!
#
# --
package Kernel::Config;
sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# Start of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'otrs';
# DatabasePw
# (The password of database user. You also can use bin/CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'hot';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = 'C:/OTRS/otrs';
# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{'CheckMXRecord'} = 1;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #
$Self->{'LogModule'} = 'Kernel::System::Log::File';
$Self->{'LogModule::LogFile'} = 'C:/OTRS/otrs/var/log/otrs.log';
# $DIBI$
$Self->{'SystemID'} = 10;
$Self->{'SecureMode'} = 1;
$Self->{'Organization'} = 'ZDV';
$Self->{'FQDN'} = 'hostname.zdv.meinedomain.de';
$Self->{'DefaultLanguage'} = 'de';
$Self->{'DefaultCharset'} = 'utf-8';
$Self->{'AdminEmail'} = 'admin@meinedomain.de';
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'xxx.x.x.xxx';
$Self->{'AuthModule::LDAP::BaseDN'} = 'OU=Users,DC=meinedomain,DC=de';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'OTRSSearch@meinedomain.de';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'searchpw';
$Self->{'AuthModule::LDAP::AlwaysFilter'} = '';
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
$Self->{UserSyncLDAPMap} = {
Firstname => 'givenName',
Lastname => 'sn',
Email => 'mail',
};
$Self->{UserSyncLDAPGroups} = [
'users'
];
$Self->{DatabaseUserTable} = 'system_user';
$Self->{DatabaseUserTableUserID} = 'id';
$Self->{DatabaseUserTableUserPW} = 'pw';
$Self->{DatabaseUserTableUser} = 'login';
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# End of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
}
# ---------------------------------------------------- #
# needed system stuff (don't edit this) #
# ---------------------------------------------------- #
use strict;
use vars qw(@ISA $VERSION);
use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');
$VERSION = '$Revision: 1.18 $';
$VERSION =~ s/^\$.*:\W(.*)\W.+?$/$1/;
# -----------------------------------------------------#
1;
und erhalte in der log folgende Fehlermeldung:
Fri Nov 24 12:03:55 2006][Error][Kernel::System::Auth::LDAP::Auth][156] Search failed! 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=meinedomain,DC=de'
Was ist hier falsch? otrs.checkmodules liefert folgende Ausgabe:
C:\OTRS\otrs\bin>perl otrs.checkModules
CGI ... ok
Date::Pcalc ... ok
Date::Format ... not installed! (required - use "perl -MCPAN -e shell;"
)
DBI ... ok
DBD::mysql ... ok
Digest::MD5 ... ok
Crypt::PasswdMD5 ... ok
LWP::UserAgent ... ok
IO::Scalar ... ok
IO::Wrap ... ok
MIME::Base64 ... ok
MIME::Tools ... ok
Mail::Internet ... ok
Net::DNS ... ok
Net::POP3 ... ok
Net::LDAP ... ok
Net::SMTP ... ok
Authen::SASL ... ok
GD ... ok
GD::Text ... ok
GD::Graph ... ok
GD::Graph::lines ... ok
GD::Text::Align ... ok
XML::Parser ... ok
PDF::API2 ... ok
Compress::Zlib ... ok
Kann irgendwer mir helfen. Ich möchte die Agenten-Authentifierung mit LDAP gegen ADS durchführen.
Danke
# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2006 OTRS GmbH, http://otrs.org/
# --
# $Id: Config.pm.dist,v 1.18 2006/09/07 16:15:41 mh Exp $
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (GPL). If you
# did not receive this file, see http://www.gnu.org/licenses/gpl.txt.
# --
# Note:
#
# -->> OTRS does have a lot of config settings. For more settings
# (Notifications, Ticket::ViewAccelerator, Ticket::NumberGenerator,
# LDAP, PostMaster, Session, Preferences, ...) see
# Kernel/Config/Defaults.pm and copy your wanted lines into "this"
# config file. This file will not be changed on update!
#
# --
package Kernel::Config;
sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# Start of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'otrs';
# DatabasePw
# (The password of database user. You also can use bin/CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'hot';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = 'C:/OTRS/otrs';
# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{'CheckMXRecord'} = 1;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #
$Self->{'LogModule'} = 'Kernel::System::Log::File';
$Self->{'LogModule::LogFile'} = 'C:/OTRS/otrs/var/log/otrs.log';
# $DIBI$
$Self->{'SystemID'} = 10;
$Self->{'SecureMode'} = 1;
$Self->{'Organization'} = 'ZDV';
$Self->{'FQDN'} = 'hostname.zdv.meinedomain.de';
$Self->{'DefaultLanguage'} = 'de';
$Self->{'DefaultCharset'} = 'utf-8';
$Self->{'AdminEmail'} = 'admin@meinedomain.de';
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'xxx.x.x.xxx';
$Self->{'AuthModule::LDAP::BaseDN'} = 'OU=Users,DC=meinedomain,DC=de';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'OTRSSearch@meinedomain.de';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'searchpw';
$Self->{'AuthModule::LDAP::AlwaysFilter'} = '';
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
$Self->{UserSyncLDAPMap} = {
Firstname => 'givenName',
Lastname => 'sn',
Email => 'mail',
};
$Self->{UserSyncLDAPGroups} = [
'users'
];
$Self->{DatabaseUserTable} = 'system_user';
$Self->{DatabaseUserTableUserID} = 'id';
$Self->{DatabaseUserTableUserPW} = 'pw';
$Self->{DatabaseUserTableUser} = 'login';
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# End of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
}
# ---------------------------------------------------- #
# needed system stuff (don't edit this) #
# ---------------------------------------------------- #
use strict;
use vars qw(@ISA $VERSION);
use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');
$VERSION = '$Revision: 1.18 $';
$VERSION =~ s/^\$.*:\W(.*)\W.+?$/$1/;
# -----------------------------------------------------#
1;
und erhalte in der log folgende Fehlermeldung:
Fri Nov 24 12:03:55 2006][Error][Kernel::System::Auth::LDAP::Auth][156] Search failed! 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=meinedomain,DC=de'
Was ist hier falsch? otrs.checkmodules liefert folgende Ausgabe:
C:\OTRS\otrs\bin>perl otrs.checkModules
CGI ... ok
Date::Pcalc ... ok
Date::Format ... not installed! (required - use "perl -MCPAN -e shell;"
)
DBI ... ok
DBD::mysql ... ok
Digest::MD5 ... ok
Crypt::PasswdMD5 ... ok
LWP::UserAgent ... ok
IO::Scalar ... ok
IO::Wrap ... ok
MIME::Base64 ... ok
MIME::Tools ... ok
Mail::Internet ... ok
Net::DNS ... ok
Net::POP3 ... ok
Net::LDAP ... ok
Net::SMTP ... ok
Authen::SASL ... ok
GD ... ok
GD::Text ... ok
GD::Graph ... ok
GD::Graph::lines ... ok
GD::Text::Align ... ok
XML::Parser ... ok
PDF::API2 ... ok
Compress::Zlib ... ok
Kann irgendwer mir helfen. Ich möchte die Agenten-Authentifierung mit LDAP gegen ADS durchführen.
Danke