I am trying to get my otrs server connected to our Microsoft Active Directory Server for Agent and Customer authentication and am having problems.
I have tried about three different methods that I have found through google searches and also the ldap doc on the otrs site and have not had any success.
We are running it on Ubuntu 9.0/Mysql5.1/Apache2
The error I am receiving is:
ERROR: No such file or directory: /usr/share/otrs/Kernel/Config/Files/ZZZAuto.pm
<i>
# This is an example configuration for using an MS AD backend
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'mncodc02.crosstelecom.internal';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=crosstelecom,dc=internal';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group OTRS_Agents to use otrs)
$Self->{'AuthModule::LDAP::GroupDN'} = 'CN=ITDepartment,OU=Security Groups,OU=_Groups,DC=crosstelecom,DC=internal';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
# Bind credentials to log into AD
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=otrs_ldap,OU=Service Accounts,DC=crosstelecom,DC=internal';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'xxxxxxxx';
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
$Self->{'AuthModule::LDAP::AlwaysFilter'} = '';
# in case you want to add a suffix to each login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
#$Self->{'AuthModule::LDAP::UserSuffix'} = '';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
# Now sync data with OTRS DB
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'mncodc02.crosstelecom.internal';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=crosstelecom, dc=internal';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=otrs_ldap,OU=Service Accounts,DC=crosstelecom,DC=internal';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'xxxxxxxx';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
# AuthSyncModule::LDAP::UserSyncInitialGroups
# (sync following group with rw permission after initial create of first agent
# login)
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
'users',
];
</i>
Any help would be greatly appreciated.
Thanks,
Joe
LDAP/Active Directory Problems
Moderator: crythias
-
- Moderator
- Posts: 10169
- Joined: 04 May 2010, 18:38
- Znuny Version: 5.0.x
- Location: SouthWest Florida, USA
- Contact:
Re: LDAP/Active Directory Problems
In Config.pm, $Self->{Home} = path to home directory (although likely this should generally already work)
If you can't find or modify, make certain the directory structure allows for proper permissions for the file.
Even still, your error message is not necessarily indicative of problems in connectivity or retrieval of data (OK, at least not for Agents. My ZZZAuto.pm has something regarding CustomerAuthModule.)
If you can't find or modify, make certain the directory structure allows for proper permissions for the file.
Even still, your error message is not necessarily indicative of problems in connectivity or retrieval of data (OK, at least not for Agents. My ZZZAuto.pm has something regarding CustomerAuthModule.)
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Re: LDAP/Active Directory Problems
First of all, Ubuntu 9.0 does not exist, you'll either be running 9.4 or 9.10.
Second, you seem to run the 'otrs2' package from the Ubuntu repositories, there is a file 'debian.readme' on your system which explains what they did to mess file permissions up and how you can get that back. The problem is probably that the files in the directory /usr/share/otrs/Kernel/Config/Files have too strict file permissions.
Generally I would recommend to do a 'manual' install of OTRS on Ubuntu, as it will give you much greater control on what version you'll be running.
--
Mike.
Second, you seem to run the 'otrs2' package from the Ubuntu repositories, there is a file 'debian.readme' on your system which explains what they did to mess file permissions up and how you can get that back. The problem is probably that the files in the directory /usr/share/otrs/Kernel/Config/Files have too strict file permissions.
Generally I would recommend to do a 'manual' install of OTRS on Ubuntu, as it will give you much greater control on what version you'll be running.
--
Mike.
huntingbears.nl - @michielbeijen on Twitter