[SOLVED] ConnectAD: asking for example

[massimobianchi]

Dear all,
I am trying to setup the connection with ActiveDirectry using ConnectAD, to be able to failover to redundat DCs.

I have already been able to authenticate against local OTRS DB and AD, but I have not a clear picture on how to config the ConnectAD extension.

In the site (https://github.com/rkaldung/ConnectAD) I am not able to grasp the correct syntax.

My Config.pm is:

######################

## Massimo Bianchi per FOM LDAP-----BEGIN-------------- #
## (customer user ldap backend and settings)
# $Self->{CustomerUser3} = {
# Name => 'FOM LDAP Backend',
# Module => 'Kernel::System::CustomerUser::LDAP',
# Params => {
# # ldap host
# Host => '1.2.3.4',
# # ldap base dn
# BaseDN => 'DC=2000server,DC=omm',
# # search scope (one|sub)
# SSCOPE => 'sub',
# # The following is valid but would only be necessary if the
# # anonymous user does NOT have permission to read from the LDAP tree
# UserDN => 'WWWWWWWWWWWWWW',
# UserPw => 'XXXXXXXXXXXXXXXXXXXXXX',
# # in case you want to add always one filter to each ldap query, use
# # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
# AlwaysFilter => '(objectclass=user)',
# # if both your frontend and your LDAP are unicode, use this:
# SourceCharset => 'utf-8',
# DestCharset => 'utf-8',
# # if your frontend is unicode and the charset of your
# # ldap server is iso-8859-1, use these options.
# # SourceCharset => 'iso-8859-1',
# # DestCharset => 'utf-8',
# # die if backend can't work, e. g. can't connect to server
# Die => 0,
# # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
# Params => {
# port => 389,
# timeout => 30,
# async => 0,
# version => 3,
# },
# },
# # customer unique id
# CustomerKey => 'sAMAccountName',
# # customer #
# CustomerID => 'sAMAccountName',
##GOOD CustomerID => 'company',
# CustomerUserListFields => [ 'sAMAccountName','cn', 'mail'],
# CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail','name'],
# CustomerUserSearchPrefix => '',
# CustomerUserSearchSuffix => '*',
# CustomerUserSearchListLimit => 250,
# CustomerUserPostMasterSearchFields => ['mail'],
# CustomerUserNameFields => ['givenname', 'sn'],
# # show now own tickets in customer panel, CompanyTickets
# CustomerUserExcludePrimaryCustomerID => 0,
# # add a ldap filter for valid users (expert setting)
# # CustomerUserValidFilter => '(!(description=gesperrt))',
# # admin can't change customer preferences
# AdminSetPreferences => 0,
# # cache time to live in sec. - cache any ldap queries
# CacheTTL => 0,
# Map => [
# # note: Login, Email and CustomerID needed!
# # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
# [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
# [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
# [ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
# [ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
# [ 'UserCustomerID', 'CustomerID', 'sAMAccountName', 0, 1, 'var', '', 0 ],
# [ 'Matricola', 'Matricola', 'employeeNumber', 1, 0, 'var', '', 0 ],
# [ 'CodiceFiscale', 'CodiceFiscale', 'employeeID', 1, 0, 'var', '', 0 ],
# [ 'CDCCDR', 'CDCCDR', 'department', 1, 0, 'var', '', 0 ],
# [ 'EmailSecondaria', 'EmailSecondaria', 'homePostalAddress', 1, 0, 'var', '', 0 ],
# [ 'Telefono', 'TelefonoFisso', 'telephoneNumber', 1, 0, 'var', '', 0 ],
# [ 'Cellulare', 'Cellulare', 'mobile', 1, 0, 'var', '', 0 ],
# [ 'Tipologia', 'Tipologia', 'company', 1, 0, 'var', '', 0 ],
# [ 'Ubicazione', 'Ubicazione', 'physicalDeliveryOfficeName', 1, 0, 'var', '', 0 ],
# [ 'Note', 'Note', 'info', 1, 0, 'var', '', 0 ],
# ],
# };


# # LDAP authentication
# $Self->{'Customer::AuthModule3'} = 'Kernel::System::CustomerAuth::LDAP';
# $Self->{'Customer::AuthModule::LDAP::Host3'} = '1.2.3.4';
# $Self->{'Customer::AuthModule::LDAP::BaseDN3'} = 'DC=2000server,DC=omm';
# $Self->{'Customer::AuthModule::LDAP::UID3'} = 'sAMAccountName';
# $Self->{'Customer::AuthModule::LDAP::SearchUserDN3'} = 'WWWWWWWWWWW';
# $Self->{'Customer::AuthModule::LDAP::SearchUserPw3'} = 'XXXX';

# Massimo Bianchi per NPO FOM CUSTOMER-END----------- #

######################

If I want to replace LDAP with ConnectAD, what are the substitution to be done ?
Where do I put \myDC and so on ?

Thanks for helping

[crythias]

The examples look pretty clear on the site you gave.

If I want to replace LDAP with ConnectAD, what are the substitution to be done ?

do what you asked. literally. replace. LDAP. with. ConnectAD.

Where do I put \myDC and so on ?

Config.pm

[massimobianchi]

It worked. VI thinking helps

sed s.LDAP.ConnectAD did the trick.

On more question: when I asked "where to place the myDC" variable, has to be read as "in which context of the Config.pm" files ?

Inside or outside "CustomerUser3" section ?

$Self->{CustomerUser3} = {

myDCS=....
??

I don't know the scoping rules of perl and I'm afraid of over-loading something.

Thanks again,
Massimo

[crythias]

It needs to be established before and outside the array, as in the example on the page you sited (at the bottom).