[SOLVED] Trying to let LDAP customers authenticate.

Moderator: crythias

Locked
JeroenB
Znuny newbie
Posts: 9
Joined: 12 Jul 2013, 17:00
Znuny Version: 3.2.8

[SOLVED] Trying to let LDAP customers authenticate.

Post by JeroenB »

OTRS: 3.3.7

I am trying to enable our LDAP customers to authenticate, my LDAP customers do show up in the "Customer User Management" screen and I have the LDAP Datasource option so I thought it should work.

However, the LDAP customers get a "-" in the VALIDITY column, so I guess im still missing something (all LDAP customers have their email address present in the 'mail' attribute so "CustomerUserValidFilter => '(mail=*)'," should do the trick, right?)

When I try to login using customer LDAP credentials the following message shows up in my log entry:

CustomerUser: No auth record in 'customer_user' for 'email@address.com' (REMOTE_ADDR: ip.address)

Obviously I'm missing something but I just can not find it, here's the relevant part of my Config.pm:

Code: Select all

# CUSTOMER AUTHENTICATION CONFIGURATION
$Self->{CustomerUser1} = {
    Name => 'Customer Database',
    Module => 'Kernel::System::CustomerUser::DB',
    Params => {
    Table => 'customer_user',
    },
    # customer unique id
    CustomerKey => 'login',
    # customer #
    CustomerID => 'customer_id',
    CustomerValid => 'valid_id',
    CustomerUserListFields => ['first_name', 'last_name', 'email'],
    CustomerUserSearchFields => ['login', 'last_name', 'customer_id'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
    CustomerUserSearchListLimit => 250,
    CustomerUserPostMasterSearchFields => ['email'],
    CustomerUserNameFields => ['title','first_name','last_name'],
    CustomerUserEmailUniqCheck => 1,
    Map => [

        # note: Login, Email and CustomerID needed!
        # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly, http-link-target
        [ 'UserTitle',      'Title',      'title',        1, 0, 'var', '', 0 ],
        [ 'UserFirstname',  'Firstname',  'first_name',   1, 1, 'var', '', 0 ],
        [ 'UserLastname',   'Lastname',   'last_name',    1, 1, 'var', '', 0 ],
        [ 'UserLogin',      'Username',   'login',        1, 1, 'var', '', 0 ],
        [ 'UserPassword',   'Password',   'pw',           0, 0, 'var', '', 0 ],
        [ 'UserEmail',      'Email',      'email',        1, 1, 'var', '', 0 ],
        [ 'UserCustomerID', 'CustomerID', 'customer_id',  0, 1, 'var', '', 0 ],
        [ 'UserPhone',      'Phone',      'phone',        1, 0, 'var', '', 0 ],
        [ 'UserFax',        'Fax',        'fax',          1, 0, 'var', '', 0 ],
        [ 'UserMobile',     'Mobile',     'mobile',       1, 0, 'var', '', 0 ],
        [ 'UserStreet',     'Street',     'street',       1, 0, 'var', '', 0 ],
        [ 'UserZip',        'Zip',        'zip',          1, 0, 'var', '', 0 ],
        [ 'UserCity',       'City',       'city',         1, 0, 'var', '', 0 ],
        [ 'UserCountry',    'Country',    'country',      1, 0, 'var', '', 0 ],
        [ 'UserComment',    'Comment',    'comments',     1, 0, 'var', '', 0 ],
        [ 'ValidID',        'Valid',      'valid_id',     0, 1, 'int', '', 0 ],
    ],
    # default selections
    Selections => {
        UserTitle => {
            'Mr.' => 'Mr.',
            'Mrs.' => 'Mrs.',
        },
    },
};

# Customer LDAP config #
$Self->{CustomerUser2} = {
        Name => 'LDAP Datasource',
        Module => 'Kernel::System::CustomerUser::LDAP',
        Params => {
                        Host => 'ip.address',
                        AuthModule => 'Kernel::System::CustomerAuth::LDAP',
                        BaseDN => 'ou=customers,dc=domain,dc=com',
                        SSCOPE => 'sub',
                Params => {
                        port => 389,
                        timeout => 120,
                        async => 0,
                        version => 3,
                },
        },

        CustomerKey => 'uid',
        CustomerID => 'mail',
        CustomerUserListFields => ['sn', 'mail'],
        CustomerUserSearchFields => ['sn', 'mail'],
        CustomerUserPostMasterSearchFields => ['mail'],
        CustomerUserNameFields => ['sn'],
        CustomerUserValidFilter => '(mail=*)',
        CustomerUserExcludePrimaryCustomerID => 0,
        Map => [
           [ 'UserFirstname', 'Firstname', 'sn', 1, 1, 'var' ],
           [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
           [ 'UserLogin', 'Login', 'uid', 1, 1, 'var' ],
           [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
           [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
        ],
};
Thanks in advance!
Last edited by JeroenB on 26 Jun 2014, 09:47, edited 1 time in total.
Top
eandrex
Znuny expert
Posts: 213
Joined: 04 Nov 2012, 23:58
Znuny Version: OTRS 4.x
Real Name: Esteban
Company: NORTON DE COLOMBIA

Re: Trying to let LDAP customers authenticate.

Post by eandrex »

You are missing this:

http://otrs.github.io/doc/manual/admin/ ... h-backends

scroll down to: Example 4.16. Customer user authentication against an LDAP backend
Top
JeroenB
Znuny newbie
Posts: 9
Joined: 12 Jul 2013, 17:00
Znuny Version: 3.2.8

Re: Trying to let LDAP customers authenticate.

Post by JeroenB »

eandrex wrote:You are missing this:

http://otrs.github.io/doc/manual/admin/ ... h-backends

scroll down to: Example 4.16. Customer user authentication against an LDAP backend
Thank you eandrex! you are right: I added this part to my configuration and got it working :D
Top
Locked

Return to “Help”