Importing Customer Users

[terrenceross]

My config.pm imports customer users from active directory automatically but it propagates with a list of every user and group within active directory and it looks cluttered and cumbersome. I'd like just to import users only, and no groups. Preferably from a specific OU such as FINANCE. In my organization it would look like 'ou=finance,dc=mydomain,dc=co,dc=uk'.

Here is what my sanitized config.pm looks like for customer synchronization. Any help appreciated.

Code: Select all

# CUSTOMERS
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'mydomain.co.uk';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=mydomain,dc=co,dc=uk';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
	
# Only necessary if the user does not have permission to read from LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=otrs search,OU=SA,OU=Resources,DC=mydomain,DC=co,DC=uk';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'passwordgoeshere';
	
# CustomerUser
# (customer user database backend and settings)
    $Self->{CustomerUser} = {
       Module => 'Kernel::System::CustomerUser::LDAP',
       Params => {
          Host => 'mydomain.co.uk',
          BaseDN => 'DC=mydomain,DC=co,DC=uk',
          SSCOPE => 'sub',
          UserDN =>'otrs@mydomain.co.uk',
          UserPw => 'passwordgoeshere',
       },
 
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
       Map => [
          # note: Login, Email and CustomerID needed!
          # var, frontend, storage, shown, required, storage-type
          #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
          [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
          [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
          [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
          [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
          [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
          [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
          #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
          #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
       ],
    };

[crythias]

Being a bit picky on nomenclature: Customers don't sync. They are on-demand searched from the backend(s).

You may choose a BaseDN of a specific OU but know that excludes siblings.
You may also employ an LDAP filter.
viewtopic.php?t=16543

[terrenceross]

Thank you for the advice. I added a BaseDN to specify the OU in which I wanted to grab the clients name from then I also filtered by (objectclass=user). The code is as follows:

$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'mydomain.co.uk',
BaseDN => 'OU=Finance,DC=mydomain,DC=co,DC=uk',
SSCOPE => 'sub',
AlwaysFilter => '(objectclass=user)',
UserDN =>'otrs@mydomain.co.uk',
UserPw => 'passwordgoeshere',
},