Code: Select all
#########################################
# Enable LDAP Authentication Sync for Agent1 #
#########################################
$Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host1'} = 'DOMEN.N-NOVGOROD.corp.local';
$Self->{'AuthModule::LDAP::BaseDN1'} = 'DC=N-NOVGOROD,DC=corp,DC=local';
$Self->{'AuthModule::LDAP::UID1'} = 'sAMAccountName';
###########################################################
###########################################################
$Self->{'AuthModule::LDAP::AccessAttr1'} = 'member';
$Self->{'AuthModule::LDAP::SearchUserDN1'} = 'CN=LDAPUser,CN=Users,DC=N-NOVGOROD,DC=corp,DC=local';
$Self->{'AuthModule::LDAP::SearchUserPw1'} = 'PASS';
###########################################
# Enable Agent Mapping from LDAP to DB1 #
###########################################
$Self->{'AuthSyncModule1'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host1'} = 'N-NOVGOROD.corp.local';
$Self->{'AuthSyncModule::LDAP::BaseDN1'} = 'DC=N-NOVGOROD,DC=corp,DC=local';
$Self->{'AuthSyncModule::LDAP::UID1'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN1'} = 'CN=LDAPUser,CN=Users,DC=N-NOVGOROD,DC=corp,DC=local';
$Self->{'AuthSyncModule::LDAP::SearchUserPw1'} = 'PASS';
$Self->{'AuthSyncModule::LDAP::UserSyncMap1'} = {
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
# $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups1'} = [
# 'users',
# ];
#########################################################################################################
# User this to sync ldap groups to otrs groups
$Self->{'AuthSyncModule::LDAP::AccessAttr1'} = 'member';
# (attribute for type of group content UID/DN for full ldap name)
$Self->{'AuthSyncModule::LDAP::UserAttr1'} = 'uid';
#$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
# 'users',
#];
$Self->{'AuthSyncModule::LDAP::UserSyncGroupsDefinition1'} = {
# ldap group
'CN=LDAP_CO_Users,OU=Доступ к Active Directory (LDAP_CO),OU=.GROUP,OU=NN,DC=N-NOVGOROD,DC=corp,DC=local' => {
# otrs group
'admin' => {
# permission
rw => 1,
move_into => 1,
create => 1,
note => 1,
owner => 1,
priority => 1,
ro => 1,
},
},
};