OTRS with Local (DB) Customers Database but LDAP Authentication,

[williammpi]

Hi,

I'm using OTRS 3.0 here and the customers are registered using Local (DB) Customer database since there are several customized fields.

But I would like to keep the passwords in LDAP database because the Customers are already registered in our AD environment with same usernames.

So in OTRS Customer DB I've left all the passwords blank and would like to authenticate the Customer ID's using our AD server. I've used a another archived's post example but it's not working. Here is my Confip.pm:

$Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host1'} = 'adserver.mydomain.local';
$Self->{'AuthModule::LDAP::BaseDN1'} = 'dc=mydomain,dc=local';
$Self->{'AuthModule::LDAP::UID1'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN1'} = 'ldap'; # user to query LDAP
$Self->{'AuthModule::LDAP::SearchUserPw1'} = 'password';

$Self->{'UserSyncLDAPMap1'} = {
'UserEmail' => 'mail',
'UserFirstname' => 'givenName',
'UserLastname' => 'sn',
'UserLogin' => 'sAMAccountName'
};

$Self->{'UserSyncLDAPMap'};
$Self->{'UserSyncLDAPGroups'};
$Self->{'UserSyncLDAPGroupsDefination'};
$Self->{'UserSyncLDAPRolesDefination'};
$Self->{'UserSyncLDAPAttibuteGroupsDefination'};
$Self->{'UserSyncLDAPAttibuteRolesDefination'};
$Self->{'UserSyncLDAPGroupsDefination'};

Looking at OTRS logs it seems that only DB Auth is being tried. Follow a log example:
[Notice][Kernel::System::CustomerAuth::DB::Auth] CustomerUser: user1 doesn't exist or is invalid!!!

What have I missed here? I've tried also a Full LDAP config with $Self->{CustomerUser} directive but in this case only LDAP is used and all AD users are allowed to login.

Best Regards,

William.

[root]

AuthModule and UserSyncLDAP* are agent related configurations. Check Kernel/Config/Defaults.p for Customer::AuthModule