Integração do Znuny-7.1.6

Locked
mfilhobsb
Znuny newbie
Posts: 4
Joined: 05 Dec 2024, 16:26
Znuny Version: 7.1.3
Real Name: MAURO PEREIRA FILHO
Company: Mauro Pereia filho

Integração do Znuny-7.1.6

Post by mfilhobsb »

Olá, pessoal!
Estou enfrentando um problema específico com a interface de clientes (customer.pl) no Znuny 7.1.3 rodando em Debian 12, com integração ao Active Directory via LDAP.

Ambiente
Znuny 7.1.3 (instalado manualmente em /opt/znuny)

Debian 12

Apache 2.4.62 + mod_perl

MySQL/MariaDB para o backend

Active Directory funcional, com contas testadas via ldapsearch

O que já funciona
A interface de agentes (index.pl) autentica normalmente via LDAP.

A interface de clientes (customer.pl) carrega e permite login de usuários locais do banco (customer_user) se configurada exclusivamente para isso.

Teste com fallback também chegou a funcionar após correções na estrutura do Config.pm.

Resumindo quando eu acesso o index.pl ele autentica os usuarios e os cria no banco mysql.
Quando tendo fazer a altenticação via customer.pl ele autentica os usuarios mas de alguma forma ele nao reconhece o usuario nao banco.
Pergunta?
Alguém já conseguiu fazer funcionar o customer.pl com autenticação via AD + fallback local, de forma estável no Znuny 7.x ou conhece como fazer essa autenticação. vou enviar aqui o meu config.pm
# Copyright (C) 2001-2021 xxx, https://otrs.com/
# Copyright (C) 2021 Znuny GmbH, https://znuny.org/
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (GPL). If you
# did not receive this file, see https://www.gnu.org/licenses/gpl-3.0.txt.
# --
# Note:
#
# -->> Most Znuny configuration should be done via the Znuny web interface
# and the SysConfig. Only for some configuration, such as database
# credentials and customer data source changes, should you edit this
# file. For changes to customer data sources, you can copy the definitions
# from Kernel/Config/Defaults.pm and paste them in this file.
# Config.pm will not be overwritten when updating Znuny.
# --

package Kernel::Config;

use strict;
use warnings;
use utf8;

sub Load {
my $Self = shift;

# ---------------------------------------------------- #
# Database settings #
# ---------------------------------------------------- #
$Self->{'DatabaseHost'} = '127.0.0.1';
$Self->{'Database'} = 'znuny';
$Self->{'DatabaseUser'} = 'znuny';
$Self->{'DatabasePw'} = 'XXXXXX';
$Self->{'DatabaseDSN'} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost}";
$Self->{'Database::ShellOutput'} = 0;

# ---------------------------------------------------- #
# Znuny Home #
# ---------------------------------------------------- #
$Self->{Home} = '/opt/znuny';

# ---------------------------------------------------- #
# Agent Auth via LDAP #
# ---------------------------------------------------- #
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'ldap://setrab.gdfnet.df:389';
$Self->{'AuthModule::LDAP::BaseDN'} = 'DC=setrab,DC=gdfnet,DC=df';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=svc_setrab_otrs,OU=serviço,DC=setrab,DC=gdfnet,DC=df';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'XXXXXX';
$Self->{'AuthModule::LDAP::AlwaysFilter'} = '(&(objectClass=user)(!(objectClass=computer))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))';
$Self->{'AuthModule::LDAP::Params'} = {
timeout => 120,
version => 3,
};
$Self->{'AuthModule::LDAP::Die'} = 1;

# Agent Sync
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'ldap://setrab.gdfnet.df:389';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'DC=setrab,DC=gdfnet,DC=df';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=svc_setrab_otrs,OU=serviço,DC=setrab,DC=gdfnet,DC=df';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'XXXXXX';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [ 'admin' ];
$Self->{'AuthSyncModule::LDAP::UserSyncAdd'} = 1;
$Self->{'Auth::LDAP::AutoCreateUser'} = 1;

# ---------------------------------------------------- #
# Customer Auth via LDAP #
# ---------------------------------------------------- #
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'ldap://setrab.gdfnet.df:389';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=setrab,DC=gdfnet,DC=df';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=svc_setrab_otrs,OU=serviço,DC=setrab,DC=gdfnet,DC=df';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'XXXXXXXX';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(&(objectClass=user)(!(objectClass=computer))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))';
$Self->{'Customer::AuthModule::LDAP::Params'} = {
timeout => 120,
version => 3,
};
$Self->{'Customer::AuthModule::LDAP::Die'} = 1;

# ---------------------------------------------------- #
# CustomerUser Backend via LDAP #
# ---------------------------------------------------- #
$Self->{CustomerUser} = {
Name => 'LDAP Backend',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'ldap://setrab.gdfnet.df:389',
BaseDN => 'DC=setrab,DC=gdfnet,DC=df',
SSCOPE => 'sub',
UserDN => 'CN=svc_setrab_otrs,OU=serviço,DC=setrab,DC=gdfnet,DC=df',
UserPw => 'L4v0r02014',
AlwaysFilter => '(&(objectClass=user)(!(objectClass=computer))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))',
Params => {
timeout => 120,
version => 3,
},
},
CustomerKey => 'sAMAccountName',
CustomerID => 'sAMAccountName',
CustomerUserListFields => ['givenName', 'sn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'givenName', 'sn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenName', 'sn'],
CustomerUserValidFilter => '(!(userAccountControl:1.2.840.113556.1.4.803:=2))',
CacheTTL => 0,
};

$Self->{'CustomerUser::CreateAfterAuth'} = 1;
$Self->{'CustomerUser1'} = $Self->{CustomerUser};

# ---------------------------------------------------- #
# Logging #
# ---------------------------------------------------- #
$Self->{'LogModule'} = 'Kernel::System::Log::File';
$Self->{'LogModule::LogFile'} = '/var/log/znuny/znuny.log';
$Self->{'LogModule::LogLevel'} = 'debug';

return 1;
}

use Kernel::Config::Defaults;
use parent qw(Kernel::Config::Defaults);

1;
Top
shawnbeasley
Znuny Employee
Posts: 147
Joined: 13 Sep 2021, 09:38
Znuny Version: Znuny 6.3.x
Real Name: Shawn Beasley
Company: Znuny

Re: Integração do Znuny-7.1.6

Post by shawnbeasley »

Please do not duplicate posts. Thx.
Top
Locked

Return to “Tutoriais”