adding active directory integration

[jeffman1]

Hello everyone, Im new to otrs and i need to peform a active directory login. I want to store in the local orts database the last few logged on users. Other then that i dont care about other code unless as-needed to perform the above. I would like to know what iam dong wrong. I think i might just have the active directory schema for the user to access active directory wrong. Code is posted below:
Note: picture of the active directory user needed to perform the join with users in active directory is below in the picture. Also, only for customers not for agents i add them manaually.# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2010 xxx, http://otrs.org/
# --
# $Id: Config.pm.dist,v 1.23 2010/01/13 22:25:00 martin Exp $
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --
# Note:
#
# -->> OTRS does have a lot of config settings. For more settings
# (Notifications, Ticket::ViewAccelerator, Ticket::NumberGenerator,
# LDAP, PostMaster, Session, Preferences, ...) see
# Kernel/Config/Defaults.pm and copy your wanted lines into "this"
# config file. This file will not be changed on update!
#
# --

package Kernel::Config;

sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# Start of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #

# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'otrs';
# DatabasePw
# (The password of database user. You also can use bin/otrs.CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'hot';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";

# (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";

# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = 'C:/PROGRA~1/OTRS/OTRS';

# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{CheckMXRecord} = 0;

# ---------------------------------------------------- #

# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #

$Self->{LogModule} = 'Kernel::System::Log::File';
$Self->{LogModule::LogFile} = 'C:/PROGRA~1/OTRS/OTRS/var/log/otrs.log';
# $DIBI$
$Self->{'DefaultCharset'} = 'utf-8';




# --------------------------------------------------- #
# authentication sync settings #
# (enable agent data sync. after succsessful #
# authentication) #
# --------------------------------------------------- #
# This is an example configuration for an apache ($ENV{REMOTE_USER})
# auth. backend. Use it if you want to have a singe login through
# apache http-basic-auth.
# $Self->{AuthModule} = 'Kernel::System::Auth::HTTPBasicAuth';
# In case there is a leading domain in the REMOTE_USER, you can
# replace it by the next config option.
# $Self->{'AuthModule::HTTPBasicAuth::Replace'} = 'example_domain\\';
# In case you need to replace some part of the REMOTE_USER, you can
# use the following RegExp ($1 will be new login).
# $Self->{'AuthModule::HTTPBasicAuth::ReplaceRegExp'} = '^(.+?)@.+?$';
# Note:
# If you use this module, you should use as fallback the following
# config settings if user isn't login through apache ($ENV{REMOTE_USER}).
# $Self->{LoginURL} = 'http://host.example.com/not-authorised-for-otrs.html';
# $Self->{LogoutURL} = 'http://host.example.com/thanks-for-using-otrs.html';

# This is example configuration to auth. agents against a radius server.
# $Self->{'AuthModule'} = 'Kernel::System::Auth::Radius';
# $Self->{'AuthModule::Radius::Host'} = 'radiushost';
# $Self->{'AuthModule::Radius::Password'} = 'radiussecret';

# Die if backend can't work, e. g. can't connect to server.
# $Self->{'AuthModule::Radius::Die'} = 1;

##############################################
# # This is an example configuration for an LDAP auth. backend.
# (take care that Net::LDAP is installed!)
# $Self->{AuthModule1} = 'Kernel::System::Auth::LDAP';
# $Self->{'AuthModule::LDAP::Host'} = 'JEFFERYS-PC';
# $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=garrard, dc=ketsds,dc=net';
# $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';

# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=asdf, CN=staff,CN=000_Garrard Co BOE, DC=garrard, DC=ketsds, DC=net';
$Self->{'AuthModule::LDAP::SearchUserPw'} = '';


#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
host => 'localhost',
BaseDN => 'CN=staff,CN=000_Garrard Co BOE, CN=asdf,DC=garrard,DC=ketsds,DC=net',
SSCOPE => 'sub',
UserDN =>'CN=staff,000_Garrard Co BOE, CN=asdf,DC=garrard,DC=ketsds,DC=net',
UserPw => '',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'company',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'company', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};

# Die if backend can't work, e. g. can't connect to server.
$Self->{'AuthModule::LDAP::Die'} = 1;



# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# End of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
}

# ---------------------------------------------------- #
# needed system stuff (don't edit this) #
# ---------------------------------------------------- #
use strict;
use warnings;

use vars qw(@ISA $VERSION);
$VERSION = qw($Revision: 1.23 $)[1];

use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');

# -----------------------------------------------------#

1;

[crythias]

I don't understand what you want. Active Directory login for only one user?
Use the "multiple backends" feature of OTRS for database and ldap.

[jeffman1]

I want only the customers(staff) to be able to login using their active directory login information and not have to type in new information manaually. They are in a group called staff in active directory.
I could post a picture of the group part but wanted to test out active directory on something before implementing it fully.

If its a built in feature or package to download to make this easier then doing perl code directly please share one. Im trying to modify the perl code right now though.

[jeffman1]

Anyone please help?! Im new and confused as to what to do.

[crythias]

http://doc.otrs.org/3.0/en/html/auth-ba ... h-backends <-- Authentication
http://doc.otrs.org/3.0/en/html/custome ... ckend-ldap <-- customer list

[jeffman1]

im still doing something wrong. Heres the important part of the log file so you can better help me:
Note: new to perl might have to explain what im doing wrong in this code.
[Thu Jul 7 09:47:32 2011][Notice][Kernel::System::Auth::DB::Auth] User: root@localhost authentication ok (REMOTE_ADDR: 127.0.0.1).
[Thu Jul 7 09:47:48 2011][Error][Kernel::System::WebUserAgent::Request][135] Can't get file from http://otrs.org/product.xml?Product=OTRS-3.0.9: 500 Can't connect to otrs.org:80 (connect: timeout)
[Thu Jul 7 09:48:06 2011][Notice][Kernel::System::AuthSession::DB::RemoveSessionID] Removed SessionID 100a35191f94155cf5e0e00dc5344587a9.
[Thu Jul 7 10:05:20 2011][Notice][Kernel::System::Auth::DB::Auth] User: asdf doesn't exist or is invalid!!! (REMOTE_ADDR: 127.0.0.1)
[Thu Jul 7 10:05:20 2011][Error][Kernel::System::User::UserLookup][746] No UserID found for 'asdf'!
[Thu Jul 7 10:05:40 2011][Notice][Kernel::System::Auth::DB::Auth] User: root@locahost doesn't exist or is invalid!!! (REMOTE_ADDR: 127.0.0.1)
[Thu Jul 7 10:05:40 2011][Error][Kernel::System::User::UserLookup][746] No UserID found for 'root@locahost'!
[Thu Jul 7 10:16:58 2011][Error][Kernel::System::Auth::Sync::LDAP::new][44] Need AuthSyncModule::LDAP::Host1 in Kernel/Config.pm
[Thu Jul 7 10:16:58 2011][Notice][Kernel::System::Auth::DB::Auth] User: asdf@garrard.kyschools.us doesn't exist or is invalid!!! (REMOTE_ADDR: 127.0.0.1)
[Thu Jul 7 10:16:58 2011][Error][Kernel::System::User::UserLookup][746] No UserID found for 'asdf@garrard.kyschools.us'!
[Thu Jul 7 10:17:22 2011][Error][Kernel::System::Auth::Sync::LDAP::new][44] Need AuthSyncModule::LDAP::Host1 in Kernel/Config.pm
[Thu Jul 7 10:17:22 2011][Notice][Kernel::System::Auth::DB::Auth] User: asdf doesn't exist or is invalid!!! (REMOTE_ADDR: 127.0.0.1)
[Thu Jul 7 10:17:22 2011][Error][Kernel::System::User::UserLookup][746] No UserID found for 'asdf'!
[Thu Jul 7 10:17:44 2011][Error][Kernel::System::Auth::Sync::LDAP::new][44] Need AuthSyncModule::LDAP::Host1 in Kernel/Config.pm
[Thu Jul 7 10:17:44 2011][Notice][Kernel::System::Auth::DB::Auth] User: jeffery.carlson@garrard.kyschools.us doesn't exist or is invalid!!! (REMOTE_ADDR: 127.0.0.1)
[Thu Jul 7 10:17:44 2011][Error][Kernel::System::User::UserLookup][746] No UserID found for 'jeffery.carlson@garrard.kyschools.us'!
[Thu Jul 7 10:26:03 2011][Error][Kernel::System::Auth::Sync::LDAP::new][44] Need AuthSyncModule::LDAP::Host1 in Kernel/Config.pm
[Thu Jul 7 10:26:14 2011][Notice][Kernel::System::Auth::DB::Auth] User: asdf@garrard.kyschools.us doesn't exist or is invalid!!! (REMOTE_ADDR: 127.0.0.1)
[Thu Jul 7 10:26:14 2011][Error][Kernel::System::User::UserLookup][746] No UserID found for 'asdf@garrard.kyschools.us'!
[Thu Jul 7 10:35:54 2011][Notice][Kernel::System::Auth::DB::Auth] User: asdf@garrard.kyschools.us doesn't exist or is invalid!!! (REMOTE_ADDR: 127.0.0.1)
[Thu Jul 7 10:35:54 2011][Error][Kernel::System::User::UserLookup][746] No UserID found for 'asdf@garrard.kyschools.us'!
[Thu Jul 7 10:44:10 2011][Notice][Kernel::System::Auth::DB::Auth] User: asdf@garrard.kyschools.us doesn't exist or is invalid!!! (REMOTE_ADDR: 127.0.0.1)
[Thu Jul 7 10:44:10 2011][Error][Kernel::System::User::UserLookup][746] No UserID found for 'asdf@garrard.kyschools.us'!

Heres my config.pm code also:
# This is an example configuration for an LDAP auth sync. backend.
# (take care that Net::LDAP is installed!)
# CustomerUser
# (customer ldap backend and settings)
$Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host1'} = 'garrard.ketsds.net';
$Self->{'Customer::AuthModule::LDAP::BaseDN1'} = 'dc=garrard,dc=ketsds, dc=net';
$Self->{'Customer::AuthModule::LDAP::UID1'} = 'uid';


$Self->{CustomerUser} = {
Name => 'LDAP Data Source',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
# ldap host
Host => 'garrard.ketsds.net',
# ldap base dn
BaseDN => 'ou=Staff',
# search scope (one|sub)
SSCOPE => 'sub',
# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the LDAP tree
UserDN => '',
UserPw => '',
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
AlwaysFilter => '',
# if both your frontend and your LDAP are unicode, use this:
SourceCharset => 'utf-8',
DestCharset => 'utf-8',
# if your frontend is unicode and the charset of your
# ldap server is iso-8859-1, use these options.
# SourceCharset => 'iso-8859-1',
# DestCharset => 'utf-8',
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
# customer unique id
CustomerKey => 'uid',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => ['uid', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
# show not own tickets in customer panel, CompanyTickets
CustomerUserExcludePrimaryCustomerID => 0,
# add an ldap filter for valid users (expert setting)
# CustomerUserValidFilter => '(!(description=locked))',
# administrator can't change customer preferences
AdminSetPreferences => 0,
# # cache time to live in sec. - cache any database queries
# CacheTTL => 0,
Map => [
# note: Login, Email and CustomerID are mandatory!
# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
[ 'UserTitle', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'uid', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
# [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};

# in case you want to add a suffix to each customer login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
$Self->{'Customer::AuthModule::LDAP::UserSuffix'} = '@garrard.ketsds.net';

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'Customer::AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};

[jeffman1]

man this is driving me crazy trying to implement this. Anyone with an explaination as to the code because im confused as to how to write it correctly.

[crythias]

if you're going to append 1, you should do it where you use it...
Need AuthSyncModule::LDAP::Host1 in Kernel/Config.pm <-- this is for agent authentication sync. I don't believe it applies to Customers, but in any case, you don't have it configured, but it's referenced because you are using an append of 1.

No UserID found for 'asdf@garrard.kyschools.us'! <-- because you're authenticating with

$Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host1'} = 'garrard.ketsds.net';
$Self->{'Customer::AuthModule::LDAP::BaseDN1'} = 'dc=garrard,dc=ketsds, dc=net';
$Self->{'Customer::AuthModule::LDAP::UID1'} = 'uid';

but you're using
$Self->{CustomerUser} =

Should be CustomerUser1

also way down here:
$Self->{'Customer::AuthModule::LDAP::UserSuffix'} = '@garrard.ketsds.net';

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'Customer::AuthModule::LDAP::Params'} = {

should also have 1 appended if it belongs to the above.

[jeffman1]

will this still work even if i type in my domain controller but nothing else or for the schema or domain settings line what do i need? example, dc=bored, dc=com.

[jeffman1]

Also, For user sycing to database i want them to be synced because iam allowing staff only to be the customers and i dont want to create a username inside the database directly but pull from active directory.

[jeffman1]

this is making me mad what am i doing wrong? its not listing the same in the log file now. Im on windows not linux. Just wanted to tell you.

All the staff are under the "Staff" group in active directory how would i include them into this config.pm file? I figured out its just like the picture above.
Im not getting the overall picture as to how to get this to work. Any help before 4 would help because i leave work at 4 PM my time(EST).

Active directory is not working for me. I will post the new code i was trying that acted like it was going to login then errored out and didnt do anything:
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '10.97.25.13';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=garrard,DC=ketsds,DC=net';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=asdf,OU=000_Garrard Co BOE,OU=Staff,DC=garrard,DC=ketsds,DC=net';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '3ranger';


$Self->{CustomerUser} = {
Name => 'GARRARD',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '10.97.25.13',
BaseDN => 'DC=garrard,DC=ketsds,DC=net',
SSCOPE => 'sub',
AlwaysFilter => '(&(sAMAccountName=*)(mail=*))',
UserDN => 'CN=asdf,OU=000_Garrard Co BOE,OU=Staff,DC=garrard,DC=ketsds,DC=net',
UserPw => '3ranger',
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
],
};
# UserSyncLDAPMap
# (map if agent should create/synced from LDAP to DB after login)
$Self->{UserSyncLDAPMap} = {
# DB -> LDAP
Firstname => 'givenName',
Lastname => 'sn',
Email => 'mail',
};

# UserSyncLDAPGroups
# (If "LDAP" was selected for AuthModule, you can specify
# initial user groups for first login.)
# $Self->{UserSyncLDAPGroups} = [
# 'Users',
# ];

This is the error i get by using the code above:
Oops! An Error occurred.
Error Message: Access denied for user 'otrs'@'localhost' (using password: YES)
Please contact your administrator.

<![CDATA[
Message:
Access denied for user 'otrs'@'localhost' (using password: YES)

Comment:
Please contact your administrator

Traceback:
ERROR: OTRS-CGI-10 Perl: 5.12.3 OS: MSWin32 Time: Thu Jul 7 14:48:06 2011

Message: Access denied for user 'otrs'@'localhost' (using password: YES)

Traceback (3732):
Module: Kernel::System::DB::new (v1.127) Line: 181
Module: Kernel::System::Web::InterfaceAgent::Run (v1.58.2.1) Line: 140
Module: ModPerl::ROOT::ModPerl::Registry::C_3a_Program_20Files_OTRS_OTRS_bin_cgi_2dbin_index_2epl::handler (unknown version) Line: 49
Module: (eval) (v1.89.2.1) Line: 204
Module: ModPerl::RegistryCooker::run (v1.89.2.1) Line: 204
Module: ModPerl::RegistryCooker::default_handler (v1.89.2.1) Line: 170
Module: ModPerl::Registry::handler (v1.99) Line: 31

"
]]>
You canSend a bugreport or go back to the previous page.

Error Details:Error Details
Backend ERROR: OTRS-CGI-10 Perl: 5.12.3 OS: MSWin32 Time: Thu Jul 7 14:48:06 2011 Message: Access denied for user 'otrs'@'localhost' (using password: YES) Traceback (3732): Module: Kernel::System::DB::new (v1.127) Line: 181 Module: Kernel::System::Web::InterfaceAgent::Run (v1.58.2.1) Line: 140 Module: ModPerl::ROOT::ModPerl::Registry::C_3a_Program_20Files_OTRS_OTRS_bin_cgi_2dbin_index_2epl::handler (unknown version) Line: 49 Module: (eval) (v1.89.2.1) Line: 204 Module: ModPerl::RegistryCooker::run (v1.89.2.1) Line: 204 Module: ModPerl::RegistryCooker::default_handler (v1.89.2.1) Line: 170 Module: ModPerl::Registry::handler (v1.99) Line: 31

[jeffman1]

I know the ad schema or FQDN is right i just cant get it to work. I know i installed Net::LDAP. recommend Net::LDAP be installed on all future builds so coding is the only task to do.

[jeffman1]

Its not authicating correctly. Am I doing something wrong? I think its a problem with the code not the schema or active directory access bits. Above the code has not changed but Im on windows and normal authication works. Im just trying to set up active directory authication now for customer backend. I would really like some help as implementing this in a big environment and would like it solved before school starts. (Yes Im a tech guy at a school installinf for whole district).

[crythias]

The error message re otrs@localhost is specific to authenticating to your database. It doesn't appear that has anything to do with customer authentication, but rather whether or not it can talk to the database.

[jeffman1]

I cant get the active directory part to work. Can you post steps overall as to what to do? Please help me the docs dont explain anything and im at a loss as to how to do things. If i spend more then a month on it i will have to pay for a payed product. I cant spend months figuring out how to code please someone who knows this system intemently post your knowledge.

[jeffman1]

active directory integration is essestial at my work place so if i cant integrate it i have to find a paid version or use something else.

[jojo]

There are loads of posts showing how to connect LDAP/AD to OTRS. Your error message was not a LDAP one, but because of a wrong database password!

You should also read the documentation (doc.otrs.org) and the wiki (wiki.otrs.org)

You can get professional (paid) support at OTRS Inc.

[jeffman1]

I knew that. your telling me what i already knew when the last person made his post.