AD LDAP backend conf

smok · Post by **smok** » 29 Mar 2013, 18:51

Hi.
I'm new to this forum, and my English is horrible, so please apologize my mestakes. I want to setup OTRS as a support tool closely related to Active Directory. I've wrote some lines to config.pm according to OTRS documentation found here: http://doc.otrs.org/3.2/en/html/externa ... ckend-ldap and here: http://doc.otrs.org/3.2/en/html/externa ... ckend-ldap.
All the changes I've made are lited below:

Code: Select all

	#------------------------------------------------------#
	#   ActiveDirectory testing.local auth                 #
	#------------------------------------------------------#
	
	
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'localhost';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=testing,dc=local';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=otrs_search,CN=Users,DC=testing,DC=local';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'Password01';

$Self->{'Customer::AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
};


$Self->{AuthModule} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'localhost';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=testing,dc=local';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';

$Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=Administrator,CN=Users,DC=testing,DC=local';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'Password01';

$Self->{'AuthModule::LDAP::Params'} = {
    port    => 389,
    timeout => 120,
    async   => 0,
    version => 3,
    };

$Self->{AuthSyncModule} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'localhost';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=testing,dc=local';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';

$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=Administrator,CN=Users,DC=testing,DC=local';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'Password01';

$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
    UserFirstname => 'givenName',
    UserLastname  => 'sn',
    UserEmail     => 'mail',
    };

$Self->{'AuthSyncModule::LDAP::Params'} = {
    port    => 389,
    timeout => 120,
    async   => 0,
    version => 3,
    };

Unfortunately when agent's auth part is enabled (not commented out

) I cannot logon. When this part is disabled I can logon to the system as local admin but i can't see any of AD users in client list management. And of course I can't logon as a client. What am I doing wrong? Did I miss anything? Is there anything else I have to do to connect to AD?
Thanks for your help
Smok.

*EDIT
I've found that I havent insatlled Net::LDAP. But when I Try to I realized that there is a bigger problem - I cannot install Perl modules. After cpan Net::LDAP i have a message that startup.mk is unavailable. The path is really wrong. The perl compiler is looking for this file in path C:\ Files\OTRS\and so on... insted C:\Program Files\OTRS\and so on.... The white space in folder name is the problem. So I did created the folder that compiler wants, and put files in it - now there is another problem. Compiler cannot include file C (32 line of file startup.mk) (file was copied as well as others to the newly created folder so it is on this same place in relative path). Full error messages available on demand

I haven't play much with perl so I dont know how to fix the problem.
Reali apreciate any help
Smok.

Post by **crythias** » 30 Mar 2013, 00:10

try "ppm" instead of "cpan"

smok · Post by **smok** » 30 Mar 2013, 20:06

Okay. Thanks for help, installing perl-ldap with "ppm" works as a charm. Module is installed. OTRS however still doesn't get clients from AD. I'm geting back to the config stuff. What is wrong?
Thanks
Smok.

Post by **crythias** » 31 Mar 2013, 08:05

smok wrote: OTRS however still doesn't get clients from AD. I'm geting back to the config stuff. What is wrong?

You're doing something that doesn't work. Try something else.

Or, you know, post your Config.pm here so we can be able to tell you what's not working.

smok · Post by **smok** » 31 Mar 2013, 11:01

Okay, here is my complete config.pm file.

Code: Select all

# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2013 xxx, http://otrs.org/
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --
#  Note:
#
#  -->> Most OTRS configuration should be done via the OTRS web interface
#       and the SysConfig. Only for some configuration, such as database
#       credentials and customer data source changes, you should edit this
#       file. For changes do customer data sources you can copy the definitions
#       from Kernel/Config/Defaults.pm and paste them in this file.
#       Config.pm will not be overwritten when updating OTRS.
# --

package Kernel::Config;

use strict;
use warnings;
use utf8;

sub Load {
    my $Self = shift;

    # ---------------------------------------------------- #
    # database settings                                    #
    # ---------------------------------------------------- #

    # The database host
    $Self->{'DatabaseHost'} = 'localhost';

    # The database name
    $Self->{'Database'} = 'otrs';

    # The database user
    $Self->{'DatabaseUser'} = 'otrs';

    # The password of database user. You also can use bin/otrs.CryptPassword.pl
    # for crypted passwords
    $Self->{'DatabasePw'} = 'Password01';

    # The database DSN for MySQL ==> more: "perldoc DBD::mysql"
    $Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";

    # The database DSN for PostgreSQL ==> more: "perldoc DBD::Pg"
    # if you want to use a local socket connection
#    $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
    # if you want to use a TCP/IP connection
#    $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
    # if you have PostgresSQL 8.1 or earlier, activate the legacy driver with this line:
#    $Self->{DatabasePostgresqlBefore82} = 1;

    # The database DSN for Microsoft SQL Server - only supported if OTRS is
    # installed on Windows as well
#    $Self->{DatabaseDSN} = "DBI:ODBC:driver={SQL Server};Database=$Self->{Database};Server=$Self->{DatabaseHost},1433";
#    $Self->{Database::Type} = 'mssql';


    # The database DSN for Oracle ==> more: "perldoc DBD::oracle"
#    $ENV{ORACLE_HOME} = '/u01/app/oracle/product/10.2.0/client_1';
#    $ENV{NLS_DATE_FORMAT} = 'YYYY-MM-DD HH24:MI:SS';
#    $ENV{NLS_LANG} = "american_america.utf8";

#    $Self->{DatabaseDSN} = "DBI:Oracle:sid=OTRS;host=$Self->{DatabaseHost};port=1522;";

    # ---------------------------------------------------- #
    # fs root directory
    # ---------------------------------------------------- #
    $Self->{Home} = 'C:/PROGRA~1/OTRS/OTRS';

    # ---------------------------------------------------- #
    # insert your own config settings "here"               #
    # config settings taken from Kernel/Config/Defaults.pm #
    # ---------------------------------------------------- #
    # $Self->{SessionUseCookie} = 0;
    # $Self->{CheckMXRecord} = 0;

    # ---------------------------------------------------- #

    # ---------------------------------------------------- #
    # data inserted by installer                           #
    # ---------------------------------------------------- #

    $Self->{'LogModule'}          = 'Kernel::System::Log::File';
    $Self->{'LogModule::LogFile'} = 'C:/PROGRA~1/OTRS/OTRS/var/log/otrs.log';
    # $DIBI$
	
	
	
	
	#------------------------------------------------------#
	#   ActiveDirectory domain testing.local auth          #
	#------------------------------------------------------#
	
	
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'localhost';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=testing,dc=local';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=OTRS_Search,CN=Users,DC=testing,DC=local';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'Password01';

$Self->{'Customer::AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
};


# $Self->{AuthModule} = 'Kernel::System::Auth::LDAP';
# $Self->{'AuthModule::LDAP::Host'} = 'localhost';
# $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=testing,dc=local';
# $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';

# $Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=OTRS_Search,CN=Users,DC=testing,DC=local';
# $Self->{'AuthModule::LDAP::SearchUserPw'} = 'Password01';

# $Self->{'AuthModule::LDAP::GroupDN'} = 'CN=OTRS_Agents,CN=Users,DC=testing,DC=local';
# $Self->{'AuthModule::LDAP::AccessAttr'} = 'member';

# $Self->{'AuthModule::LDAP::UserAttr'} = 'DN';



$Self->{'AuthModule::LDAP::Params'} = {
    port    => 389,
    timeout => 120,
    async   => 0,
    version => 3,
    };

$Self->{AuthSyncModule} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'localhost';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=testing,dc=local';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';

$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=OTRS_Search,CN=Users,DC=testing,DC=local';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'Password01';

$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
    UserFirstname => 'givenName',
    UserLastname  => 'sn',
    UserEmail     => 'mail',
    };

$Self->{'AuthSyncModule::LDAP::Params'} = {
    port    => 389,
    timeout => 120,
    async   => 0,
    version => 3,
    };

    # # Die if backend can't work, e. g. can't connect to server.
    # $Self->{'AuthSyncModule::LDAP::Die'} = 1;

    # # Die if backend can't work, e. g. can't connect to server.
    # $Self->{'AuthModule::LDAP::Die'} = 1;

    # ---------------------------------------------------- #
    # ---------------------------------------------------- #
    #                                                      #
    # end of your own config options!!!                    #
    #                                                      #
    # ---------------------------------------------------- #
    # ---------------------------------------------------- #
}

# ---------------------------------------------------- #
# needed system stuff (don't edit this)                #
# ---------------------------------------------------- #
use strict;
use warnings;

use vars qw(@ISA $VERSION);
$VERSION = qw($Revision: 1.30 $)[1];

use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');

# -----------------------------------------------------#

1;

All the changes I've made were quoted in my first post.
Thanks for trying to help me
Smok.
BTW greetings to Florida, where some of my relatives live, and Happy Easter evryone.

Post by **crythias** » 31 Mar 2013, 19:34

No CustomerUser entry that pulls from LDAP. Makes sense. Please read the docs on CustomerUser.

smok · Post by **smok** » 03 Apr 2013, 16:58

Okay. The problem was solved. You were right, I didnt understood clearly the config options. Now this part works fine. Now I'm working on SSO with AD, but it's a diffrent story.
Thank you for help.
Smok.

Znuny Open Source Ticketsystem

AD LDAP backend conf

AD LDAP backend conf

Re: AD LDAP backend conf

Re: AD LDAP backend conf

Re: AD LDAP backend conf

Re: AD LDAP backend conf

Re: AD LDAP backend conf

[SOLVED] Re: AD LDAP backend conf