OTRS doesn't work normally with configurations of LDAP

Moderator: crythias

Locked
ioviedo
Znuny newbie
Posts: 63
Joined: 22 Jan 2013, 19:26
Znuny Version: 3.1.12
Real Name: Iván Oviedo
Company: ESPOl

OTRS doesn't work normally with configurations of LDAP

Post by ioviedo »

Hi everyone i have a trouble, when i put the follow in the Config.pm file to comunicate LDAP with OTRS, some of things of OTRS doesn't work for example i can´t login in "localhost/otrs/index.pl" with user "root". Other trouble is: The event notifications doesn't work, for example i created an event to send notifications to user when their tickets are received for otrs but never received anything. When i erase this configurations all in ots work.
The configurations is the follow. Can you say me what is wrong?


# This is an example configuration for an LDAP auth. backend.
# (take care that Net::LDAP is installed!)
$Self->{AuthModule} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'xxx.xxx.xxx.xxx:389';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=dominio,dc=com';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=user_buscador,ou=Users,dc=dominio,dc=com';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'password_user_buscador';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};

# --------------------------------------------------- #
# authentication sync settings #
# (enable agent data sync. after succsessful #
# authentication) #
# --------------------------------------------------- #
# This is an example configuration for an LDAP auth sync. backend.
# (take care that Net::LDAP is installed!)
$Self->{AuthSyncModule} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = xxx.xxx.xxx.xxx';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=dominio,dc=com';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'cn=user_buscador,ou=Users,dc=dominio,dc=com';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'password_user_buscador';
# AuthSyncModule::LDAP::UserSyncMap
# (map if agent should create/synced from LDAP to DB after successful login)
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthSyncModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};

# Die if backend can't work, e. g. can't connect to server.
$Self->{'AuthSyncModule::LDAP::Die'} = 1;


#----------------------------------------------------------------------#
# This is an example configuration for an LDAP auth. backend.
# (take care that Net::LDAP is installed!)
$Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host1'} = 'xxx.xxx.xxx.xxx:389';
$Self->{'Customer::AuthModule::LDAP::BaseDN1'} = 'dc=dominio,dc=com';
$Self->{'Customer::AuthModule::LDAP::UID1'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN1'} = 'cn=user_buscador,ou=Users,dc=dominio,dc=com';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw1'} = 'password_user_buscador';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'Customer::AuthModule::LDAP::Params1'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};


# --------------------------------------------------- #
# Start of config options!!! #
# CustomerUser stuff #
# --------------------------------------------------- #



# CustomerUserLDAP
# (customer user ldap backend and settings)
$Self->{CustomerUser1} = {
Name => 'LDAP Backend',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
# ldap host
Host => 'xxx.xxx.xxx.xxx:389',
# ldap base dn
BaseDN => 'dc=dominio,dc=com',
# search scope (one|sub)
SSCOPE => 'sub',
UserDN => 'cn=user_buscador,ou=Users,dc=dominio,dc=com',
UserPw => 'password_user_buscador',
AlwaysFilter => '(mail=*)'

},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer 'sAMAccountName', 'cn',
CustomerID => 'description',
CustomerUserListFields => ['sAMAccountName','sn','mail'],
CustomerUserSearchFields => ['mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 100000,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
[ 'UserTitle', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserPassword', 'Password', 'pw', 0, 0, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'description', 0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'employeeid', 1, 0, 'var', '', 0 ],
# [ 'ValidID', 'Valid', 'valid_id', 0, 1, 'int','', 0 ],
],

# default selections
Selections => {
UserTitle => {
'Mr.' => 'Mr.',
'Mrs.' => 'Mrs.',
},
},
};
Top
stevo300
Znuny newbie
Posts: 10
Joined: 01 May 2013, 12:55
Znuny Version: 3.2.6
Real Name: Steve

Re: OTRS doesn't work normally with configurations of LDAP

Post by stevo300 »

I have just implemented LDAP with OTRS, I would suggest putting a 1 after all the agent lines (not sync) to make that the second log on protocol (after database which is where the root is stored)

Code: Select all

# This is an example configuration for an LDAP auth. backend.
# (take care that Net::LDAP is installed!)
$Self->{AuthModule1} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host1'} = 'xxx.xxx.xxx.xxx:389';
$Self->{'AuthModule::LDAP::BaseDN1'} = 'dc=dominio,dc=com';
$Self->{'AuthModule::LDAP::UID1'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN1'} = 'cn=user_buscador,ou=Users,dc=dominio,dc=com';
$Self->{'AuthModule::LDAP::SearchUserPw1'} = 'password_user_buscador';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params1'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
OTRS 3.2.6
Windows Server 2012
MYSQL
Top
wurzel
Znuny guru
Posts: 3274
Joined: 08 Jul 2010, 22:25
Znuny Version: x.x.x
Real Name: Florian

Re: OTRS doesn't work normally with configurations of LDAP

Post by wurzel »

Hi,

I think, you have to enable local backend, too. For customer info and authentification.

With your settings, you disable local backend, and enable ldap.

In Defaults.pm you'll find your settings for "this is for local backend" or something ;)

Flo
OTRS 2025 SILVER (Prod)
OTRS 2025 auf Debian 12 (Test)
Znuny 7.x latest version testing auf Debian 12

-- Ich beantworte keine Forums-Fragen PN - No PN please

I won't answer to unfriendly users any more. A greeting and regards are just polite.
Top
KlausNehrer
Znuny ninja
Posts: 1312
Joined: 25 May 2012, 08:51
Znuny Version: OTRS 4
Real Name: Klaus Nehrer

Re: OTRS doesn't work normally with configurations of LDAP

Post by KlausNehrer »

ioviedo wrote:... some of things of OTRS doesn't work for example i can´t login in "localhost/otrs/index.pl" with user "root".
Deactivate LDAP, add an new user like in your AD as admin in OTRS and activate LDAP again.
ioviedo wrote:... Other trouble is: The event notifications doesn't work, for example i created an event to send notifications to user when their tickets are received for otrs but never received anything. When i erase this configurations all in ots work.
Check the log files.
Top
Locked

Return to “Help”