Estimados amigos, estoy intentando instalar Otrs 3.3.3 y Gracias a Dios configure el LDAP para los clientes, pero tengo el problema que no puedo configurarlo para los agentes, me pueden apoyar, les envio mi Config.pm
$Self->{CustomerUser} = {
Name => 'LDAP Data Source',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
# ldap host
Host => '172.17.25.9',
# ldap base dn
BaseDN => 'dc=minfin, dc=di,dc=gobierno',
# search scope (one|sub)
SSCOPE => 'sub',
# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the LDAP tree
UserDN => 'cn=OTRS,ou=Especializados TI,ou=TI,ou=DTI,ou=xxxxxxx,dc=xxxxxx,dc=xxxxx,dc=xxxxxxx’,
UserPw => ‘xxxxxxxxxx’,
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
AlwaysFilter => '',
# if both your frontend and your LDAP are unicode, use this:
SourceCharset => 'utf-8',
DestCharset => 'utf-8',
# if your frontend is unicode and the charset of your
# ldap server is iso-8859-1, use these options.
# SourceCharset => 'iso-8859-1',
# DestCharset => 'utf-8',
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName','cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
# show not own tickets in customer panel, CompanyTickets
# CustomerUserExcludePrimaryCustomerID => 0,
# add an ldap filter for valid users (expert setting)
# CustomerUserValidFilter => '(!(description=locked))',
# administrator can't change customer preferences
AdminSetPreferences => 0,
# # cache time to live in sec. - cache any database queries
# CacheTTL => 60*60,
Map => [
# note: Login, Email and CustomerID are mandatory!
# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
# [ 'UserTitle', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
# [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
# [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
# [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
# [ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
## fin de la autenticacion de clientes
# inicio de autenticacion Agentes y sincronizacion?
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
$Self->{AuthModule} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthModule::LDAP::Host'} = '172.17.25.9';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=minfin, dc=di,dc=gobierno';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=OTRS,ou=Especializados TI,ou=TI,ou=DTI,ou=xxxxxxx,dc=xxxxxx,dc=xxxxx,dc=xxxxxxx’
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'xxxxxxxxxx';
##fin de autenticacion de Agentes y sincronizacion
El error ocuerre cuando quiero ingresar un usuario de AD como Agente
(RESUELTO) problema con el LDAP y mis Agentes
-
genesis2005
- Znuny newbie
- Posts: 22
- Joined: 06 Dec 2013, 20:10
- Znuny Version: 5.0.8
- Real Name: Edwin
- Company: FINANZAS
(RESUELTO) problema con el LDAP y mis Agentes
Last edited by genesis2005 on 04 Mar 2014, 19:30, edited 1 time in total.
Re: problema con el LDAP y mis Agentes
Te adjunto la configuración que tengo en este momento, espero y te sirva
odvio que debes cambiar uno que otro parametro 
Code: Select all
# ----------------------------------- #
# Configuracion para agentes. #
# ------------------------------------ #
# (take care that Net::LDAP is installed!)
$Self->{AuthModule1} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host1'} = 'dominio.cl';
$Self->{'AuthModule::LDAP::BaseDN1'} = 'dc=dominio,dc=cl';
$Self->{'AuthModule::LDAP::UID1'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN1'} = 'CN=cuenta,OU=Cuentas de Servicio,DC=dominio,DC=cl';
$Self->{'AuthModule::LDAP::SearchUserPw1'} = 'miclave';
# Configuracion para atuenticar por grupo
$Self->{'AuthModule::LDAP::GroupDN1'} = 'CN=OTRS_Agentes,OU=Grupos de Seguridad,DC=dominio,DC=cl';
$Self->{'AuthModule::LDAP::AccessAttr1'} = 'member';
$Self->{'AuthModule::LDAP::UserAttr1'} = 'DN';
$Self->{'AuthModule::LDAP::AlwaysFilter1'} = '(objectclass=user)';
$Self->{'AuthModule::LDAP::Die'} = 1;
# --------------------------------------------------- #
# Configuracion de sincronizacion #
# --------------------------------------------------- #
$Self->{AuthSyncModule1} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host1'} = 'dominio.cl';
$Self->{'AuthSyncModule::LDAP::BaseDN1'} = 'dc=dominio,dc=cl';
$Self->{'AuthSyncModule::LDAP::UID1'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN1'} = 'CN=cuenta,OU=Cuentas de Servicio,DC=dominio,DC=cl';
$Self->{'AuthSyncModule::LDAP::SearchUserPw1'} = 'miclave';
$Self->{'AuthSyncModule::LDAP::AlwaysFilter1'} = '(objectclass=user)';
$Self->{'AuthSyncModule::LDAP::UserSyncMap1'} = {
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
# Die if backend can't work, e. g. can't connect to server.
$Self->{'AuthModule::LDAP::Die'} = 1;OTRS Version 3.3.3
Extensions ITSM, FAQ, SURVEY
Plataform Windows 2008 Server Std R2 + IIS 7.5 + ActivePerl + MSSQL 2008
Extensions ITSM, FAQ, SURVEY
Plataform Windows 2008 Server Std R2 + IIS 7.5 + ActivePerl + MSSQL 2008
-
genesis2005
- Znuny newbie
- Posts: 22
- Joined: 06 Dec 2013, 20:10
- Znuny Version: 5.0.8
- Real Name: Edwin
- Company: FINANZAS
Re: problema con el LDAP y mis Agentes
Estimado Amigo seguí tus consejos y modifique lo que tenia que modificar 
y todo salió mas que perfecto, muchas gracias, ahora me toca configurar el correo. UN MILLON DE GRACIAS
y todo salió mas que perfecto, muchas gracias, ahora me toca configurar el correo. UN MILLON DE GRACIASRe: problema con el LDAP y mis Agentes
genesis2005 wrote:Estimado Amigo seguí tus consejos y modifique lo que tenia que modificar
OK, Me alegro favor coloca en el titulo que fue [solucionado]
OTRS Version 3.3.3
Extensions ITSM, FAQ, SURVEY
Plataform Windows 2008 Server Std R2 + IIS 7.5 + ActivePerl + MSSQL 2008
Extensions ITSM, FAQ, SURVEY
Plataform Windows 2008 Server Std R2 + IIS 7.5 + ActivePerl + MSSQL 2008
Re: (RESUELTO) problema con el LDAP y mis Agentes
Hola...
Tratando de conectar el OTRS con el AD no deja de salirme este error:
[Thu Apr 3 16:01:27 2014][Error][Kernel::System::User::UserLookup][834] No UserID found for 'seesqu'!
[Thu Apr 3 16:02:39 2014][Error][Kernel::System::Auth::LDAP::Auth][182] First bind failed! Bad file descriptor
Adjunto mi configuracion para ver si alguien me puede ayudar.
# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2013 xxx, http://otrs.org/
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for lxxxxnse information (AGPL). If you
# did not receive this file, see http://www.gnu.org/lxxxxnses/agpl.txt.
# --
# Note:
#
# -->> Most OTRS configuration should be done via the OTRS web interface
# and the SysConfig. Only for some configuration, such as database
# credentials and customer data source changes, you should edit this
# file. For changes do customer data sources you can copy the definitions
# from Kernel/Config/Defaults.pm and paste them in this file.
# Config.pm will not be overwritten when updating OTRS.
# --
package Kernel::Config;
use strict;
use warnings;
# use utf8;
sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# The database host
$Self->{'DatabaseHost'} = 'xxxxxx';
# The database name
$Self->{'Database'} = "otrs";
# The database user
$Self->{'DatabaseUser'} = "otrs";
# The password of database user. You also can use bin/otrs.CryptPassword.pl
# for crypted passwords
$Self->{'DatabasePw'} = 'xxxxxx';
# The database DSN for MySQL ==> more: "perldoc DBD::mysql"
$Self->{'DatabaseDSN'} = "DBI:ODBC:driver={SQL Server};Database=$Self->{Database};Server=$Self->{DatabaseHost}";
# The database DSN for PostgreSQL ==> more: "perldoc DBD::Pg"
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a TCP/IP connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# if you have PostgresSQL 8.1 or earlier, activate the legacy driver with this line:
# $Self->{DatabasePostgresqlBefore82} = 1;
# The database DSN for Microsoft SQL Server - only supported if OTRS is
# installed on Windows as well
# $Self->{DatabaseDSN} = "DBI:ODBC:driver={SQL Server};Database=$Self->{Database};Server=$Self->{DatabaseHost},1433";
# The database DSN for Oracle ==> more: "perldoc DBD::oracle"
# $ENV{ORACLE_HOME} = '/u01/app/oracle/product/10.2.0/client_1';
# $ENV{NLS_DATE_FORMAT} = 'YYYY-MM-DD HH24:MI:SS';
# $ENV{NLS_LANG} = "american_america.utf8";
# $Self->{DatabaseDSN} = "DBI:Oracle:sid=OTRS;host=$Self->{DatabaseHost};port=1522;";
# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = 'C:/otrs/OTRS';
# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{CheckMXRecord} = 0;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #
$Self->{'LogModule'} = 'Kernel::System::Log::File';
$Self->{'LogModule::LogFile'} = 'C:/otrs/OTRS/var/log/otrs.log';
# $DIBI$
# This is an example configuration for an LDAP auth. backend.
# (Make sure Net::LDAP is installed!)
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'ldap.dc.com';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=xxxx,dc=xxxx';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::GroupDN'} = 'CN=otrs_soporte,OU=OTRS,OU=Servicios,OU=Grupos de Usuarios,OU=Grupos,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'Member';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=OTRS,OU=PHD-TIC,OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'xxxxxx';
# UserSyncLDAPMap
# (map if agent should create/synced from LDAP to DB after login)
$Self->{UserSyncLDAPMap} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
# UserSyncLDAPGroups
# (If "LDAP" was selected for AuthModule, you can specify
# initial user groups for first login.)
$Self->{UserSyncLDAPGroups} = [
'users',
];
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
# Now sync data with OTRS DB
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'ldap.dc.com';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=xxxx, dc=xxxxx';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=OTRS,OU=PHD-TIC,OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'xxxxxx';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
'users',
];
$Self->{'AuthSyncModule::LDAP::Die'} = 1;
$Self->{'AuthModule::LDAP::Die'} = 1;
#Enable LDAP authentication for Customers / Users
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'ldap.dc.com';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=xxxx, dc=xxxxx';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'CN=otrs_clientes,OU=OTRS,OU=Servicios,OU=Grupos de Usuarios,OU=Grupos,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=OTRS,OU=PHD-TIC,OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'xxxxxx';
$Self->{'Customer::AuthSyncModule::LDAP::Host'} = 'ldap.dc.com';
$Self->{'Customer::AuthSyncModule::LDAP::BaseDN'} = 'dc=xxxx, dc=xxxxx';
$Self->{'Customer::AuthSyncModule::LDAP::UID'} = 'uid';
$Self->{'Customer::AuthSyncModule::LDAP::SearchUserDN'} = 'CN=OTRS,OU=PHD-TIC,OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'Customer::AuthSyncModule::LDAP::SearchUserPw'} = 'xxxxxx';
$Self->{'Customer::AuthSyncModule::LDAP::UserSyncMap'} = {UserFirstname => 'givenName', UserLastname => 'sn',UserEmail => 'mail', };
$Self->{'Customer::AuthSyncModule::LDAP::UserSyncInitialGroups'} = ['customers',];
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Name => 'PHED-LDAP',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'ldap.dc.com',
BaseDN => 'OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx',
SSCOPE => 'sub',
UserDN =>'CN=OTRS,OU=PHD-TIC,OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx',
UserPw => 'xxxxxx',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
#Add the following lines when only users are allowed to login if they reside in the spicified security group
#Remove these lines if you want to provide login to all users specified in the User Base DN
#example: $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=BaseOU, dc=example, dc=com';
# Die if backend can't work, e. g. can't connect to server.
# $Self->{'AuthSyncModule::LDAP::Die'} = 1;
# $Self->{'SendmailModule::AuthUser'} = 'username';
# $Self->{'SendmailModule::AuthPassword'} = 'password';
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# end of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
Tratando de conectar el OTRS con el AD no deja de salirme este error:
[Thu Apr 3 16:01:27 2014][Error][Kernel::System::User::UserLookup][834] No UserID found for 'seesqu'!
[Thu Apr 3 16:02:39 2014][Error][Kernel::System::Auth::LDAP::Auth][182] First bind failed! Bad file descriptor
Adjunto mi configuracion para ver si alguien me puede ayudar.
# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2013 xxx, http://otrs.org/
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for lxxxxnse information (AGPL). If you
# did not receive this file, see http://www.gnu.org/lxxxxnses/agpl.txt.
# --
# Note:
#
# -->> Most OTRS configuration should be done via the OTRS web interface
# and the SysConfig. Only for some configuration, such as database
# credentials and customer data source changes, you should edit this
# file. For changes do customer data sources you can copy the definitions
# from Kernel/Config/Defaults.pm and paste them in this file.
# Config.pm will not be overwritten when updating OTRS.
# --
package Kernel::Config;
use strict;
use warnings;
# use utf8;
sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# The database host
$Self->{'DatabaseHost'} = 'xxxxxx';
# The database name
$Self->{'Database'} = "otrs";
# The database user
$Self->{'DatabaseUser'} = "otrs";
# The password of database user. You also can use bin/otrs.CryptPassword.pl
# for crypted passwords
$Self->{'DatabasePw'} = 'xxxxxx';
# The database DSN for MySQL ==> more: "perldoc DBD::mysql"
$Self->{'DatabaseDSN'} = "DBI:ODBC:driver={SQL Server};Database=$Self->{Database};Server=$Self->{DatabaseHost}";
# The database DSN for PostgreSQL ==> more: "perldoc DBD::Pg"
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a TCP/IP connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# if you have PostgresSQL 8.1 or earlier, activate the legacy driver with this line:
# $Self->{DatabasePostgresqlBefore82} = 1;
# The database DSN for Microsoft SQL Server - only supported if OTRS is
# installed on Windows as well
# $Self->{DatabaseDSN} = "DBI:ODBC:driver={SQL Server};Database=$Self->{Database};Server=$Self->{DatabaseHost},1433";
# The database DSN for Oracle ==> more: "perldoc DBD::oracle"
# $ENV{ORACLE_HOME} = '/u01/app/oracle/product/10.2.0/client_1';
# $ENV{NLS_DATE_FORMAT} = 'YYYY-MM-DD HH24:MI:SS';
# $ENV{NLS_LANG} = "american_america.utf8";
# $Self->{DatabaseDSN} = "DBI:Oracle:sid=OTRS;host=$Self->{DatabaseHost};port=1522;";
# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = 'C:/otrs/OTRS';
# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{CheckMXRecord} = 0;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #
$Self->{'LogModule'} = 'Kernel::System::Log::File';
$Self->{'LogModule::LogFile'} = 'C:/otrs/OTRS/var/log/otrs.log';
# $DIBI$
# This is an example configuration for an LDAP auth. backend.
# (Make sure Net::LDAP is installed!)
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'ldap.dc.com';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=xxxx,dc=xxxx';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::GroupDN'} = 'CN=otrs_soporte,OU=OTRS,OU=Servicios,OU=Grupos de Usuarios,OU=Grupos,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'Member';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=OTRS,OU=PHD-TIC,OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'xxxxxx';
# UserSyncLDAPMap
# (map if agent should create/synced from LDAP to DB after login)
$Self->{UserSyncLDAPMap} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
# UserSyncLDAPGroups
# (If "LDAP" was selected for AuthModule, you can specify
# initial user groups for first login.)
$Self->{UserSyncLDAPGroups} = [
'users',
];
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
# Now sync data with OTRS DB
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'ldap.dc.com';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=xxxx, dc=xxxxx';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=OTRS,OU=PHD-TIC,OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'xxxxxx';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
'users',
];
$Self->{'AuthSyncModule::LDAP::Die'} = 1;
$Self->{'AuthModule::LDAP::Die'} = 1;
#Enable LDAP authentication for Customers / Users
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'ldap.dc.com';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=xxxx, dc=xxxxx';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'CN=otrs_clientes,OU=OTRS,OU=Servicios,OU=Grupos de Usuarios,OU=Grupos,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=OTRS,OU=PHD-TIC,OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'xxxxxx';
$Self->{'Customer::AuthSyncModule::LDAP::Host'} = 'ldap.dc.com';
$Self->{'Customer::AuthSyncModule::LDAP::BaseDN'} = 'dc=xxxx, dc=xxxxx';
$Self->{'Customer::AuthSyncModule::LDAP::UID'} = 'uid';
$Self->{'Customer::AuthSyncModule::LDAP::SearchUserDN'} = 'CN=OTRS,OU=PHD-TIC,OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx';
$Self->{'Customer::AuthSyncModule::LDAP::SearchUserPw'} = 'xxxxxx';
$Self->{'Customer::AuthSyncModule::LDAP::UserSyncMap'} = {UserFirstname => 'givenName', UserLastname => 'sn',UserEmail => 'mail', };
$Self->{'Customer::AuthSyncModule::LDAP::UserSyncInitialGroups'} = ['customers',];
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Name => 'PHED-LDAP',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'ldap.dc.com',
BaseDN => 'OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx',
SSCOPE => 'sub',
UserDN =>'CN=OTRS,OU=PHD-TIC,OU=Departamentos,OU=Usuarios,OU=compañia,OU=xxxx,DC=xxxx,DC=xxxx',
UserPw => 'xxxxxx',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
#Add the following lines when only users are allowed to login if they reside in the spicified security group
#Remove these lines if you want to provide login to all users specified in the User Base DN
#example: $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=BaseOU, dc=example, dc=com';
# Die if backend can't work, e. g. can't connect to server.
# $Self->{'AuthSyncModule::LDAP::Die'} = 1;
# $Self->{'SendmailModule::AuthUser'} = 'username';
# $Self->{'SendmailModule::AuthPassword'} = 'password';
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# end of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #