Re: [otrs] OTRS and Active Directory

Mon, 19 Jan 2009 14:59:46 -0800 

 

Also, unless you have added extra values into your AD schema, the UID
value for AD is 'sAMAccountName' not 'uid'

>   $Self->{'Customer::AuthModule::LDAP::UID'} = 'uid';
>   CustomerKey => 'uid',

Steve,

As per your 2 emails I gave your suggestions a try:

Firstly I fully qualified the ldap user:

$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=ldap.lookup,
OU=Support, OU=IT, OU=Melbourne, OU=Staff, DC=company, DC=com, DC=au';

This gave me

Jan 20 09:44:17 mel-ithlp OTRS-CGI-03[11782]:
[Error][Kernel::System::CustomerUser::LDAP::new][Line:144]: First bind
failed! 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext
error, data 525, v893

Then I changed the uid value to sAMAccountname

CustomerKey => 'sAMAaccountName',

This gave me

Jan 20 09:44:17 mel-ithlp OTRS-CGI-03[11782]:
[Error][Kernel::System::CustomerAuth::LDAP::Auth][Line:199]: First bind
failed! 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext
error, data 525, v893


I note that in the first the error is taking place in
[Kernel::System::CustomerUser::LDAP::new][Line:144] whereas in the
second the error is in
[Error][Kernel::System::CustomerAuth::LDAP::Auth][Line:199]

I have no idea what THAT means.

As of right now my Config.pm is:

  $Self->{'Customer::AuthModule'} =
'Kernel::System::CustomerAuth::LDAP';
  $Self->{'Customer::AuthModule::LDAP::Host'} = '192.168.1.10';
  $Self->{'Customer::AuthModule::LDAP::BaseDN'} =
'dc=company,dc=com,dc=au';
  $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

  $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=ldap.lookup,
OU=Support, OU=IT, OU=Melbourne, OU=Staff, DC=company, DC=com, DC=au';
  $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';

    $Self->{CustomerUser} = {
      Module => 'Kernel::System::CustomerUser::LDAP',
      Params => {
      Host => '192.168.1.10',
      BaseDN => 'DC=company,DC=com,DC=au',
      SSCOPE => 'sub',
      UserDN =>'CN=ldap.lookup, OU=Support, OU=IT, OU=Melbourne,
OU=Staff, DC=company, DC=com, DC=au',
      UserPw => 'password',

    },
    CustomerKey => 'sAMAaccountName',
    CustomerID => 'mail',
    CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
    CustomerUserSearchListLimit => 250,
    CustomerUserPostMasterSearchFields => ['mail'],
    CustomerUserNameFields => ['givenname', 'sn'],
    Map => [
      [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
      [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
      [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
      [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
      [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
    ],
  };


#####################################################################################
This e-mail message has been scanned for Viruses and Content and cleared 
by MailMarshal
#####################################################################################
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Reply via email to