Try: $Self->{'AuthSyncModule::LDAP::Host'} = 'myserver.domain.local'; (without the ldap:// bit)
-- Michiel Beijen Software Consultant +31 6 - 457 42 418 Bee Free IT + http://beefreeit.nl On Mon, Aug 3, 2009 at 22:13, David Holder <david.hol...@gmail.com> wrote: > Hi Michiel, > > Thank you for your quick response, I thought the LDAP sync was a > performance enhancement rather than a necessity, cheers for pointing that > out. > > Unfortunately I'm still having issues with it, it seems my OTRS > installation is very sensitive to that extra bit of code, I just implemented > the below and I was unable to even get into the logon page. Therefore to > prevent any major damage I thought I would post it to see where I'm going > wrong: > > > # agent data sync against ldap > $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP'; > $Self->{'AuthSyncModule::LDAP::Host'} = > 'ldap://myserver.domain.local/'; > $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=domain, dc=local'; > $Self->{'AuthSyncModule::LDAP::UID'} = 'UID'; > $Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=OTRS > Searcher,OU=OTRS LDAP Searcher,DC=domain,DC=local'; > $Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'myotrspassword'; > $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = { > # DB -> LDAP > UserFirstname => 'givenName', > UserLastname => 'sn', > UserEmail => 'mail', > }; > [...] > > # AuthSyncModule::LDAP::UserSyncInitialGroups > # (sync following group with rw permission after initial create of > first agent > # login) > $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [ > 'users', > ]; > > Any thoughts as to what I'm doing wrong? > > Thanks, > > David > > > > On Mon, Aug 3, 2009 at 8:25 PM, Michiel Beijen <mich...@beefreeit.nl>wrote: > >> You'd need to also configure LDAPSync (and, map attributes from LDAP to >> OTRS) in order for the accounts to automatically synchronize. See the part >> under "AuthSyncModule" in the Manual: >> >> http://doc.otrs.org/2.4/en/html/x1826.html >> >> Kind regards, >> -- >> Michiel Beijen >> Software Consultant >> +31 6 - 457 42 418 >> Bee Free IT + http://beefreeit.nl >> >> >> On Mon, Aug 3, 2009 at 21:06, David Holder <david.hol...@gmail.com>wrote: >> >>> Hi Chaps, >>> >>> I'm trying to authenticate agents on my OTRS implementation (OTRSforwin) >>> by adopting the LDAP template like so: (Windows Server 2003 Active Directory >>> domain controller) >>> >>> ########## Start of LDAP Config ########## >>> >>> >>> # This is an example configuration for an LDAP auth. backend. >>> # (take care that Net::LDAP is installed!) >>> $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; >>> $Self->{'AuthModule::LDAP::Host'} = 'myserver.domain.local'; >>> $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=domain,dc=local'; >>> $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; >>> >>> # Check if the user is allowed to auth in a posixGroup >>> # (e. g. user needs to be in a group xyz to use otrs) >>> $Self->{'AuthModule::LDAP::GroupDN'} = 'cn=OTRS_Agents,ou=OTRS >>> Admins,dc=domain,dc=local'; >>> $Self->{'AuthModule::LDAP::AccessAttr'} = 'member'; >>> >>> # for ldap posixGroups objectclass (just uid) >>> #$Self->{'AuthModule::LDAP::UserAttr'} = 'UID'; >>> # for non ldap posixGroups objectclass (with full user dn) >>> $Self->{'AuthModule::LDAP::UserAttr'} = 'DN'; >>> >>> # The following is valid but would only be necessary if the >>> # anonymous user do NOT have permission to read from the LDAP tree >>> $Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=OTRS Searcher,ou=OTRS >>> LDAP Searcher,dc=domain,dc=local'; >>> $Self->{'AuthModule::LDAP::SearchUserPw'} = 'myotrspassword'; >>> >>> # in case you want to add always one filter to each ldap query, use >>> # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => >>> '(objectclass=user)' >>> $Self->{'AuthModule::LDAP::AlwaysFilter'} = ''; >>> >>> # in case you want to add a suffix to each login name, then >>> # you can use this option. e. g. user just want to use user but >>> # in your ldap directory exists u...@domain. >>> #$Self->{'AuthModule::LDAP::UserSuffix'} = '@domain.com'; >>> >>> # Net::LDAP new params (if needed - for more info see perldoc >>> Net::LDAP) >>> $Self->{'AuthModule::LDAP::Params'} = { >>> port => 389, >>> timeout => 120, >>> async => 0, >>> version => 3, >>> }; >>> >>> >>> >>> Output from Log File: >>> >>> >>> >>> [Mon Aug 3 19:51:40 2009][Notice][Kernel::System::Auth::LDAP::Auth] >>> User: David Holder (CN=David Holder,OU=IT,DC=domain,DC=local) authentication >>> ok (REMOTE_ADDR: 127.0.0.1). >>> [Mon Aug 3 19:51:40 2009][Error][Kernel::System::User::UserLookup][680] >>> No UserID found for 'David Holder'! >>> [Mon Aug 3 19:51:40 2009][Error][Kernel::System::User::UserLookup][680] >>> No UserID found for 'David Holder'! >>> [Mon Aug 3 19:51:40 2009][Notice][Kernel::System::User::GetUserData] >>> Panic! No UserData for user: 'David Holder'!!! >>> >>> >>> Does anyone have any ideas what is wrong with my config? >>> >>> Your help is most appreciated. >>> >>> David >>> >>> --------------------------------------------------------------------- >>> OTRS mailing list: otrs - Webpage: http://otrs.org/ >>> Archive: http://lists.otrs.org/pipermail/otrs >>> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >>> >>> NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! >>> http://www.otrs.com/en/support/enterprise-subscription/ >>> >> >> >> --------------------------------------------------------------------- >> OTRS mailing list: otrs - Webpage: http://otrs.org/ >> Archive: http://lists.otrs.org/pipermail/otrs >> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >> >> NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! >> http://www.otrs.com/en/support/enterprise-subscription/ >> > > > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! > http://www.otrs.com/en/support/enterprise-subscription/ >
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! http://www.otrs.com/en/support/enterprise-subscription/