Hi Tony, Can you suggest an improvement for the text itself? I'd be more than happy to incorporate it in the docs.
((enjoy)) - Michiel Beijen R&D OTRS AG Norsk-Data-Str 1. 61352 Bad Homburg Germany T: +31 (0) 6457 42418 F: +49 (0) 9421 56818-18 I: http://www.otrs.com/ Business Location: Bad Homburg, Country Court: Bad Homburg, Commercial register: 10751, Tax ID: 003 240 97505 Chairman of the Board: Burchard Steinbild, Managing Board: André Mindermann (CEO), Martin Edenhofer CU@ CeBIT 2010 in Hannover (Germany) and get to know more about OTRS at booth no. C37, in hall 2 from March 2-6, 2010! http://bit.ly/7uyQfY On Mon, Nov 30, 2009 at 10:38 AM, Tony Johncock <t...@onecalldirect.co.uk> wrote: > Glad to help - I had many problems with LDAP just like you until I worked out > that OTRS can search from the base DN. > > Not criticism in any way but perhaps the documentation could be made a little > clearer on OTRS's abilities in this? I would suggest it's far more powerful > and versatile than the docs give the impression of being. > > > -----Original Message----- > From: otrs-boun...@otrs.org [mailto:otrs-boun...@otrs.org] On Behalf Of > Mohamed Zakaria > Sent: 30 November 2009 02:21 > To: User questions and discussions about OTRS. > Subject: Re: [otrs] LDAP Intregration > > Dear Tony, > > Thanks, That did the trick. > > Regards, > Zak > > -----Original Message----- > From: otrs-boun...@otrs.org [mailto:otrs-boun...@otrs.org] On Behalf Of Tony > Johncock > Sent: Wednesday, November 25, 2009 4:10 PM > To: User questions and discussions about OTRS. > Subject: Re: [otrs] LDAP Intregration > > As a test, the way I got ours to work was to use the base DN everywhere > (dc=domain, dc=local). > > Once that bit works, you can then start to drill down to the relevant OU's. > > -----Original Message----- > From: otrs-boun...@otrs.org [mailto:otrs-boun...@otrs.org] On Behalf Of > Markus Nagel > Sent: 25 November 2009 06:35 > To: otrs@otrs.org > Subject: Re: [otrs] LDAP Intregration > > Dear Zak, > you need to replace it everywhere it occurs, i.e.: > > $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'cn=Users,dc=abc,dc=com'; > > Hth > > Markus Nagel > > Mohamed Zakaria schrieb: >> Dear Mr Markus, >> >> Thank you for your suggestion. I tried to change it to >> "cn=otrs,cn=Users,dc=abc,dc=com". But still have the same error. >> >> Regards, >> Zak >> >> -----Original Message----- >> From: otrs-boun...@otrs.org [mailto:otrs-boun...@otrs.org] On Behalf >> Of Markus Nagel >> Sent: Wednesday, November 25, 2009 12:42 AM >> To: otrs@otrs.org >> Subject: Re: [otrs] LDAP Intregration >> >> Hi Mohamed, >> a.f.a.i.k. the path to the default container "Users" is not >> "ou=Users,dc=some,dc=domain", but "cn=Users,dc=some,dc=domain". >> You can check this by searching for a user with the following command: >> dsquery user -name someusername >> where "someusername" is a user in the container Users or one of its >> subcontainers. >> Could this be the simple reason for your problem. >> >> Regards Markus >> >> Mohamed Zakaria schrieb: >>> Hi, >>> >>> >>> >>> I am not able to intergrate my current AD to the otrs system. The >>> system log shows this message: >>> >>> Tue Nov 24 17:03:25 2009 error OTRS-CGI-10 First >>> bind failed! 80090308: LdapErr: DSID-0C090334, comment: >>> AcceptSecurityContext error, data 525, vece >>> >>> >>> >>> This is my config.pm the portion that is above "End of own config". >>> Can anyone help me with this? Thanks. >>> >>> >>> >>> #Start of LDAP >>> >>> #Enable LDAP authentication for Customers / Users >>> >>> $Self->{'Customer::AuthModule'} = >>> 'Kernel::System::CustomerAuth::LDAP'; >>> >>> $Self->{'Customer::AuthModule::LDAP::Host'} = '10.200.1.1'; >>> >>> $Self->{'Customer::AuthModule::LDAP::BaseDN'} = >>> 'ou=Users,dc=abc,dc=com'; >>> >>> $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; >>> >>> >>> >>> #The following is valid but would only be necessary if the >>> >>> #anonymous user do NOT have permission to read from the LDAP tree >>> >>> $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs'; >>> >>> $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password'; >>> >>> >>> >>> #CustomerUser >>> >>> #(customer user database backend and settings) >>> >>> $Self->{CustomerUser} = { >>> >>> Module => 'Kernel::System::CustomerUser::LDAP', >>> >>> Params => { >>> >>> Host => '10.200.1.1', >>> >>> BaseDN => 'OU=Users,DC=abc,DC=com', >>> >>> SSCOPE => 'sub', >>> >>> UserDN =>'CN=otrs,OU=Users,DC=abc,DC=com', >>> >>> UserPw => 'password', >>> >>> }, >>> >>> # customer unique id >>> >>> CustomerKey => 'sAMAccountName', >>> >>> # customer # >>> >>> CustomerID => 'mail', >>> >>> CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], >>> >>> CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], >>> >>> CustomerUserSearchPrefix => '', >>> >>> CustomerUserSearchSuffix => '*', >>> >>> CustomerUserSearchListLimit => 250, >>> >>> CustomerUserPostMasterSearchFields => ['mail'], >>> >>> CustomerUserNameFields => ['givenname', 'sn'], >>> >>> Map => [ >>> >>> # note: Login, Email and CustomerID needed! >>> >>> # var, frontend, storage, shown, required, storage-type >>> >>> #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], >>> >>> [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], >>> >>> [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], >>> >>> [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], >>> >>> [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], >>> >>> [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], >>> >>> [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], >>> >>> #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], >>> >>> #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], >>> >>> ], >>> >>> }; >>> >>> >>> >>> #Add the following lines when only users are allowed to login if they >>> reside in the spicified security group >>> >>> #Remove these lines if you want to provide login to all users >>> specified in the User Base DN >>> >>> #example: $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=BaseOU, >>> dc=example, dc=com'; >>> >>> # $Self->{'Customer::AuthModule::LDAP::GroupDN'} = >>> 'CN=otrs_ldap_allow_C,OU=Groups,OU=BaseOU,DC=example,DC=com'; >>> >>> # $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member'; >>> >>> # $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN' >>> >>> >>> >>> >>> >>> #End of LDAP >>> >>> >>> >>> >>> >>> Regards, >>> >>> Zak >>> >>> --------------------------------------------------------------------- >>> --- This email is confidential and intended solely for the use of the >>> individual to whom it is addressed. If you are not the intended >>> recipient, be advised that you have received this email in error and >>> that any use, dissemination, forwarding, printing or copying of this >>> email is strictly prohibited. If you have received this email in >>> error please contact the sender. >>> --------------------------------------------------------------------- >>> --- >>> >>> >>> --------------------------------------------------------------------- >>> --- >>> >>> --------------------------------------------------------------------- >>> OTRS mailing list: otrs - Webpage: http://otrs.org/ >>> Archive: http://lists.otrs.org/pipermail/otrs >>> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >>> >>> NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! >>> http://www.otrs.com/en/support/enterprise-subscription/ >> >> --------------------------------------------------------------------- >> OTRS mailing list: otrs - Webpage: http://otrs.org/ >> Archive: http://lists.otrs.org/pipermail/otrs >> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >> >> NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! >> http://www.otrs.com/en/support/enterprise-subscription/ >> >> ###################################################################### >> ############### This email is confidential and intended solely for the >> use of the individual to whom it is addressed. If you are not the >> intended recipient, be advised that you have received this email in >> error and that any use, dissemination, forwarding, printing or copying >> of this email is strictly prohibited. If you have received this email >> in error please contact the sender. >> ###################################################################### >> ############### >> --------------------------------------------------------------------- >> OTRS mailing list: otrs - Webpage: http://otrs.org/ >> Archive: http://lists.otrs.org/pipermail/otrs >> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >> >> NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! >> http://www.otrs.com/en/support/enterprise-subscription/ > > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! > http://www.otrs.com/en/support/enterprise-subscription/ > > One Call Insurance Services Ltd - Registered Office 88-90 St Sepulchre Gate, > Doncaster. DN1 1SD. Registered in England No 04693136 > Telephone: 0871 2828888 Fax: 01302 321191 Authorised and regulated by the > Financial Services Authority for general insurance business. > You can check this by visiting the FSA website at www.fsa.gov.uk/register Our > FSA firm reference number is 302961 for important information about the > company please refer to www.onecalldirect.co.uk > > Confidentiality Notice > This electronic transmission (and/or documents accompanying it) may contain > confidential information belonging to the sender. The information is intended > only for the use of the individual or entity named as the recipient. > If you are not the intended recipient you are hereby notified that > disclosure, copying, distribution or the taking of any action in reliance of > the contents of this information is unauthorised and strictly prohibited. In > this instant, please therefore destroy the same and notify the sender > immediately. > E-mail communications cannot be guaranteed to be secure or error free. > > Anyone who communicates with us by email is taken to accept these risks. > > > Disclaimer added by CodeTwo Exchange Rules 2007 http://www.codetwo.com > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! > http://www.otrs.com/en/support/enterprise-subscription/ > ##################################################################################### > This email is confidential and intended solely for the use of the individual > to whom it is addressed. If you are not the intended recipient, be advised > that you have received this email in error and that any use, dissemination, > forwarding, printing or copying of this email is strictly prohibited. If you > have received this email in error please contact the sender. > ##################################################################################### > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! > http://www.otrs.com/en/support/enterprise-subscription/ > > One Call Insurance Services Ltd - Registered Office 88-90 St Sepulchre Gate, > Doncaster. DN1 1SD. Registered in England No 04693136 > Telephone: 0871 2828888 Fax: 01302 321191 Authorised and regulated by the > Financial Services Authority for general insurance business. > You can check this by visiting the FSA website at www.fsa.gov.uk/register Our > FSA firm reference number is 302961 for important information about the > company please refer to www.onecalldirect.co.uk > > Confidentiality Notice > This electronic transmission (and/or documents accompanying it) may contain > confidential information belonging to the sender. The information is intended > only for the use of the individual or entity named as the recipient. > If you are not the intended recipient you are hereby notified that > disclosure, copying, distribution or the taking of any action in reliance of > the contents of this information is unauthorised and strictly prohibited. In > this instant, please therefore destroy the same and notify the sender > immediately. > E-mail communications cannot be guaranteed to be secure or error free. > > Anyone who communicates with us by email is taken to accept these risks. > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! > http://www.otrs.com/en/support/enterprise-subscription/ > --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! http://www.otrs.com/en/support/enterprise-subscription/