don't change defaults.pm only config.pm
On Thu, Feb 7, 2013 at 11:56 AM, Israel Garcia <iga3...@yahoo.com> wrote: > HI, > > From the manual, I see I have to add all these lines to get agents and > customers authenticating with ldap (AD), but not sure if we have to add it > to /opt/otrs/Kernel/Config.pm or /opt/otrs/Kernel/Config/Default.pm? Or in > other place. > > For agents: > # This is an example configuration for an LDAP auth. backend. > # (Make sure Net::LDAP is installed!) > $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; > $Self->{'AuthModule::LDAP::Host'} = 'israelDC2.israel.NET'; > $Self->{'AuthModule::LDAP::BaseDN'} = > 'cn=otrs_allow_company,ou=generics,ou=usuaris,ou=israel,dc=israel,dc=net'; > $Self->{'AuthModule::LDAP::UID'} = 'uid'; > > # Check if the user is allowed to auth in a posixGroup > # (e. g. user needs to be in a group xyz to use otrs) > $Self->{'AuthModule::LDAP::GroupDN'} = > 'ou=generics,ou=usuaris,ou=israel,dc=israel,dc=net'; > $Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid'; > # for ldap posixGroups objectclass (just uid) > # $Self->{'AuthModule::LDAP::UserAttr'} = 'UID'; > # for non ldap posixGroups objectclass (with full user dn) > # $Self->{'AuthModule::LDAP::UserAttr'} = 'DN'; > > # The following is valid but would only be necessary if the > # anonymous user do NOT have permission to read from the LDAP tree > $Self->{'AuthModule::LDAP::SearchUserDN'} = 'otrs_ldap'; > $Self->{'AuthModule::LDAP::SearchUserPw'} = 'OTRisrael24'; > > # in case you want to add always one filter to each ldap query, use > # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => > '(objectclass=user)' > $Self->{'AuthModule::LDAP::AlwaysFilter'} = ''; > > # in case you want to add a suffix to each login name, then > # you can use this option. e. g. user just want to use user but > # in your ldap directory exists user@domain. > # $Self->{'AuthModule::LDAP::UserSuffix'} = '@israel.domain'; > > # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) > $Self->{'AuthModule::LDAP::Params'} = { > port => 389, > timeout => 120, > async => 0, > version => 3, > }; > > > For customers: > # This is an example configuration for an LDAP auth. backend. > # (make sure Net::LDAP is installed!) > $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; > $Self->{'Customer::AuthModule::LDAP::Host'} = 'israelDC2.israel.NET'; > $Self->{'Customer::AuthModule::LDAP::BaseDN'} = > 'cn=otrs_allow_israel,ou=generics,ou=usuaris,ou=israel,dc=israel,dc=net'; > $Self->{'Customer::AuthModule::LDAP::UID'} = 'uid'; > > # Check if the user is allowed to auth in a posixGroup > # (e. g. user needs to be in a group xyz to use otrs) > $Self->{'Customer::AuthModule::LDAP::GroupDN'} = > 'ou=generics,ou=usuaris,ou=israel,dc=israel,dc=net'; > $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'memberUid'; > # for ldap posixGroups objectclass (just uid) > $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID'; > # for non ldap posixGroups objectclass (full user dn) > #$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'; > > # The following is valid but would only be necessary if the > # anonymous user does NOT have permission to read from the LDAP tree > $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs_ldap'; > $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'OTRisrael24'; > > # in case you want to add always one filter to each ldap query, use > # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => > '(objectclass=user)' > $Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = ''; > > # in case you want to add a suffix to each customer login name, then > # you can use this option. e. g. user just want to use user but > # in your ldap directory exists user@domain. > #$Self->{'Customer::AuthModule::LDAP::UserSuffix'} = '@israel.domain'; > > # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) > $Self->{'Customer::AuthModule::LDAP::Params'} = { > port => 389, > timeout => 120, > async => 0, > version => 3, > }; > > Thanks once more. > regards > Israel. > > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs