RE: [otrs] Active Directory/LDAP authentication problem
On Thu, 2006-01-19 at 10:03 -0800, Hames, Joel wrote: > When I say that I have made progress, I am mostly referring to a login > screen with no response with I type in a username and password, to one > that says, "No User Data!" to the error message I posted previously. Then just create the user in otrs from the administrative panel. Only authentication is performed via AD, but you still need the user in the local otrs database. -- Luca Corti PGP Key ID 1F38C091 Adesso dico: "Prima di tutto il resto, imparare ad ascoltare." signature.asc Description: This is a digitally signed message part ___ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting für Ihr OTRS System? => http://www.otrs.de/
RE: [otrs] Active Directory/LDAP authentication problem
When I say that I have made progress, I am mostly referring to a login screen with no response with I type in a username and password, to one that says, "No User Data!" to the error message I posted previously. Each time it seems like I recognize some little improvement that I can make, based on other's experiences. This latest error seems to have something to do with connecting to LDAP, or in where it is looking in AD. I still, though, haven't seen another working AD/LDAP config.pm other than the one in the documentation. One other thing is that my users are in separate OUs, so I am not sure if I need multiple entries for this in the configuration, or if it will start from a BaseDN and search downwards. Here's my config.pm (at least, the relevant portions): # # # fs root directory # # $Self->{Home} = 'D:/Programs/OTRS/otrs'; # # # insert your own config settings "here" # # config settings taken from Kernel/Config/Defaults.pm # # # # $Self->{SessionUseCookie} = 0; # $Self->{'CheckMXRecord'} = 1; $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; $Self->{'AuthModule::LDAP::Host'} = 'tammain.tuhsd.edu'; $Self->{'AuthModule::LDAP::BaseDN'} = 'DC=tuhsd,DC=edu'; $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=OTRS,ou=Administrative,ou=TUHSD,dc=TUHSD,dc=edu'; $Self->{'AuthModule::LDAP::SearchUserPw'} = ''; $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = 'tammain.tuhsd.edu'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=TUHSD,dc=tuhsd,dc=edu'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=OTRS,ou=Administrative,ou=TUHSD,dc=TUHSD,dc=edu'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '!'; $Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => 'tammail.tuhsd.edu', BaseDN => 'ou=TUHSD,dc=tuhsd,dc=edu', SSCOPE => 'sub', UserDN => 'cn=OTRS,ou=Administrative,ou=TUHSD,dc=TUHSD,dc=edu', UserPw => '', }, CustomerKey => 'sAMAccountName', CustomerID => 'mail', CustomerUserListFields => 'sAMAccountName', 'cn', 'mail', CustomerUserSearchFields => 'sAMAccountName', 'cn', 'mail', CustomerUserPostMasterSearchFields => 'mail', CustomerUserNameFields => 'givenname', 'sn', Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type # [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], # [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], # [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], # [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], ], }; # # # # # # # End of your own config options!!! # # # # # # # Joel Hames Director of Technology Tamalpais Union High School District [EMAIL PROTECTED] (415) 945-3798 ___ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting für Ihr OTRS System? => http://www.otrs.de/
RE: [otrs] Active Directory/LDAP authentication problem
, 'Address', 'postaladdress', 1, 0, 'var' ], # [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], ], # CustomerUser1 # (customer user ldap backend and settings) $Self->{CustomerUser1} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { #ldap host Host => 'asf-fp1.allstatefastener.local', #ldap base dn BaseDN => 'cn=Users, dc=allstatefastener, dc=local', #search scope (one|sub) SSCOPE => 'sub', #The following is valid but would only be necessary if the #anonymous user does NOT have permission to read from the LDAP tree UserDN => 'cn=otrs, cn=Users, dc=allstatefastener, dc=local', UserPw => 'asfcorp02', AlwaysFilter => '', SourceCharset => 'utf-8', DestCharset => 'iso-8859-1', }, # customer uniq id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'mail', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type # [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], # [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], # [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], ], }; Thanks, Mike Pietersen, A+, MCP All State Fastener Corporation IT (586) 498-1388 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Luca Corti Sent: Thursday, January 19, 2006 9:38 AM To: User questions and discussions about OTRS.org Subject: RE: [otrs] Active Directory/LDAP authentication problem On Thu, 2006-01-19 at 09:35 -0500, Mike Pietersen wrote: > Does ANYONE have a working/authenticating AD/LDAP config.pm that they > can post? For Agents or Customers? You can find detailed instructions in the 1.3 manual. HTH -- Luca Corti PGP Key ID 1F38C091 BOFH excuse of the moment: Electricians made popcorn in the power supply ___ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting für Ihr OTRS System? => http://www.otrs.de/ ___ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting für Ihr OTRS System? => http://www.otrs.de/
RE: [otrs] Active Directory/LDAP authentication problem
On Thu, 2006-01-19 at 09:35 -0500, Mike Pietersen wrote: > Does ANYONE have a working/authenticating AD/LDAP config.pm that they > can post? For Agents or Customers? You can find detailed instructions in the 1.3 manual. HTH -- Luca Corti PGP Key ID 1F38C091 BOFH excuse of the moment: Electricians made popcorn in the power supply ___ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting für Ihr OTRS System? => http://www.otrs.de/
RE: [otrs] Active Directory/LDAP authentication problem
Title: Active Directory/LDAP authentication problem Does ANYONE have a working/authenticating AD/LDAP config.pm that they can post? If I don’t get OTRS working soon, I’m going to have to can the project and find something else (which I don’t want to do, because I happen to like OTRS). Thanks, Mike Pietersen, A+, MCP All State Fastener Corporation IT (586) 498-1388 ___ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting für Ihr OTRS System? => http://www.otrs.de/
RE: [otrs] Active Directory/LDAP authentication problem
Title: Active Directory/LDAP authentication problem Joel, Please post your config.pm. When you say you’ve made some progress, what does that mean exactly. Have you been able to have your customer end authenticate at all with AD? I’m trying to do the same thing, but seem to be having problems aswell, so a sample config.pm to compare mine to would be helpful. Thanks, Mike Pietersen, A+, MCP All State Fastener Corporation IT (586) 498-1388 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Hames, Joel Sent: Tuesday, January 17, 2006 6:47 PM To: otrs@otrs.org Subject: [otrs] Active Directory/LDAP authentication problem I have made some progress in getting this working, but I now have this error on my customer login screen: IO::Socket::INET: connect: Unknown error at D:/Programs/OTRS/otrs//Kernel/System/CustomerUser/LDAP.pm line 63. I am not sure if this is an inability to connect problem, or if it is an inability to authenticate against Active Directory. I can post my config.pm, if necessary. Thank you, Joel Hames Director of Technology Tamalpais Union High School District [EMAIL PROTECTED] (415) 945-3798 ___ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting für Ihr OTRS System? => http://www.otrs.de/