Hello All ! I'm having problems with multi domain integration, here's our scene: We have a Windows 2003 Forest with 8 living domains in our Offices corp.intra (parent domain) --------------office1.corp.intra --------------office2.corp.intra --------------office3.corp.intra --------------office4.corp.intra --------------office5.corp.intra --------------office6.corp.intra --------------office7.corp.intra --------------office8.corp.intra Each domain has its domain controllers installed in their own site, they are linked to our main site through a 2mbps WAN link. I need to set OTRS to authenticate and get data fron the users from these domains,
The only way I found to authenticate and get userdata from these domains was building a list with multiple LDAP entries in my Config.pm. It worked, but the web interface became extremally slow after these multi domain integration. It doesn't matter where you click, each and every link gets very slow, and the index.pl gets very CPU intensive, taking a long time to finish working. What would be the right solution for integration with an Active Directory multi Domain Environment like this? Any help will be very appreciated! Here goes my Config.pm authentication settings # AUTHENTICATION SETTINGS - LDAP STUFF # #----Autenticacao Office1----# #Enable LDAP authentication for Customers / Users $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = '10.0.2.19'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=Office1,dc=office1,dc=corp,dc=intra'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; #The following is valid but would only be necessary if the #anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=otrs_ldap,OU=Integracao_OTRS,DC=corp,DC=intra'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password; #----Autenticacao Office2----# $Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host1'} = '192.168.40.2'; $Self->{'Customer::AuthModule::LDAP::BaseDN1'} = 'ou=Office2,dc=office2,dc=corp,dc=intra'; $Self->{'Customer::AuthModule::LDAP::UID1'} = 'sAMAccountName'; #The following is valid but would only be necessary if the #anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN1'} = 'CN=otrs_ldap,OU=Integracao_OTRS,DC=corp,DC=intra'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw1'} = 'password'; #----Autenticacao Office3----# $Self->{'Customer::AuthModule2'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host2'} = '192.168.42.2'; $Self->{'Customer::AuthModule::LDAP::BaseDN2'} = 'ou=Office3,dc=office3,dc=corp,dc=intra'; $Self->{'Customer::AuthModule::LDAP::UID2'} = 'sAMAccountName'; #The following is valid but would only be necessary if the #anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN2'} = 'CN=otrs_ldap,OU=Integracao_OTRS,DC=corp,DC=intra'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw2'} = 'password'; #----Autenticacao Office4----# $Self->{'Customer::AuthModule3'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host3'} = '192.168.43.2'; $Self->{'Customer::AuthModule::LDAP::BaseDN3'} = 'OU=Office4,dc=office4,dc=corp,dc=intra'; $Self->{'Customer::AuthModule::LDAP::UID3'} = 'sAMAccountName'; #The following is valid but would only be necessary if the #anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN3'} = 'CN=otrs_ldap,OU=Integracao_OTRS,DC=corp,DC=intra'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw3'} = 'password'; #----Autenticacao Office5----# $Self->{'Customer::AuthModule4'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host4'} = '192.168.70.2'; $Self->{'Customer::AuthModule::LDAP::BaseDN4'} = 'OU=Office5,dc=office5,dc=corp,dc=intra'; $Self->{'Customer::AuthModule::LDAP::UID4'} = 'sAMAccountName'; #The following is valid but would only be necessary if the #anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN4'} = 'CN=otrs_ldap,OU=Integracao_OTRS,DC=corp,DC=intra'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw4'} = 'password'; #--------------------- GET USER DATA --------------------------# # Office1 # #CustomerUser #(customer user database backend and settings) $Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => '10.0.2.19', BaseDN => 'OU=Office1,dc=office1,dc=corp,dc=intra', SSCOPE => 'sub', UserDN =>'CN=otrs_ldap,OU=Integracao_OTRS,DC=corp,DC=intra', UserPw => 'password', }, # customer unique id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'sAMAccountName', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'sAMAccountName', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], [ 'UserComment', 'Comment', 'department', 1, 0, 'var' ], ], }; # Office2 # #CustomerUser #(customer user database backend and settings) $Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => '192.168.40.2', BaseDN => 'OU=Office2,dc=office2,dc=corp,dc=intra', SSCOPE => 'sub', UserDN =>'CN=otrs_ldap,OU=Integracao_OTRS,DC=corp,DC=intra', UserPw => 'password', }, # customer unique id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'sAMAccountName', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'sAMAccountName', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], [ 'UserComment', 'Comment', 'department', 1, 0, 'var' ], ], }; # Office3 # #CustomerUser #(customer user database backend and settings) $Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => '192.168.42.2', BaseDN => 'OU=Office3,dc=office3,dc=corp,dc=intra', SSCOPE => 'sub', UserDN =>'CN=otrs_ldap,OU=Integracao_OTRS,DC=corp,DC=intra', UserPw => 'password', }, # customer unique id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'sAMAccountName', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'sAMAccountName', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], [ 'UserComment', 'Comment', 'department', 1, 0, 'var' ], ], }; # Office4 # #CustomerUser #(customer user database backend and settings) $Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => '192.168.43.2', BaseDN => 'OU=Office4,dc=office4,dc=corp,dc=intra', SSCOPE => 'sub', UserDN =>'CN=otrs_ldap,OU=Integracao_OTRS,DC=corp,DC=intra', UserPw => 'password', }, # customer unique id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'sAMAccountName', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'sAMAccountName', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], [ 'UserComment', 'Comment', 'department', 1, 0, 'var' ], ], }; # Office5 # #CustomerUser #(customer user database backend and settings) $Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => '192.168.70.2', BaseDN => 'OU=Office5,dc=office5,dc=corp,dc=intra', SSCOPE => 'sub', UserDN =>'CN=otrs_ldap,OU=Integracao_OTRS,DC=corp,DC=intra', UserPw => 'password', }, # customer unique id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'sAMAccountName', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'sAMAccountName', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], [ 'UserComment', 'Comment', 'department', 1, 0, 'var' ], ], };
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! http://www.otrs.com/en/support/enterprise-subscription/