OTRS LDAP ClearOS integracion

[johann-bermudez]

Señores le muestro mi archivo /opt/otrs/Kernel/Config.pm con el cual logre integar el OpenLDAP de un ClearOs 5.2 a un OTRS 3.0.7 espero les sirva, me tomo un buen tiempo lograrlo asi que si tienen algun comentario es muy bien recibido.

package Kernel::Config;

sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# Start of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #

# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'otrs';
# DatabasePw
# (The password of database user. You also can use bin/CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'root';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
#
#
$Self->{'Ticket::Responsible'} = '1';
$Self->{'Ticket::Watcher'} = '1';
###aqui termina lo agregado por johann
# (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";

# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = '/opt/otrs';

# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{'CheckMXRecord'} = 1;

# ---------------------------------------------------- #

# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #
# $DIBI$
$Self->{'SystemID'} = 10;
$Self->{'SecureMode'} = 1;
$Self->{'Organization'} = '';
$Self->{'LogModule::LogFile'} = '/tmp/otrs.log';
$Self->{'LogModule'} = 'Kernel::System::Log::SysLog';
$Self->{'FQDN'} = 'http://mi.dominio.com';
$Self->{'DefaultLanguage'} = 'en';
$Self->{'AdminEmail'} = 'admin@example.com';
$Self->{'DefaultCharset'} = 'utf-8';
#
# This is an example configuration for an LDAP auth. backend.
# (take care that Net::LDAP is installed!)
$Self->{AuthModule} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'ldap://192.168.xx.xx:389';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=dominio,dc=com';
$Self->{'AuthModule::LDAP::UID'} = 'uid';
#
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=Sistema otrs,ou=Users,ou=Accounts,dc=dominio,dc=com';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'password';
#
# Die if backend can't work, e. g. can't connect to server.
$Self->{'AuthModule::LDAP::Die'} = 1;
#
# --------------------------------------------------- #
# authentication sync settings #
# (enable agent data sync. after succsessful #
# authentication) #
# --------------------------------------------------- #
# This is an example configuration for an LDAP auth sync. backend.
# (take care that Net::LDAP is installed!)
$Self->{AuthSyncModule} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'ldap://192.168.xx.xx:389';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=dominio,dc=com';
$Self->{'AuthSyncModule::LDAP::UID'} = 'uid';

# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'cn=Sistema otrs,ou=Users,ou=Accounts,dc=dominio,dc=com';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'password';
#
# AuthSyncModule::LDAP::UserSyncMap
# (map if agent should create/synced from LDAP to DB after successful login)
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
# Die if backend can't work, e. g. can't connect to server.
$Self->{'AuthSyncModule::LDAP::Die'} = 1;
#
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# End of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
}

# ---------------------------------------------------- #
# needed system stuff (don't edit this) #
# ---------------------------------------------------- #
use strict;
use warnings;

use vars qw(@ISA $VERSION);
use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');

use vars qw(@ISA $VERSION);
$VERSION = qw($Revision: 1.21 $)[1];

# -----------------------------------------------------#

1;

Una recomendación, una ves que logren autenticarse via ldap es necesario, regresar todo a la normalidad par darle permisos al usuario que se creo por el lado del ldap y asi poder tener un usuario autenticado con permisos de Administrador.

Atentamente,

Johann Bermudez

[juliuss]

muy buen materia, excelente aporte!

[gdlt88]

Buenos dias
Tengo un problema con la configuracion de LDAP del OTRS. Realize todos los cambios mostrados anteriormente en el archivo config.pm, con los parametros necesarios, pero no puedo cargar los customers del Active Directory del lugar donde estoy trabajando. En la parte de customers de OTRS no me sale nada.El sistema operativo donde se encuentra es en Windows Server 2003. Gracias de antermano por cualquier ayuda que me pueda proporcionar.