ich habe bei meiner OTRS Installation bereits die Anbindung und Synchronisation mit dem LDAP / AD am Laufen.
Dabei werden auch beim Login die Agenten in der DB von OTRS angelegt.
Nun möchte ich gerne noch drei Custom Fields der Einstellungen mit synchronisieren (Telefon, Fax, Position).
Mache ich dies über die Map, werden die Werte ignoriert.
Irgendwelche Ideen, wie man das lösen könnte?
Hier einmal der zum Sync gehörende Teil meiner Config.pm:
Code: Select all
# ---------------------------------------------------- #
# LDAP Auth #
# ---------------------------------------------------- #
# This is an example configuration for an LDAP auth. backend.
# (Make sure Net::LDAP is installed!)
$Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host1'} = 'domain';
$Self->{'AuthModule::LDAP::BaseDN1'} = 'dc=domain,dc=local';
$Self->{'AuthModule::LDAP::UID1'} = 'sAMAccountName';
# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group xyz to use otrs)
$Self->{'AuthModule::LDAP::GroupDN1'} = '';
$Self->{'AuthModule::LDAP::AccessAttr1'} = 'member';
# for ldap posixGroups objectclass (just uid)
# $Self->{'AuthModule::LDAP::UserAttr1'} = 'UID';
# for non ldap posixGroups objectclass (with full user dn)
$Self->{'AuthModule::LDAP::UserAttr1'} = 'DN';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthModule::LDAP::SearchUserDN1'} = 'user';
$Self->{'AuthModule::LDAP::SearchUserPw1'} = 'pwd';
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
#$Self->{'AuthModule::LDAP::AlwaysFilter1'} = '';
# in case you want to add a suffix to each login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
# $Self->{'AuthModule::LDAP::UserSuffix'} = '@domain.com';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params1'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
$Self->{'AuthModule::LDAP::Die1'} = 1;
# UserSyncLDAPMap #
# ---------------------------------------------------- #
# defines AuthSyncBackend (AuthSyncModule) for AuthModule
# if this key exists and is empty, there won't be a sync.
$Self->{'AuthModule::UseSyncBackend'} = 'AuthSyncBackend';
# agent data sync against ldap
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'domain';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=domain, dc=local';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'user';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'pwd';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
UserPhoneNumber => 'telephoneNumber',
};
# Maybe for later use
# UserTelephoneNumber => 'telephoneNumber',
# UserFaxNumber => 'facsimileTelephoneNumber',
# UserWorkTitle => 'title',
# AuthSyncModule::LDAP::UserSyncInitialGroups
# (sync following group with rw permission after initial create of first agent
# login)
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
'users',
];
# Fallback: internal OTRS DB
$Self->{'AuthModule2'} = 'Kernel::System::Auth::DB';
$Self->{'AuthModule::DB::CryptType2'} = 'crypt';