ich bin seit dieser Woche an OTRS dran als internes Projekt in unserm Unternehmen. Prinzipiell sind die Anforderungen wie folgt:
ein Team von 5 Admins soll einen Mitarbeiterpool von 240 Mitarbeitern betreuen, deshalb wollen wir die Mitarbeiter als Customer via LDAP ins OTRS synchronisieren.
Login am Webfrontend soll es für die Customer nicht geben da wird die Tickets ausschliesslich per Hotline erfassen und selbst verfassen wollen.
Ich habe nun folgenden Quellcode in meine Config.pm eingefügt und es funktioniert leider nicht wie gewollt.
Code: Select all
# This is an example configuration for an LDAP auth. backend.
# (take care that Net::LDAP is installed!)
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'XXXXXXXXX';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=XXXXXXXXX,ou=XXXXX,ou=USERS,ou=IT';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'administrator';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'XXXXX';
# CustomerUser
# (customer user ldap backend and settings)
$Self->{CustomerUser} = {
Name => "LDAP Datenquelle",
Module => "Kernel::System::CustomerUser::LDAP",
Params => {
# ldap host
Host => "XXXXXXXX",
# ldap base dn
BaseDN => "dc=XXXXX,ou=XXXXX,ou=USERS,ou=IT",
# search scope (one|sub)
SSCOPE => "sub",
# # The following is valid but would only be necessary if the
# # anonymous user does NOT have permission to read from the LDAP tree
UserDN => "cn=otrs_admin,ou=Service_Batch,dc=domain,dc=de",
UserPw => "XXXXXX",
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => "(mail=*)" or AlwaysFilter => "(objectclass=AlwaysFilter => ´´,
# if your frontend is e. g. iso-8859-1 and the charset of your
# ldap server is utf-8, use this options (if not, ignore it)
# SourceCharset => "utf-8",
# DestCharset => "iso-8859-1",
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
# customer uniq id
CustomerKey => "uid",
# customer #
CustomerID => "mail",
CustomerUserListFields => ["cn", "mail"],
CustomerUserSearchFields => ["uid", "cn", "mail"],
CustomerUserSearchPrefix => "",
CustomerUserSearchSuffix => "*",
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ["mail"],
CustomerUserNameFields => ["givenname", "sn"],
# show now own tickets in customer panel, CompanyTickets
CustomerUserExcludePrimaryCustomerID => 0,
# add a ldap filter for valid users (expert setting)
# CustomerUserValidFilter => "(!(description=gesperrt))",
# admin can"t change customer preferences
AdminSetPreferences => 0,
# # cache time to life in sec. - cache any database queris
# CacheTTL => 0,
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-[ "UserSalutation", "Title", "title", 1, 0, "var", ´´, 0 ],
[ "UserFirstname", "Firstname", "givenname", 1, 1, "var", "", 0 ],
[ "UserLastname", "Lastname", "sn", 1, 1, "var", "", 0 ],
[ "UserLogin", "Username", "uid", 1, 1, "var", "", 0 ],
[ "UserEmail", "Email", "mail", 1, 1, "var", "", 0 ],
[ "UserCustomerID", "CustomerID", "mail", 0, 1, "var", "", 0 ],
# [ "UserCustomerIDs", "CustomerIDs", "second_customer_ids", 1, 0, "var", "", 0 ],
[ "UserPhone", "Phone", "telephonenumber", 1, 0, "var", "", 0 ],
[ "UserAddress", "Address", "postaladdress", 1, 0, "var", "", 0 ],
[ "UserComment", "Comment", "description", 1, 0, "var", "", 0 ],
],
Message: First bind failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece, referer: http://xxx.xxx.xxx.xxx/otrs/index.pl?Action=Logout
UND:
ERROR: OTRS-CGI-10 Perl: 5.10.0 OS: MSWin32 Time: Fri May 7 08:05:08 2010, referer: http://xxx.xxx.xxx.xxx/otrs/index.pl?Action=Logout
Kann mir da jemand helfen??
Grüße
Boog
,