OTRS LDAP 'First bind failed' issue
Moderator: crythias
-
- Znuny newbie
- Posts: 9
- Joined: 07 Jan 2013, 10:49
- Znuny Version: 3.1.11
- Real Name: Terry
- Company: CITIC
OTRS LDAP 'First bind failed' issue
Dear all:
need help!!! when config otrs(3.1.11) Ldap,always output this error, i don't know how to solve:
--- error start ----
First bind failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece
--- error end ----
---- LDAP setup ---
## Customer config
# Basic LDAP info
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '192.xx.xxx.xxx';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=office,DC=xxx,DC=com';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'terrychen@xxx.com';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'xxxxx';
# config
$Self->{CustomerUser} = {
Name => 'terrychen',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '192.xxx.xxx.xxx',
BaseDN => 'DC=office,DC=xxx,DC=com',
SSCOPE => 'sub',
UserDN => 'terrychen@xxx.com',
UserPW => 'xxxxx',
AlwaysFilter => '',
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
#CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => [ 'sAMAccountName', 'cn', 'mail'],
#CustomerUserSearchPrefix => '',
#CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CustomerUserExcludePrimaryCustomerID => 0,
AdminSetPreferences => 0,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
need help!!! when config otrs(3.1.11) Ldap,always output this error, i don't know how to solve:
--- error start ----
First bind failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece
--- error end ----
---- LDAP setup ---
## Customer config
# Basic LDAP info
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '192.xx.xxx.xxx';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=office,DC=xxx,DC=com';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'terrychen@xxx.com';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'xxxxx';
# config
$Self->{CustomerUser} = {
Name => 'terrychen',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '192.xxx.xxx.xxx',
BaseDN => 'DC=office,DC=xxx,DC=com',
SSCOPE => 'sub',
UserDN => 'terrychen@xxx.com',
UserPW => 'xxxxx',
AlwaysFilter => '',
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
#CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => [ 'sAMAccountName', 'cn', 'mail'],
#CustomerUserSearchPrefix => '',
#CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CustomerUserExcludePrimaryCustomerID => 0,
AdminSetPreferences => 0,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
Re: OTRS LDAP 'First bind failed' issue
wrong username/password
"Production": OTRS™ 8, OTRS™ 7, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
-
- Znuny newbie
- Posts: 9
- Joined: 07 Jan 2013, 10:49
- Znuny Version: 3.1.11
- Real Name: Terry
- Company: CITIC
Re: OTRS LDAP 'First bind failed' issue
jojo wrote:wrong username/password
Hi Jojo,
it is impossiable, cause i use this username/password login everyday!!
i also try to test :'terrychen' not ''terrychen@xxx.com', also failed.
please help.
Regards
Terry
Re: OTRS LDAP 'First bind failed' issue
The error is produced by your AD server. You supplied wrong username and password.
Try the username as: Domain/username instead of username@domain
Try the username as: Domain/username instead of username@domain
"Production": OTRS™ 8, OTRS™ 7, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
-
- Znuny newbie
- Posts: 9
- Joined: 07 Jan 2013, 10:49
- Znuny Version: 3.1.11
- Real Name: Terry
- Company: CITIC
Re: OTRS LDAP 'First bind failed' issue
Hi Jojo,
i have been tried, no use, still the same error.
domain/terrychen
terrrychen@domain.com
Regards
Terry
i have been tried, no use, still the same error.
domain/terrychen
terrrychen@domain.com
Regards
Terry
-
- Znuny superhero
- Posts: 723
- Joined: 10 Oct 2007, 14:30
- Znuny Version: 3.0
- Location: Hamburg, Germany
Re: OTRS LDAP 'First bind failed' issue
Your SearchUserDN needs to be specified as a DN, not as userPrincipalName!
That should be all you need to change.
Code: Select all
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=terrychen,OU=Objectgroup,DC=yoursubdomain,DC=yourdomain,DC=net';
openSuSE on ESX
IT-Helpdesk: OTRS 3.0
Customer Service: OTRS 3.0 (upgraded from 2.3)
Customer Service (subsidiary): OTRS 3.0
+additional test and development systems
IT-Helpdesk: OTRS 3.0
Customer Service: OTRS 3.0 (upgraded from 2.3)
Customer Service (subsidiary): OTRS 3.0
+additional test and development systems
-
- Znuny newbie
- Posts: 9
- Joined: 07 Jan 2013, 10:49
- Znuny Version: 3.1.11
- Real Name: Terry
- Company: CITIC
Re: OTRS LDAP 'First bind failed' issue
ferrosti wrote:Your SearchUserDN needs to be specified as a DN, not as userPrincipalName!That should be all you need to change.Code: Select all
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=terrychen,OU=Objectgroup,DC=yoursubdomain,DC=yourdomain,DC=net';
Hi ferrosti & Jojo,
your are right, after config, the error change to another,
"Authentication succeeded, but no customer record is found in the customer backend. Please contact your administrator."
Regards
Terry
-
- Znuny superhero
- Posts: 723
- Joined: 10 Oct 2007, 14:30
- Znuny Version: 3.0
- Location: Hamburg, Germany
Re: OTRS LDAP 'First bind failed' issue
Did you also change
to a valid DN?
You should uncomment your search pre- and suffix!
Is not meant to show a username. This value stores the name of the connection that will be shown in the drop down box in OTRS when selecting the customer backend. I´d rather name it 'Local LDAP' or something.
Should at least be set to
On larger ADs one might DoS a DC, not limiting a search.
Code: Select all
UserDN => 'terrychen@xxx.com',
You should uncomment your search pre- and suffix!
Code: Select all
Name => 'terrychen',
Code: Select all
AlwaysFilter => ''
Code: Select all
AlwaysFilter => '(objectclass=user)'
openSuSE on ESX
IT-Helpdesk: OTRS 3.0
Customer Service: OTRS 3.0 (upgraded from 2.3)
Customer Service (subsidiary): OTRS 3.0
+additional test and development systems
IT-Helpdesk: OTRS 3.0
Customer Service: OTRS 3.0 (upgraded from 2.3)
Customer Service (subsidiary): OTRS 3.0
+additional test and development systems
-
- Znuny newbie
- Posts: 9
- Joined: 07 Jan 2013, 10:49
- Znuny Version: 3.1.11
- Real Name: Terry
- Company: CITIC
Re: OTRS LDAP 'First bind failed' issue
Hi all,
after follow your solution, there is new error for this issue:
--- start error ---
CustomerUser: terrychen (CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com) authentication ok (REMOTE_ADDR: 192.xxx.xx.xx).
00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece
No such user 'terrychen'!
--- end error ---
here is my latest setup:
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'otrs';
# DatabasePw
# (The password of database user. You also can use bin/otrs.CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'hot';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# if you have PostgresSQL 8.1 or earlier, activate the legacy driver with this line:
# $Self->{DatabasePostgresqlBefore82} = 1;
## Customer config
# Basic LDAP info
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '192.xxx.xxx.xxx';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=office,DC=xxx,DC=com';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'Tt@321';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(objectclass=user)';
# config
$Self->{CustomerUser} = {
Name => 'LDAP Data Source',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '192.xxx.xxx.xxx',
BaseDN => 'DC=office,DC=xxx,DC=com',
SSCOPE => 'sub',
UserDN => 'CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com',
UserPW => 'Tt@321',
AlwaysFilter => '',
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => [ 'sAMAccountName', 'cn', 'mail'],
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CustomerUserExcludePrimaryCustomerID => 0,
AdminSetPreferences => 0,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = '192.xxx.xxx.xxx';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'DC=office,DC=xxx,DC=com';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'Tt@321';
after follow your solution, there is new error for this issue:
--- start error ---
CustomerUser: terrychen (CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com) authentication ok (REMOTE_ADDR: 192.xxx.xx.xx).
00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece
No such user 'terrychen'!
--- end error ---
here is my latest setup:
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'otrs';
# DatabasePw
# (The password of database user. You also can use bin/otrs.CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'hot';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# if you have PostgresSQL 8.1 or earlier, activate the legacy driver with this line:
# $Self->{DatabasePostgresqlBefore82} = 1;
## Customer config
# Basic LDAP info
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '192.xxx.xxx.xxx';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=office,DC=xxx,DC=com';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'Tt@321';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(objectclass=user)';
# config
$Self->{CustomerUser} = {
Name => 'LDAP Data Source',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '192.xxx.xxx.xxx',
BaseDN => 'DC=office,DC=xxx,DC=com',
SSCOPE => 'sub',
UserDN => 'CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com',
UserPW => 'Tt@321',
AlwaysFilter => '',
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => [ 'sAMAccountName', 'cn', 'mail'],
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CustomerUserExcludePrimaryCustomerID => 0,
AdminSetPreferences => 0,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = '192.xxx.xxx.xxx';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'DC=office,DC=xxx,DC=com';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'Tt@321';
-
- Znuny superhero
- Posts: 723
- Joined: 10 Oct 2007, 14:30
- Znuny Version: 3.0
- Location: Hamburg, Germany
Re: OTRS LDAP 'First bind failed' issue
Please always place your code into 'Code' brackets.
I need to have a look at the full lines of the error code. (Private data replaced)
Reason is, I cannot see which modules give this error.
Once again: you should define a filter for your LDAP search. Take some LDAP query tools (such as 'luma') and find out, whether it works the way you enter it to OTRS config or not. You´ll most likely find out that your search parms are not configured properly.
I need to have a look at the full lines of the error code. (Private data replaced)
Reason is, I cannot see which modules give this error.
Once again: you should define a filter for your LDAP search. Take some LDAP query tools (such as 'luma') and find out, whether it works the way you enter it to OTRS config or not. You´ll most likely find out that your search parms are not configured properly.
openSuSE on ESX
IT-Helpdesk: OTRS 3.0
Customer Service: OTRS 3.0 (upgraded from 2.3)
Customer Service (subsidiary): OTRS 3.0
+additional test and development systems
IT-Helpdesk: OTRS 3.0
Customer Service: OTRS 3.0 (upgraded from 2.3)
Customer Service (subsidiary): OTRS 3.0
+additional test and development systems
-
- Moderator
- Posts: 10169
- Joined: 04 May 2010, 18:38
- Znuny Version: 5.0.x
- Location: SouthWest Florida, USA
- Contact:
Re: OTRS LDAP 'First bind failed' issue
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
-
- Znuny newbie
- Posts: 9
- Joined: 07 Jan 2013, 10:49
- Znuny Version: 3.1.11
- Real Name: Terry
- Company: CITIC
Re: OTRS LDAP 'First bind failed' issue
Hi all,
thanks for your reply, here is the error message:
and my config is like below:
thanks for your reply, here is the error message:
Code: Select all
CustomerUser: terrychen (CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com) authentication ok (REMOTE_ADDR: 192.xxx.xx.xx).
00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece
No such user 'terrychen'!
Code: Select all
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'otrs';
# DatabasePw
# (The password of database user. You also can use bin/otrs.CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'hot';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# if you have PostgresSQL 8.1 or earlier, activate the legacy driver with this line:
# $Self->{DatabasePostgresqlBefore82} = 1;
## Customer config
# Basic LDAP info
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '192.xxx.xxx.xxx';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=office,DC=xxx,DC=com';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'Tt@321';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(objectclass=user)';
# config
$Self->{CustomerUser} = {
Name => 'LDAP Data Source',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '192.xxx.xxx.xxx',
BaseDN => 'DC=office,DC=xxx,DC=com',
SSCOPE => 'sub',
UserDN => 'CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com',
UserPW => 'Tt@321',
AlwaysFilter => '',
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => [ 'sAMAccountName', 'cn', 'mail'],
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CustomerUserExcludePrimaryCustomerID => 0,
AdminSetPreferences => 0,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = '192.xxx.xxx.xxx';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'DC=office,DC=xxx,DC=com';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=Terry Chen,OU=MIS,DC=office,DC=xxx,DC=com';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'Tt@321';