Using more than one customer backend

tallesleonardo · Post by **tallesleonardo** » 28 Jun 2013, 21:42

Hello,
I'm trying to implement two modules authentication for clients. I've tried to do as this documentation:

http://doc.otrs.org/3.2/en/html/externa ... nd-example

But no effect emerged for both. Authentication is still performed only by one or the LDAP or the DB and I would like to do the two.

I wonder if there is some configuration that must be done and that is not described in the documentation or if I have to edit the Kernel / Config / Defaults.pm too.

Note: I'm editing the Kernel / Config.pm:

Code: Select all

	########### ----------------------------------------------------------------- DB CONFIGURATION --------------------------------------------------------- ####
$Self->{CustomerUser1} = {
      Name => 'DB_local',
      Module => 'Kernel::System::CustomerUser::DB',
      Params => {
         Table => 'customer_user',
		 
      },

    # customer unique id
    CustomerKey => 'login',
    # customer #
    CustomerID => 'customer_id',
	CustomerValid => 'valid_id',
    CustomerUserListFields => ['first_name', 'last_name', 'email'],
    CustomerUserSearchFields => ['login', 'email'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
    CustomerUserSearchListLimit => 250,
    CustomerUserPostMasterSearchFields => ['email'],
    CustomerUserNameFields => ['first_name', 'last_name'],
	CustomerUserEmailUniqCheck => 1,
    Map => [
       # note: Login, Email and CustomerID needed!
       # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-127
       #[ 'UserCPF', 'CPF', 'title', 1, 1, 'var', '', 0 ],
       [ 'UserFirstname', 'Primerio Nome', 'first_name', 1, 1, 'var', '', 0 ],
       [ 'UserLastname', 'Ultimo Nome', 'last_name', 1, 1, 'var', '', 0 ],
       [ 'UserLogin', 'Usuario(CPF)', 'login', 1, 1, 'var', '', 0 ],
       [ 'UserPassword', 'Senha', 'pw', 0, 1, 'var', '', 0 ],
       [ 'UserEmail', 'Email', 'email', 0, 1, 'var', '', 0 ],
	   [ 'UserOAB', 'OAB Num.', 'comments', 0, 1, 'var', '', 0 ],
	   [ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var', '', 0 ],
	   [ 'UserCity', 'Cidade', 'city', 0, 1, 'var', '', 0 ],
	   [ 'UserState', 'Estado', 'street', 0, 1, 'var', '', 0 ],
	   [ 'UserPhone', 'Telefone', 'phone', 0, 1, 'var', '', 0 ],
       # [ 'UserEmail', 'Email', 'email', 1, 1,
       # 'var','$Env{"CGIHandle"}?Action=AgentTicketCompose&ResponseID=1&TicketID=$Data{"[ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var', '', 0 ],
       # [ 'UserCustomerIDs', 'CustomerIDs', 'customer_ids', 1, 0, 'var', '', 0 ],
       #[ 'UserComment', 'Comment', 'comments', 1, 0, 'var', '', 0 ],
       [ 'ValidID', 'Valid', 'valid_id', 0, 1, 'int', '', 0 ],
	   
    ],
	# default selections
	    Selections => {
         UserCustomerID => {
             'Normal' => 'Normal',
         },
		UserState =>  {
			'Default' => '-',
			'AC' => 'Acre',
			'AL' => 'Alagoas',
			'AM' => 'Amazonas',
			'AP' => 'Amapá',
			'BA' => 'Bahia',
			'CE' => 'Ceará',
			'DF' => 'Distrito Federal',
			'ES' => 'Espírito Santo',
			'GO' => 'Goiás',
			'MA' => 'Maranhão',
			'MT' => 'Mato Grosso',
			'MS' => 'Mato Grosso do Sul',
			'MG' => 'Minas Gerais',
			'PA' => 'Pará',
			'PB' => 'Paraíba',
			'PR' => 'Paraná',
			'PE' => 'Pernambuco',
			'PI' => 'Piauí',
			'RJ' => 'Rio de Janeiro',
			'RN' => 'Rio Grande do Norte',
			'RO' => 'Rondônia',
			'RS' => 'Rio Grande do Sul',
			'RR' => 'Roraima',
			'SC' => 'Santa Catarina',
			'SE' => 'Sergipe',
			'SP' => 'São Paulo',
			'TO' => 'Tocantins',
		},
    },

  };
		
	
	########### ----------------------------------------------------------------- LDAP CONFIGURATION --------------------------------------------------------- ####
	# customer unique id
    # 2. Customer user backend: LDAP
# (customer ldap backend and settings)
$Self->{CustomerUser2} = {
	Name => 'LDAP SEDE',
	Module => 'Kernel::System::CustomerUser::LDAP',
	Params => {
	# ldap host
	Host => 'host',
	# ldap base dn
	BaseDN => 'base',
	# search scope (one|sub)
	SSCOPE => 'sub',
	#        # The following is valid but would only be necessary if the
	#        # anonymous user does NOT have permission to read from the LDAP tree
	UserDN => 'user',
	UserPw => 'password',
	# in case you want to add always one filter to each ldap query, use
	# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
	AlwaysFilter => '(&(tipoAtendimento=*)(mail=*)(!(situacao=inativo)))',
	# if both your frontend and your LDAP are unicode, use this:
		   SourceCharset => 'utf-8',
		   DestCharset   => 'utf-8',
	# if your frontend is e. g. iso-8859-1 and the character set of your
	# ldap server is utf-8, use these options:
	#        SourceCharset => 'utf-8',
	#        DestCharset => 'iso-8859-1',

	# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
	Params => {
		port => 389,
		scheme => 'ldap',
		timeout => 120,
		async => 0,
		version => 3,
	},
	},
	# customer unique id
	#CustomerKey => 'uid',
	CustomerKey => 'uid',
	# customer #
	#CustomerID => 'uid',
	CustomerID => 'uid',
	#CustomerUserListFields => ['uid', 'mail'],
	CustomerUserListFields => ['trtCodFunc','displayName','uid','mail'],
	#CustomerUserSearchFields => ['uid','cn','mail'], - Para Novell
	CustomerUserSearchFields => ['trtCodFunc','displayName','mail','uid'],
	CustomerUserSearchPrefix => '',
	CustomerUserSearchSuffix => '',
	CustomerUserSearchListLimit => 3000,
	CustomerUserPostMasterSearchFields => ['mail','trtCodFunc'],
	CustomerUserNameFields => ['displayName','cn','uid'],

	# show not own tickets in customer panel, CompanyTickets
	CustomerUserExcludePrimaryCustomerID => 0,
	# add a ldap filter for valid users (expert setting)
	# admin can't change customer preferences
	AdminSetPreferences => 0,
	CacheTTL => 300,
	Map => [
		# note: Login, Email and CustomerID needed!
		# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
		#[ 'UserCodFunc', 'Codigo', 'trtCodFunc',            1, 0, 'var', '', 0 ],
		[ 'UserTitle',      'Codigo Funcionario', 'trtCodFunc',           1, 1, 'var', '', 0 ],
		[ 'UserFirstname',  'Firstname',  'displayName',       1, 1, 'var', '', 0 ],
		[ 'UserLastname',   'Lastname',   '',              1, 1, 'var', '', 0 ],
		[ 'UserLogin',      'Username',   'uid',             1, 1, 'var', 'http://otrs.trt10.jus.br/otrs/index.pl?Action=AdminCustomerUser;Subaction=Change;ID=$Data{"UserLogin"};Search=%2A;Nav=Agent', 0 ],
		[ 'UserEmail',      'Email',      'mail',            1, 1, 'var', '', 0 ],
		[ 'UserCustomerID', 'CustomerID', 'tipoAtendimento',            1, 1, 'var', '', 0 ],
		[ 'UserComment',    'Codigo Unico',    'codigoUnico',     1, 0, 'var', '', 0 ],
		[ 'UserLotacao',    'Lotacao',    'trtLotacao',     1, 0, 'var', '', 0 ],
		[ 'UserPhone',    'Telefone',    'telephoneNumber',     1, 0, 'var', '', 0 ],
		[ 'UserStreet',    'Localizacao',    'localizacao',     1, 0, 'var', '', 0 ],
		[ 'UserCity',    'Localidade',    'localidade',     1, 0, 'var', '', 0 ],
		[ 'UserZip',    'Andar',    'andar',     1, 0, 'var', '', 0 ],
		[ 'UserCountry',    'Sala',    'sala',     1, 0, 'var', '', 0 ],
		[ 'UserCI',    'Computador (BDGC)',    'sambaSID',     1, 0, 'var', 'http://otrs.trt10.jus.br/otrs/index.pl?Action=AgentITSMConfigItemSearch;Subaction=Search;ClassID=32;SearchDialog=1;LastLogin=*$Data{"UserLogin"};PreviousVersionSearch=0;ResultForm=3', 0 ],

	],

};

Mod note: Please do not post questions in HowTos

Post by **crythias** » 28 Jun 2013, 22:22

tallesleonardo wrote:Authentication is still performed only by one or the LDAP or the DB and I would like to do the two

You show only CustomerUser (demographics) not Customer::Auth (Authentication)

tallesleonardo · Post by **tallesleonardo** » 29 Jun 2013, 17:19

crythias wrote:You show only CustomerUser (demographics) not Customer::Auth (Authentication)

Sorry, I am beginner and do not quite understand technical terms. I did not understand what do you mean by demographics.
Could you tell which file I need to edit?

Post by **crythias** » 29 Jun 2013, 22:11

Demographics: profile, information about the user, The user's name, address, telephone number..
Authentication: do you have permission to have access?

You need to edit Config.pm
viewtopic.php?f=60&t=16543

Read the links in the forum post.

tallesleonardo · Post by **tallesleonardo** » 01 Jul 2013, 22:24

I saw the documentation you quoted, I did some changes, but nothing had an effect.
What I want is that the client at the time of login, may enter both registered users on an LDAP decentralized as whith registered users in the local database.
This authentication that is shown in the documentation is not giving effect.
I based in this documentation:
http://doc.otrs.org/3.1/en/html/custome ... r-backends

This is my kernel/config.pm:

Code: Select all

# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2011 xxx, http://otrs.org/
# --
# $Id: Config.pm.dist,v 1.25 2011/09/16 10:58:28 mg Exp $
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --
#  Note:
#
#  -->> OTRS does have a lot of config settings. For more settings
#       (Notifications, Ticket::ViewAccelerator, Ticket::NumberGenerator,
#       LDAP, PostMaster, Session, Preferences, ...) see
#       Kernel/Config/Defaults.pm and copy your wanted lines into "this"
#       config file. This file will not be changed on update!
#
# --

package Kernel::Config;

use utf8;

sub Load {
    my $Self = shift;
    # ---------------------------------------------------- #
    # ---------------------------------------------------- #
    #                                                      #
    #         Start of your own config options!!!          #
    #                                                      #
    # ---------------------------------------------------- #
    # ---------------------------------------------------- #

    # ---------------------------------------------------- #
    # database settings                                    #
    # ---------------------------------------------------- #
    # DatabaseHost
    # (The database host.)
    $Self->{'DatabaseHost'} = 'localhost';
    # Database
    # (The database name.)
    $Self->{'Database'} = 'otrs';
    # DatabaseUser
    # (The database user.)
    $Self->{'DatabaseUser'} = 'otrs';
    # DatabasePw
    # (The password of database user. You also can use bin/otrs.CryptPassword.pl
    # for crypted passwords.)
    $Self->{'DatabasePw'} = '#####';
    # DatabaseDSN
    # (The database DSN for MySQL ==> more: "man DBD::mysql")
    $Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";

    # (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
    # if you want to use a local socket connection
#    $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
    # if you want to use a tcpip connection
#    $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
    # if you have PostgresSQL 8.1 or earlier, activate the legacy driver with this line:
#    $Self->{DatabasePostgresqlBefore82} = 1;

    # ---------------------------------------------------- #
    # fs root directory
    # ---------------------------------------------------- #
    $Self->{Home} = '/opt/otrs';

    # ---------------------------------------------------- #
    # insert your own config settings "here"               #
    # config settings taken from Kernel/Config/Defaults.pm #
    # ---------------------------------------------------- #
    # $Self->{SessionUseCookie} = 0;
    # $Self->{CheckMXRecord} = 0;

    # ---------------------------------------------------- #

    # ---------------------------------------------------- #
    # data inserted by installer                           #
    # ---------------------------------------------------- #
    # $DIBI$
	
	########### ----------------------------------------------------------------- DB CONFIGURATION --------------------------------------------------------- ####
		
		$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::DB';
		$Self->{'Customer::AuthModule::DB::Table'} = 'customer_user';
		$Self->{'Customer::AuthModule::DB::CustomerKey'} = 'otrs';
		$Self->{'Customer::AuthModule::DB::CustomerPassword'} = '#####';
$Self->{CustomerUser1} = {
      Name => 'DB_local',
      Module => 'Kernel::System::CustomerUser::DB',
      Params => {
		Table => 'customer_user',
	},

    # customer unique id
    CustomerKey => 'login',
    # customer #
    CustomerID => 'customer_id',
	CustomerValid => 'valid_id',
    CustomerUserListFields => ['first_name', 'last_name', 'email'],
    CustomerUserSearchFields => ['login', 'email'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
    CustomerUserSearchListLimit => 250,
    CustomerUserPostMasterSearchFields => ['email'],
    CustomerUserNameFields => ['first_name', 'last_name'],
	CustomerUserEmailUniqCheck => 1,
    Map => [
       # note: Login, Email and CustomerID needed!
       # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-127
       #[ 'UserCPF', 'CPF', 'title', 1, 1, 'var', '', 0 ],
       [ 'UserFirstname', 'Primerio Nome', 'first_name', 1, 1, 'var', '', 0 ],
       [ 'UserLastname', 'Ultimo Nome', 'last_name', 1, 1, 'var', '', 0 ],
       [ 'UserLogin', 'Usuario(CPF)', 'login', 1, 1, 'var', '', 0 ],
       [ 'UserPassword', 'Senha', 'pw', 0, 1, 'var', '', 0 ],
       [ 'UserEmail', 'Email', 'email', 0, 1, 'var', '', 0 ],
	   [ 'UserOAB', 'OAB Num.', 'comments', 0, 1, 'var', '', 0 ],
	   [ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var', '', 0 ],
	   [ 'UserCity', 'Cidade', 'city', 0, 1, 'var', '', 0 ],
	   [ 'UserState', 'Estado', 'street', 0, 1, 'var', '', 0 ],
	   [ 'UserPhone', 'Telefone', 'phone', 0, 1, 'var', '', 0 ],
       # [ 'UserEmail', 'Email', 'email', 1, 1,
       # 'var','$Env{"CGIHandle"}?Action=AgentTicketCompose&ResponseID=1&TicketID=$Data{"[ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var', '', 0 ],
       # [ 'UserCustomerIDs', 'CustomerIDs', 'customer_ids', 1, 0, 'var', '', 0 ],
       #[ 'UserComment', 'Comment', 'comments', 1, 0, 'var', '', 0 ],
       [ 'ValidID', 'Valid', 'valid_id', 0, 1, 'int', '', 0 ],
	   
    ],
	# default selections
	    Selections => {
         UserCustomerID => {
             'Normal' => 'Normal',
         },
		UserState =>  {
			'Default' => '-',
			'AC' => 'Acre',
			'AL' => 'Alagoas',
			'AM' => 'Amazonas',
			'AP' => 'Amapá',
			'BA' => 'Bahia',
			'CE' => 'Ceará',
			'DF' => 'Distrito Federal',
			'ES' => 'Espírito Santo',
			'GO' => 'Goiás',
			'MA' => 'Maranhão',
			'MT' => 'Mato Grosso',
			'MS' => 'Mato Grosso do Sul',
			'MG' => 'Minas Gerais',
			'PA' => 'Pará',
			'PB' => 'Paraíba',
			'PR' => 'Paraná',
			'PE' => 'Pernambuco',
			'PI' => 'Piauí',
			'RJ' => 'Rio de Janeiro',
			'RN' => 'Rio Grande do Norte',
			'RO' => 'Rondônia',
			'RS' => 'Rio Grande do Sul',
			'RR' => 'Roraima',
			'SC' => 'Santa Catarina',
			'SE' => 'Sergipe',
			'SP' => 'São Paulo',
			'TO' => 'Tocantins',
		},
    },

  };
		
	
	########### ----------------------------------------------------------------- LDAP CONFIGURATION --------------------------------------------------------- ####
	# customer unique id
    # 2. Customer user backend: LDAP
# (customer ldap backend and settings

#------------------VARIABLES-------------------#
my $BaseDN =   'o=TRT10' ; 
my $Host =   '10.10.222.91' ; 
my $SearchUserDN =   'uid=otrs,ou=sistemas,o=trt10' ; 
my $SearchUserPw =   '#####' ; 
#------------------CONFIG-----------------------#
$Self-> {'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self-> {'AuthModule::LDAP::Host'} = $Host;
$Self-> {'AuthModule::LDAP::NDBase'} = $BaseDN;
$Self-> {'AuthModule::LDAP::UID'} = 'uid';
$Self-> {'AuthModule::LDAP::UserAttr'} = $SearchUserDN;
$Self-> {'AuthModule::LDAP::SearchUserDN'} = $SearchUserDN;
$Self->{'AuthModule::LDAP::SearchUserPw'} = $SearchUserPw ;
$Self->{'AuthModule::LDAP::AlwaysFilter'} = '(&(tipoAtendimento=*)(mail=*)(!(situacao=inativo)))';

$Self->{CustomerUser2} = {
	Name => 'LDAP SEDE',
	Module => 'Kernel::System::CustomerUser::LDAP',
	Params => {
	# ldap host
	Host => $Host,
	# ldap base dn
	BaseDN => $BaseDN,
	# search scope (one|sub)
	SSCOPE => 'sub',
	#        # The following is valid but would only be necessary if the
	#        # anonymous user does NOT have permission to read from the LDAP tree
	UserDN => $SearchUserDN,
	UserPw => $SearchUserPw,
	# in case you want to add always one filter to each ldap query, use
	# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
	AlwaysFilter => '(&(tipoAtendimento=*)(mail=*)(!(situacao=inativo)))',
	# if both your frontend and your LDAP are unicode, use this:
		   SourceCharset => 'utf-8',
		   DestCharset   => 'utf-8',
	# if your frontend is e. g. iso-8859-1 and the character set of your
	# ldap server is utf-8, use these options:
	#        SourceCharset => 'utf-8',
	#        DestCharset => 'iso-8859-1',

	# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
	Params => {
		port => 389,
		scheme => 'ldap',
		timeout => 120,
		async => 0,
		version => 3,
	},
	},
	# customer unique id
	#CustomerKey => 'uid',
	CustomerKey => 'uid',
	# customer #
	#CustomerID => 'uid',
	CustomerID => 'uid',
	#CustomerUserListFields => ['uid', 'mail'],
	CustomerUserListFields => ['trtCodFunc','displayName','uid','mail'],
	#CustomerUserSearchFields => ['uid','cn','mail'], - Para Novell
	CustomerUserSearchFields => ['trtCodFunc','displayName','mail','uid'],
	CustomerUserSearchPrefix => '',
	CustomerUserSearchSuffix => '',
	CustomerUserSearchListLimit => 3000,
	CustomerUserPostMasterSearchFields => ['mail','trtCodFunc'],
	CustomerUserNameFields => ['displayName','cn','uid'],

	# show not own tickets in customer panel, CompanyTickets
	CustomerUserExcludePrimaryCustomerID => 0,
	# add a ldap filter for valid users (expert setting)
	# admin can't change customer preferences
	AdminSetPreferences => 0,
	CacheTTL => 300,
	Map => [
		# note: Login, Email and CustomerID needed!
		# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
		#[ 'UserCodFunc', 'Codigo', 'trtCodFunc',            1, 0, 'var', '', 0 ],
		[ 'UserTitle',      'Codigo Funcionario', 'trtCodFunc',           1, 1, 'var', '', 0 ],
		[ 'UserFirstname',  'Firstname',  'displayName',       1, 1, 'var', '', 0 ],
		[ 'UserLastname',   'Lastname',   '',              1, 1, 'var', '', 0 ],
		[ 'UserLogin',      'Username',   'uid',             1, 1, 'var', 'http://otrs.trt10.jus.br/otrs/index.pl?Action=AdminCustomerUser;Subaction=Change;ID=$Data{"UserLogin"};Search=%2A;Nav=Agent', 0 ],
		[ 'UserEmail',      'Email',      'mail',            1, 1, 'var', '', 0 ],
		[ 'UserCustomerID', 'CustomerID', 'tipoAtendimento',            1, 1, 'var', '', 0 ],
		[ 'UserComment',    'Codigo Unico',    'codigoUnico',     1, 0, 'var', '', 0 ],
		[ 'UserLotacao',    'Lotacao',    'trtLotacao',     1, 0, 'var', '', 0 ],
		[ 'UserPhone',    'Telefone',    'telephoneNumber',     1, 0, 'var', '', 0 ],
		[ 'UserStreet',    'Localizacao',    'localizacao',     1, 0, 'var', '', 0 ],
		[ 'UserCity',    'Localidade',    'localidade',     1, 0, 'var', '', 0 ],
		[ 'UserZip',    'Andar',    'andar',     1, 0, 'var', '', 0 ],
		[ 'UserCountry',    'Sala',    'sala',     1, 0, 'var', '', 0 ],
		[ 'UserCI',    'Computador (BDGC)',    'sambaSID',     1, 0, 'var', 'http://otrs.trt10.jus.br/otrs/index.pl?Action=AgentITSMConfigItemSearch;Subaction=Search;ClassID=32;SearchDialog=1;LastLogin=*$Data{"UserLogin"};PreviousVersionSearch=0;ResultForm=3', 0 ],

	],

};
	

	
	
    # ---------------------------------------------------- #
    # ---------------------------------------------------- #
    #                                                      #
    #           End of your own config options!!!          #
    #                                                      #
    # ---------------------------------------------------- #
    # ---------------------------------------------------- #
}

# ---------------------------------------------------- #
# needed system stuff (don't edit this)                #
# ---------------------------------------------------- #
use strict;
use warnings;

use vars qw(@ISA $VERSION);
$VERSION = qw($Revision: 1.25 $)[1];

use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');

# -----------------------------------------------------#

1;

Post by **crythias** » 02 Jul 2013, 00:43

I'm not entirely certain what you read and how you came across this configuration. Let me copy the code from the documentation:

Code: Select all

#------------------VARIABLES-------------------#
my $BaseDN =   'o=TRT10' ; 
my $Host =   '10.10.222.91' ; 
my $SearchUserDN =   'uid=otrs,ou=sistemas,o=trt10' ; 
my $SearchUserPw =   '#####' ; 
#------------------CONFIG-----------------------#
# This is an example configuration for an LDAP auth. backend.
# (make sure Net::LDAP is installed!)
$Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host1'} = $Host;
$Self->{'Customer::AuthModule::LDAP::BaseDN1'} = $BaseDN;
$Self->{'Customer::AuthModule::LDAP::UID1'} = 'uid';

# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group xyz to use otrs)
$Self->{'Customer::AuthModule::LDAP::GroupDN1'} = 'cn=otrsallow,ou=posixGroups,dc=example,dc=com';
$Self->{'Customer::AuthModule::LDAP::AccessAttr1'} = 'memberUid';
# for ldap posixGroups objectclass (just uid)
$Self->{'Customer::AuthModule::LDAP::UserAttr1'} = 'UID';
# for non ldap posixGroups objectclass (full user dn)
#$Self->{'Customer::AuthModule::LDAP::UserAttr1'} = 'DN';

# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN1'} = $SearchUserDN;
$Self->{'Customer::AuthModule::LDAP::SearchUserPw1'} = $SearchUserPw'';

# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter1'} = '';

# in case you want to add a suffix to each customer login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
#$Self->{'Customer::AuthModule::LDAP::UserSuffix1'} = '@domain.com';

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'Customer::AuthModule::LDAP::Params1'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
};

tallesleonardo · Post by **tallesleonardo** » 02 Jul 2013, 18:40

crythias wrote:

Code: Select all

#------------------VARIABLES-------------------#
my $BaseDN =   'o=TRT10' ; 
my $Host =   '10.10.222.91' ; 
my $SearchUserDN =   'uid=otrs,ou=sistemas,o=trt10' ; 
my $SearchUserPw =   '#####' ; 
#------------------CONFIG-----------------------#
# This is an example configuration for an LDAP auth. backend.
# (make sure Net::LDAP is installed!)
$Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host1'} = $Host;
$Self->{'Customer::AuthModule::LDAP::BaseDN1'} = $BaseDN;
$Self->{'Customer::AuthModule::LDAP::UID1'} = 'uid';

# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group xyz to use otrs)
$Self->{'Customer::AuthModule::LDAP::GroupDN1'} = 'cn=otrsallow,ou=posixGroups,dc=example,dc=com';
$Self->{'Customer::AuthModule::LDAP::AccessAttr1'} = 'memberUid';
# for ldap posixGroups objectclass (just uid)
$Self->{'Customer::AuthModule::LDAP::UserAttr1'} = 'UID';
# for non ldap posixGroups objectclass (full user dn)
#$Self->{'Customer::AuthModule::LDAP::UserAttr1'} = 'DN';

# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN1'} = $SearchUserDN;
$Self->{'Customer::AuthModule::LDAP::SearchUserPw1'} = $SearchUserPw'';

# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter1'} = '';

# in case you want to add a suffix to each customer login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
#$Self->{'Customer::AuthModule::LDAP::UserSuffix1'} = '@domain.com';

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'Customer::AuthModule::LDAP::Params1'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
};

I tried with the numbers and also had no effect.
The documentation is not clear to me. I dont know if the authentication of LDAP and of the local database can be done in the same time.
In those documentations, specifically the quoted in the last post, is explained the use of more than one customer backend, but is not clear if this authentication is possible.

Post by **crythias** » 02 Jul 2013, 20:15

tallesleonardo wrote:I tried with the numbers and also had no effect.

Certainly there is some effect. Even if there is an error in the log, that counts.

tallesleonardo wrote:I dont know if the authentication of LDAP and of the local database can be done in the same time.

No, they will be done consecutively, in the order presented ("", 0-9). First match wins.

tallesleonardo · Post by **tallesleonardo** » 02 Jul 2013, 21:55

I tried the numbers. They dont make difference. In the Frontend::Customer::Auth has a field called Customer::AuthModule that it is not possible uncheck. The code is apparently correct, but the authentication only does what is checked in this field.

Post by **crythias** » 02 Jul 2013, 22:41

tallesleonardo wrote:I tried the numbers. They dont make difference.

What do the logs say?
What is your current Config.pm?
What do the logs say?

tallesleonardo · Post by **tallesleonardo** » 03 Jul 2013, 19:44

It's working now! This is the current Config.pm:

Code: Select all

# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2011 xxx, http://otrs.org/
# --
# $Id: Config.pm.dist,v 1.25 2011/09/16 10:58:28 mg Exp $
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --
#  Note:
#
#  -->> OTRS does have a lot of config settings. For more settings
#       (Notifications, Ticket::ViewAccelerator, Ticket::NumberGenerator,
#       LDAP, PostMaster, Session, Preferences, ...) see
#       Kernel/Config/Defaults.pm and copy your wanted lines into "this"
#       config file. This file will not be changed on update!
#
# --

package Kernel::Config;

use utf8;

sub Load {
    my $Self = shift;
    # ---------------------------------------------------- #
    # ---------------------------------------------------- #
    #                                                      #
    #         Start of your own config options!!!          #
    #                                                      #
    # ---------------------------------------------------- #
    # ---------------------------------------------------- #

    # ---------------------------------------------------- #
    # database settings                                    #
    # ---------------------------------------------------- #
    # DatabaseHost
    # (The database host.)
    $Self->{'DatabaseHost'} = 'localhost';
    # Database
    # (The database name.)
    $Self->{'Database'} = 'otrs';
    # DatabaseUser
    # (The database user.)
    $Self->{'DatabaseUser'} = 'otrs';
    # DatabasePw
    # (The password of database user. You also can use bin/otrs.CryptPassword.pl
    # for crypted passwords.)
    $Self->{'DatabasePw'} = '######';
    # DatabaseDSN
    # (The database DSN for MySQL ==> more: "man DBD::mysql")
    $Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";

    # (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
    # if you want to use a local socket connection
#    $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
    # if you want to use a tcpip connection
#    $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
    # if you have PostgresSQL 8.1 or earlier, activate the legacy driver with this line:
#    $Self->{DatabasePostgresqlBefore82} = 1;

    # ---------------------------------------------------- #
    # fs root directory
    # ---------------------------------------------------- #
    $Self->{Home} = '/opt/otrs';

    # ---------------------------------------------------- #
    # insert your own config settings "here"               #
    # config settings taken from Kernel/Config/Defaults.pm #
    # ---------------------------------------------------- #
    # $Self->{SessionUseCookie} = 0;
    # $Self->{CheckMXRecord} = 0;

    # ---------------------------------------------------- #

    # ---------------------------------------------------- #
    # data inserted by installer                           #
    # ---------------------------------------------------- #
    # $DIBI$
	
	########### ----------------------------------------------------------------- DB CONFIGURATION --------------------------------------------------------- ####
		# #$Self->{'Customer::AuthModule'} = 'Kernel::System::Auth::DB';
		$Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::DB';
		$Self->{'Customer::AuthModule::DB::Table1'} = 'customer_user';
		$Self->{'Customer::AuthModule::DB::CustomerKey1'} = 'login';
		$Self->{'Customer::AuthModule::DB::CustomerPassword1'} = 'pw';
		#$Self->{'DatabaseDSN1'} = "DBI:mysql:database=$Self->{otrs};host=$Self->{localhost};";
$Self->{CustomerUser1} = {
      Name => 'DB_local',
      Module => 'Kernel::System::CustomerUser::DB',
      Params => {
		DSN => 'DBI:odbc:localhot',
		Type => 'mysql',
		DSN => 'DBI:mysql:database=otrs;host=localhost',
		User => 'otrs',
		Password => '######',
		Table => 'customer_user',
	},

    # customer unique id
    CustomerKey => 'login',
    # customer #
    CustomerID => 'customer_id',
	CustomerValid => 'valid_id',
    CustomerUserListFields => ['first_name', 'last_name', 'email'],
    CustomerUserSearchFields => ['login', 'email'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
    CustomerUserSearchListLimit => 250,
    CustomerUserPostMasterSearchFields => ['email'],
    CustomerUserNameFields => ['first_name', 'last_name'],
	CustomerUserEmailUniqCheck => 1,
    Map => [
       # note: Login, Email and CustomerID needed!
       # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-127
       #[ 'UserCPF', 'CPF', 'title', 1, 1, 'var', '', 0 ],
       [ 'UserFirstname', 'Primerio Nome', 'first_name', 1, 1, 'var', '', 0 ],
       [ 'UserLastname', 'Ultimo Nome', 'last_name', 1, 1, 'var', '', 0 ],
       [ 'UserLogin', 'Usuario(CPF)', 'login', 1, 1, 'var', '', 0 ],
       [ 'UserPassword', 'Senha', 'pw', 0, 1, 'var', '', 0 ],
       [ 'UserEmail', 'Email', 'email', 0, 1, 'var', '', 0 ],
	   [ 'UserOAB', 'OAB Num.', 'comments', 0, 1, 'var', '', 0 ],
	   [ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var', '', 0 ],
	   [ 'UserCity', 'Cidade', 'city', 0, 1, 'var', '', 0 ],
	   [ 'UserState', 'Estado', 'street', 0, 1, 'var', '', 0 ],
	   [ 'UserPhone', 'Telefone', 'phone', 0, 1, 'var', '', 0 ],
       # [ 'UserEmail', 'Email', 'email', 1, 1,
       # 'var','$Env{"CGIHandle"}?Action=AgentTicketCompose&ResponseID=1&TicketID=$Data{"[ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var', '', 0 ],
       # [ 'UserCustomerIDs', 'CustomerIDs', 'customer_ids', 1, 0, 'var', '', 0 ],
       #[ 'UserComment', 'Comment', 'comments', 1, 0, 'var', '', 0 ],
       [ 'ValidID', 'Valid', 'valid_id', 0, 1, 'int', '', 0 ],
	   
    ],
	# default selections
	    Selections => {
         UserCustomerID => {
             'Normal' => 'Normal',
         },
		UserState =>  {
			'Default' => '-',
			'AC' => 'Acre',
			'AL' => 'Alagoas',
			'AM' => 'Amazonas',
			'AP' => 'Amapá',
			'BA' => 'Bahia',
			'CE' => 'Ceará',
			'DF' => 'Distrito Federal',
			'ES' => 'Espírito Santo',
			'GO' => 'Goiás',
			'MA' => 'Maranhão',
			'MT' => 'Mato Grosso',
			'MS' => 'Mato Grosso do Sul',
			'MG' => 'Minas Gerais',
			'PA' => 'Pará',
			'PB' => 'Paraíba',
			'PR' => 'Paraná',
			'PE' => 'Pernambuco',
			'PI' => 'Piauí',
			'RJ' => 'Rio de Janeiro',
			'RN' => 'Rio Grande do Norte',
			'RO' => 'Rondônia',
			'RS' => 'Rio Grande do Sul',
			'RR' => 'Roraima',
			'SC' => 'Santa Catarina',
			'SE' => 'Sergipe',
			'SP' => 'São Paulo',
			'TO' => 'Tocantins',
		},
    },

  };
		
	
	########### ----------------------------------------------------------------- LDAP CONFIGURATION --------------------------------------------------------- ####
	# customer unique id
    # 2. Customer user backend: LDAP
# (customer ldap backend and settings

#------------------VARIABLES-------------------#
my $BaseDN =   'o=TRT10' ; 
my $Host =   '10.10.222.91' ; 
my $SearchUserDN =   'uid=otrs,ou=sistemas,o=trt10' ; 
my $SearchUserPw =   '######' ; 
#------------------CONFIG-----------------------#
$Self-> {'Customer::AuthModule2'} = 'Kernel::System::CustomerAuth::LDAP';
#$Self-> {'AuthModule'} = 'Kernel :: System :: Auth :: HTTPBasicAuth';
$Self-> {'AuthModule::LDAP::Host2'} = $Host;
$Self-> {'AuthModule::LDAP::NDBase2'} = $BaseDN;
$Self-> {'AuthModule::LDAP::UID2'} = 'uid';
$Self-> {'AuthModule::LDAP::UserAttr2'} = $SearchUserDN;
$Self-> {'AuthModule::LDAP::SearchUserDN2'} = $SearchUserDN;
$Self->{'AuthModule::LDAP::SearchUserPw2'} = $SearchUserPw ;
$Self->{'AuthModule::LDAP::AlwaysFilter2'} = '(&(tipoAtendimento=*)(mail=*)(!(situacao=inativo)))';

$Self->{CustomerUser2} = {
	Name => 'LDAP SEDE',
	Module => 'Kernel::System::CustomerUser::LDAP',
	Params => {
	# ldap host
	Host => $Host,
	# ldap base dn
	BaseDN => $BaseDN,
	# search scope (one|sub)
	SSCOPE => 'sub',
	#        # The following is valid but would only be necessary if the
	#        # anonymous user does NOT have permission to read from the LDAP tree
	UserDN => $SearchUserDN,
	UserPw => $SearchUserPw,
	# in case you want to add always one filter to each ldap query, use
	# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
	AlwaysFilter => '(&(tipoAtendimento=*)(mail=*)(!(situacao=inativo)))',
	# if both your frontend and your LDAP are unicode, use this:
		   SourceCharset => 'utf-8',
		   DestCharset   => 'utf-8',
	# if your frontend is e. g. iso-8859-1 and the character set of your
	# ldap server is utf-8, use these options:
	#        SourceCharset => 'utf-8',
	#        DestCharset => 'iso-8859-1',

	# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
	Params => {
		port => 389,
		scheme => 'ldap',
		timeout => 120,
		async => 0,
		version => 3,
	},
	},
	# customer unique id
	#CustomerKey => 'uid',
	CustomerKey => 'uid',
	# customer #
	#CustomerID => 'uid',
	CustomerID => 'uid',
	#CustomerUserListFields => ['uid', 'mail'],
	CustomerUserListFields => ['trtCodFunc','displayName','uid','mail'],
	#CustomerUserSearchFields => ['uid','cn','mail'], - Para Novell
	CustomerUserSearchFields => ['trtCodFunc','displayName','mail','uid'],
	CustomerUserSearchPrefix => '',
	CustomerUserSearchSuffix => '',
	CustomerUserSearchListLimit => 3000,
	CustomerUserPostMasterSearchFields => ['mail','trtCodFunc'],
	CustomerUserNameFields => ['displayName','cn','uid'],

	# show not own tickets in customer panel, CompanyTickets
	CustomerUserExcludePrimaryCustomerID => 0,
	# add a ldap filter for valid users (expert setting)
	# admin can't change customer preferences
	AdminSetPreferences => 0,
	CacheTTL => 300,
	Map => [
		# note: Login, Email and CustomerID needed!
		# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
		#[ 'UserCodFunc', 'Codigo', 'trtCodFunc',            1, 0, 'var', '', 0 ],
		[ 'UserTitle',      'Codigo Funcionario', 'trtCodFunc',           1, 1, 'var', '', 0 ],
		[ 'UserFirstname',  'Firstname',  'displayName',       1, 1, 'var', '', 0 ],
		[ 'UserLastname',   'Lastname',   '',              1, 1, 'var', '', 0 ],
		[ 'UserLogin',      'Username',   'uid',             1, 1, 'var', 'http://otrs.trt10.jus.br/otrs/index.pl?Action=AdminCustomerUser;Subaction=Change;ID=$Data{"UserLogin"};Search=%2A;Nav=Agent', 0 ],
		[ 'UserEmail',      'Email',      'mail',            1, 1, 'var', '', 0 ],
		[ 'UserCustomerID', 'CustomerID', 'tipoAtendimento',            1, 1, 'var', '', 0 ],
		[ 'UserComment',    'Codigo Unico',    'codigoUnico',     1, 0, 'var', '', 0 ],
		[ 'UserLotacao',    'Lotacao',    'trtLotacao',     1, 0, 'var', '', 0 ],
		[ 'UserPhone',    'Telefone',    'telephoneNumber',     1, 0, 'var', '', 0 ],
		[ 'UserStreet',    'Localizacao',    'localizacao',     1, 0, 'var', '', 0 ],
		[ 'UserCity',    'Localidade',    'localidade',     1, 0, 'var', '', 0 ],
		[ 'UserZip',    'Andar',    'andar',     1, 0, 'var', '', 0 ],
		[ 'UserCountry',    'Sala',    'sala',     1, 0, 'var', '', 0 ],
		[ 'UserCI',    'Computador (BDGC)',    'sambaSID',     1, 0, 'var', 'http://otrs.trt10.jus.br/otrs/index.pl?Action=AgentITSMConfigItemSearch;Subaction=Search;ClassID=32;SearchDialog=1;LastLogin=*$Data{"UserLogin"};PreviousVersionSearch=0;ResultForm=3', 0 ],

	],

};
	

	
	
    # ---------------------------------------------------- #
    # ---------------------------------------------------- #
    #                                                      #
    #           End of your own config options!!!          #
    #                                                      #
    # ---------------------------------------------------- #
    # ---------------------------------------------------- #
}

# ---------------------------------------------------- #
# needed system stuff (don't edit this)                #
# ---------------------------------------------------- #
use strict;
use warnings;

use vars qw(@ISA $VERSION);
$VERSION = qw($Revision: 1.25 $)[1];

use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');

# -----------------------------------------------------#

1;

The error was in:

Code: Select all

        $Self->{'Customer::AuthModule::DB::CustomerKey1'} = 'login';
        $Self->{'Customer::AuthModule::DB::CustomerPassword1'} = 'pw';

I was putting wrong the values. I put the value of 'login' and 'pw' rather than to put the respective name of the columns on database.

Thanks for help!

Znuny and ((OTRS)) Community Edition

Using more than one customer backend

Using more than one customer backend

Re: Using more than one customer backend

Re: Using more than one customer backend

Re: Using more than one customer backend

Re: Using more than one customer backend

Re: Using more than one customer backend

Re: Using more than one customer backend

Re: Using more than one customer backend

Re: Using more than one customer backend

Re: Using more than one customer backend

Re: Using more than one customer backend