Alguien a conectado mas de 5 Dominios en OTRS..
Ya hice la siguiente conexion en OTRS y si me hace la conexion y me da los datos de los usuarios pero no me deja crear tickets
CustomerUser
# (customer user ldap backend and settings)
# $Self->{CustomerUser} = {
# Name => 'LDAP Backend',
# Module => 'Kernel::System::CustomerUser::LDAP',
# Params => {
# # ldap host
# Host => 'bay.csuhayward.edu',
# # ldap base dn
# BaseDN => 'ou=seas,o=csuh',
# # search scope (one|sub)
# SSCOPE => 'sub',
# # The following is valid but would only be necessary if the
# # anonymous user does NOT have permission to read from the LDAP tree
# UserDN => '',
# UserPw => '',
# # in case you want to add always one filter to each ldap query, use
# # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
# AlwaysFilter => '',
# # if the charset of your ldap server is iso-8859-1, use this:
# # SourceCharset => 'iso-8859-1',
# # die if backend can't work, e. g. can't connect to server
# Die => 0,
# # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
# Params => {
# port => 389,
# timeout => 120,
# async => 0,
# version => 3,
# },
# },
# # customer unique id
# CustomerKey => 'uid',
# # customer #
# CustomerID => 'mail',
# CustomerUserListFields => ['cn', 'mail'],
# CustomerUserSearchFields => ['uid', 'cn', 'mail'],
# CustomerUserSearchPrefix => '',
# CustomerUserSearchSuffix => '*',
# CustomerUserSearchListLimit => 250,
# CustomerUserPostMasterSearchFields => ['mail'],
# CustomerUserNameFields => ['givenname', 'sn'],
# # show now own tickets in customer panel, CompanyTickets
# CustomerUserExcludePrimaryCustomerID => 0,
# # add a ldap filter for valid users (expert setting)
# # CustomerUserValidFilter => '(!(description=gesperrt))',
# # admin can't change customer preferences
# AdminSetPreferences => 0,
# # cache time to live in sec. - cache any ldap queries
# CacheTTL => 0,
# Map => [
# # note: Login, Email and CustomerID needed!
# # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
# [ 'UserTitle', 'Title', 'title', 1, 0, 'var', '', 0 ],
# [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
# [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
# [ 'UserLogin', 'Username', 'uid', 1, 1, 'var', '', 0 ],
# [ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
# [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
# # [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
# [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
# [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
# [ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
# ],
# };
Me pueden ayudar a conectar dos o mas dominios y guiarme por que no me deja crear tickets
Conexion LDAP
-
- Znuny newbie
- Posts: 39
- Joined: 06 Apr 2016, 17:18
- Znuny Version: 6.0.4
- Real Name: Jazmin Medina
- Company: Private
Re: Conexion LDAP
Realice un cambio en el código y esta de la siguiente manera:
# Bind credentials to log into AD
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'usr_ldap-r@bepensa.local';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'No te la dig0';
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
$Self->{'AuthModule::LDAP::AlwaysFilter'} = '(objectclass=user)';
# in case you want to add a suffix to each login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
#$Self->{'AuthModule::LDAP::UserSuffix'} = '';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
sscope => 'sub'
};
# Now sync data with OTRS DB
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = '10.20.129.206';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=bepensa, dc=local';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'usr_ldap-r@bepensa.local';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'No te la dig0';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
# AuthSyncModule::LDAP::UserSyncInitialGroups
# (sync following group with rw permission after initial create of first agent
# login)
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
'customer_user',
];
#Enable LDAP authentication for Customers / Users
$SELF->{'CUSTOMER::AUTHMODULE'} = 'KERNEL::SYSTEM::CUSTOMERAUTH::LDAP';
$SELF->{'CUSTOMER::AUTHMODULE::LDAP::HOST'} = '10.20.129.206';
$SELF->{'CUSTOMER::AUTHMODULE::LDAP::BASEDN'} = 'DC=BEPENSA,DC=LOCAL';
$SELF->{'CUSTOMER::AUTHMODULE::LDAP::UID'} = 'SAMACCOUNTNAME';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'usr_ldap-r@bepensa.local';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'No te la dig0';
# CustomerUser
# (customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '10.20.129.206',
BaseDN => 'DC=bepensa,DC=local',
SSCOPE => 'sub',
UserDN =>'usr_ldap-r@bepensa.local',
UserPw => 'No te la dig0',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
Mi duda surge se tendrá que repetir el código tantas veces requiera un nuevo LDAP conectado
# Bind credentials to log into AD
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'usr_ldap-r@bepensa.local';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'No te la dig0';
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
$Self->{'AuthModule::LDAP::AlwaysFilter'} = '(objectclass=user)';
# in case you want to add a suffix to each login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
#$Self->{'AuthModule::LDAP::UserSuffix'} = '';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
sscope => 'sub'
};
# Now sync data with OTRS DB
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = '10.20.129.206';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=bepensa, dc=local';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'usr_ldap-r@bepensa.local';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'No te la dig0';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
# AuthSyncModule::LDAP::UserSyncInitialGroups
# (sync following group with rw permission after initial create of first agent
# login)
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
'customer_user',
];
#Enable LDAP authentication for Customers / Users
$SELF->{'CUSTOMER::AUTHMODULE'} = 'KERNEL::SYSTEM::CUSTOMERAUTH::LDAP';
$SELF->{'CUSTOMER::AUTHMODULE::LDAP::HOST'} = '10.20.129.206';
$SELF->{'CUSTOMER::AUTHMODULE::LDAP::BASEDN'} = 'DC=BEPENSA,DC=LOCAL';
$SELF->{'CUSTOMER::AUTHMODULE::LDAP::UID'} = 'SAMACCOUNTNAME';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'usr_ldap-r@bepensa.local';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'No te la dig0';
# CustomerUser
# (customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '10.20.129.206',
BaseDN => 'DC=bepensa,DC=local',
SSCOPE => 'sub',
UserDN =>'usr_ldap-r@bepensa.local',
UserPw => 'No te la dig0',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
Mi duda surge se tendrá que repetir el código tantas veces requiera un nuevo LDAP conectado
-
- Znuny newbie
- Posts: 10
- Joined: 06 Sep 2016, 15:57
- Znuny Version: 5.0.23
- Real Name: Carlos Pernia
Re: Conexion LDAP
Hola!
Yo estoy tratando de configurar un solo dominio, en que archivo se coloca esta configuración? yo lo estaba haciendo en el config.pm
Muchas Gracias
Yo estoy tratando de configurar un solo dominio, en que archivo se coloca esta configuración? yo lo estaba haciendo en el config.pm
Muchas Gracias
-
- Znuny newbie
- Posts: 39
- Joined: 06 Apr 2016, 17:18
- Znuny Version: 6.0.4
- Real Name: Jazmin Medina
- Company: Private
Re: Conexion LDAP
Si es correcto lo añado en Config.pm