estimados,
configure LDAP (Active directory) para los agentes y funciona correctamente, me gustaria poder hacer lo mismo pero para los clientes.
favor ayudar
configurar LDAP para clientes
-
- Znuny newbie
- Posts: 2
- Joined: 06 Aug 2010, 15:09
- Znuny Version: 2.4.7
Re: configurar LDAP para clientes
Espero que esto te sirva:
# ---------------------------------------------------- #
# LDAP configuracion para usuarios #
# ---------------------------------------------------- #
#Enable LDAP authentication for Customers / Users
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'xxx.xxx.xxx.xxx';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=xxxxxxx,dc=xxxxxxxxx,dc=xxxxxxx';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#The following is valid but would only be necessary if the
#anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = xxxxxxxxxxxx\\xxxxxxxxxx';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = xxxxxxxxxxx';
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'xxx.xxx.xxx.xxx',
BaseDN => 'ou=xxxxxxxxx,dc=xxxxxxxxxx,dc=xxxxxxxx',
SSCOPE => 'sub',
UserDN => 'xxxxxxxxxxxx\\xxxxxxxxxx',
UserPw => 'xxxxxxxxxxxxx',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
#Add the following lines when only users are allowed to login if they reside in the spicified security group
#Remove these lines if you want to provide login to all users specified in the User Base DN
#example: $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=BaseOU, dc=example, dc=com';
##$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'CN=otrs_ldap_allow_C,OU=Groups,OU=BaseOU,DC=example,DC=com';
##$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
##$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'
# ---------------------------------------------------- #
# LDAP configuracion para usuarios #
# ---------------------------------------------------- #
#Enable LDAP authentication for Customers / Users
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'xxx.xxx.xxx.xxx';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=xxxxxxx,dc=xxxxxxxxx,dc=xxxxxxx';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#The following is valid but would only be necessary if the
#anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = xxxxxxxxxxxx\\xxxxxxxxxx';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = xxxxxxxxxxx';
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'xxx.xxx.xxx.xxx',
BaseDN => 'ou=xxxxxxxxx,dc=xxxxxxxxxx,dc=xxxxxxxx',
SSCOPE => 'sub',
UserDN => 'xxxxxxxxxxxx\\xxxxxxxxxx',
UserPw => 'xxxxxxxxxxxxx',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
#Add the following lines when only users are allowed to login if they reside in the spicified security group
#Remove these lines if you want to provide login to all users specified in the User Base DN
#example: $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=BaseOU, dc=example, dc=com';
##$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'CN=otrs_ldap_allow_C,OU=Groups,OU=BaseOU,DC=example,DC=com';
##$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
##$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'
Re: configurar LDAP para clientes
Evaluation/pilot: OTRS 2.4.7 on Linux (CentOS 5.4) with MySQL database connected to an Active Directory for Agents and Customers.
Re: configurar LDAP para clientes
Tengo problemas con la integración LDAP del Active Directory para la versión 3.0 sobre Windows.
He cambiado los parámetros desde la interfaz web, pero los Clientes siguen apuntando a la Base de Datos y no al LDAP.
Por que puede ser que no me tome los cambios?
Gracias,
Diego
He cambiado los parámetros desde la interfaz web, pero los Clientes siguen apuntando a la Base de Datos y no al LDAP.
Por que puede ser que no me tome los cambios?
Gracias,
Diego