ejm de la distribucion del directorio:
- (unidad)OU=Peru
--- (subunidad)OU=Lima
--- (subunidad)OU=Callao
--- (subunidad)OU=Arequipa
- (unidad)OU=Chile
--- (subunidad)OU=Santiago
- (directorio)CD=Users
este es un modelo del archivo de configuracion que estoy usando:
Code: Select all
# ---------------------------------------------------- #
# LDAP configuracion para usuarios #
# ---------------------------------------------------- #
#Enable LDAP authentication for Customers / Users
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'serv-soporte.dominio.local';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'OU=Peru,DC=dominio,DC=local';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#The following is valid but would only be necessary if the
#anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'ldap_otrs';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '123456789';
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'serv-soporte.dominio.local',
BaseDN => 'OU=Peru,DC=dominio,DC=local',
SSCOPE => 'sub',
UserDN =>'ldap_otrs',
UserPw => '123456789',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 750, #mas busquedas
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserComment', 'Description', 'description', 1, 0, 'var' ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
[ 'UserMobile', 'Mobile', 'mobile', 1, 0, 'var', '', 0 ], #ingresado
[ 'UserFax', 'Localizador', 'pager', 1, 0, 'var', '', 0 ], #ingresado
[ 'Anexo', 'Anexo', 'ipPhone', 1, 0, 'var', '', 0 ], #ingresado
[ 'Department', 'Area', 'department', 1, 0, 'var', '', 0 ], #ingresado
[ 'UserRoom', 'Dirección', 'physicalDeliveryOfficeName', 1, 0, 'var', '', 0 ],
],
};
Code: Select all
[Mon Jan 31 13:04:16 2011][Error][Kernel::System::CustomerUser::LDAP::new][151] First bind failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece-NULL
[Mon Jan 31 13:04:16 2011][Error][Kernel::System::CustomerUser::LDAP::new][151] First bind failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece-NULL
[Mon Jan 31 13:04:16 2011][Error][Kernel::System::CustomerUser::LDAP::new][151] First bind failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece-NULL
[Mon Jan 31 13:04:16 2011][Error][Kernel::System::CustomerAuth::LDAP::Auth][193] First bind failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece-NULL