Hi all,
I want to authenticate customers from the LDAP (Active Directory 2003), but I still get this error:
Code:
May 13 23:15:28 otrs OTRS-CGI-10[10929]: [Error][Kernel::System::CustomerAuth::LDAP::Auth][Line:284]: Search failed! base='cn=otrsallow,ou=Groups,dc=exemple,dc=ro', filter='(member=CN=Silviu Silaghi,OU=IT,DC=example,DC=ro)', Success
this is my Kernel/Config.pl:
Code:
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'dc.exemple.ro';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=exemple,dc=ro';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group xyz to use otrs)
$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=otrsallow,ou=Groups,dc=exemple,dc=ro';
$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
# for ldap posixGroups objectclass (just uid)
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';
# for non ldap posixGroups objectclass (full user dn)
# $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'otrs';
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => .(mail=*). or AlwaysFilter => .(objectclass=user).
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '';
# in case you want to add a suffix to each customer login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'Customer::AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
I have created the user otrs in AD with password otrs and the group otrsallow
I have ran out of ideas
Thanks in advanced