May 13 23:15:28 otrs OTRS-CGI-10[10929]: [Error][Kernel::System::CustomerAuth::LDAP::Auth][Line:284]: Search failed! base='cn=otrsallow,ou=Groups,dc=exemple,dc=ro', filter='(member=CN=Silviu Silaghi,OU=IT,DC=example,DC=ro)', Success

$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'dc.exemple.ro';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=exemple,dc=ro';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group xyz to use otrs)

$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=otrsallow,ou=Groups,dc=exemple,dc=ro';
$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';

# for ldap posixGroups objectclass (just uid)

$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';

# for non ldap posixGroups objectclass (full user dn)
# $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree

$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'otrs';

# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => .(mail=*). or AlwaysFilter => .(objectclass=user).

$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '';

# in case you want to add a suffix to each customer login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)

$Self->{'Customer::AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};