freebsd 9, OTRS 3
настроена авторизация клиентов
Код: Выделить всё
# Authenticate customer users against an LDAP backend #
$Self->{CustomerUser} = {
Name => 'Active Directory',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '192.168.0.8',
BaseDN => 'dc=LOCAL,dc=PHYSTECH',
SSCOPE => 'sub',
UserDN => 'CN=otrsadmin,OU=ITO,OU=Office,dc=LOCAL,dc=PHYSTECH',
UserPw => '****',
AlwaysFilter => '(&(objectcategory=person)(objectclass=user)(mail=*)(!(description=built-In))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))',
SourceCharset => 'utf-8',
DestCharset => 'utf-8',
},
ReadOnly => 1,
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['givenname', 'sn', 'mail'],
CustomerUserSearchFields => ['displayName','sAMAccountName','givenName', 'sn', 'mail','description'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserPostMasterSearchFields => ['displayName','sAMAccountName','givenName','sn','mail','description'],
CustomerUserNameFields => ['givenname', 'sn'],
CustomerUserExcludePrimaryCustomerID => 0,
CacheTTL => 120,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenName', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephoneNumber', 1, 0, 'var' ],
[ 'UserAddress', 'Address', 'postalAddress', 1, 0, 'var' ],
[ 'UserStreet', 'Street', 'streetAddress', 1, 0, 'var' ],
[ 'UserCity', 'City', 'l', 1, 0, 'var' ],
[ 'UserZip', 'ZIP', 'postalCode', 1, 0, 'var' ],
[ 'UserCountry', 'Country', 'co', 1, 0, 'var' ],
[ 'UserComment', 'Comment', 'wWWHomePage', 1, 0, 'var' ],
],
};
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '192.168.0.8';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=LOCAL,DC=PHYSTECH';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=otrsadmin,OU=ITO,OU=Office,DC=LOCAL,DC=PHYSTECH';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '***';
в конфиге указан поиск пользователей по всему домену, в домене пользователи раскинуты по разным OU. может ли это являться причиной? OTRS видит 2-х пользователей из разных OU.