Нужна авторизация клиентов через AD. DC работают под Windows 2008r2. OTRS работает на windows 2003 в домене.
На данный момент конфиг выглядит так:
Код: Выделить всё
package Kernel::Config;
use utf8;
sub Load {
my $Self = shift;
$Self->{'DatabaseHost'} = 'localhost';
$Self->{'Database'} = 'otrs';
$Self->{'DatabaseUser'} = 'otrs';
$Self->{'DatabasePw'} = 'hot';
$Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
$Self->{Home} = 'C:/PROGRA~1/OTRS/OTRS';
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'serverpdc.telecom.local';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=telecom,dc=local';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=otrs,OU=Users,DC=telecom,DC=local';
$Self->{'AuthModule::LDAP::SearchUserPw'} = '123';
$Self->{CustomerUser} = {
Name => 'Active Directory',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'serverpdc.telecom.local',
BaseDN => 'dc=telecom,dc=local',
SSCOPE => 'sub',
UserDN => 'CN=otrs,OU=Users,DC=telecom,DC=local',
UserPw => '123',
AlwaysFilter => '',
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
}
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['sn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName','sn', 'mail'],
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CustomerUserExcludePrimaryCustomerID => 0,
AdminSetPreferences => 0,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenName', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
],
};
$Self->{LogModule} = 'Kernel::System::Log::File';
$Self->{LogModule::LogFile} = 'C:/PROGRA~1/OTRS/OTRS/var/log/otrs.log';
}
use strict;
use warnings;
use vars qw(@ISA $VERSION);
$VERSION = qw($Revision: 1.25 $)[1];
use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');
1;
Код: Выделить всё
[Wed Feb 29 16:39:18 2012][Error][Kernel::System::CustomerUser::LDAP::_Connect][197] First bind failed! 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1
что можно сделать с этим?