Skip to content

OTRS (3.3) with LDAP Zimbra (8.5) – Customer Authentication

November 21, 2014

Below is the code, it works for me

# — Customer —
$Self->{‘Customer::AuthModule’} =’Kernel::System::CustomerAuth::LDAP’;
$Self->{‘Customer::AuthModule::LDAP::Host’} = ‘mail.domain.co.ix’;
$Self->{‘Customer::AuthModule::LDAP::BaseDN’} =’dc=domain,dc=co,dc=ix’;
$Self->{‘Customer::AuthModule::LDAP::UID’} = ‘uid’;
$Self->{‘Customer::AuthModule::LDAP::SearchUserDN’} =’uid=zimbra,cn=admins,cn=zimbra’;
$Self->{‘Customer::AuthModule::LDAP::SearchUserPw’} =’YOUR_PASSWORD’;

$Self->{CustomerUser} = {
Module => ‘Kernel::System::CustomerUser::LDAP’,
Params => {
# ldap host
Host => ‘mail.domain.co.ix’,
# ldap base dn
BaseDN => ‘ou=people,dc=domain,dc=co,dc=ix’,
# search scope (one|sub)
SSCOPE => ‘sub’,
# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the LDAP tree
UserDN => ‘uid=zimbra,cn=admins,cn=zimbra’,
UserPw => ‘YOUR_PASSWORD’,
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => ‘(mail=*)’ or AlwaysFilter => ‘(objectclass=user)’
#AlwaysFilter => ”,
# if your frontend is e. g. iso-8859-1 and the charset of your
# ldap server is utf-8, use these options.
# SourceCharset => ‘utf-8’,
# DestCharset => ‘iso-8859-1’,
# if both your frontend and your LDAP are unicode, use this:
# SourceCharset => ‘utf-8’,
# DestCharset   => ‘utf-8’,
# Net::LDAP new params (if needed – for more info see perldoc Net::LDAP)
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},

# customer unique id
CustomerKey => ‘uid’,
# customer #
CustomerID => ‘mail’,
CustomerUserListFields => [‘cn’, ‘mail’],
CustomerUserSearchFields => [‘uid’, ‘cn’, ‘mail’],
CustomerUserSearchPrefix => ”,
CustomerUserSearchSuffix => ‘*’,
CustomerUserSearchListLimit => 400,
CustomerUserPostMasterSearchFields => [‘mail’],
CustomerUserNameFields => [‘givenname’, ‘sn’],
# show not own tickets in customer panel, CompanyTickets
CustomerUserExcludePrimaryCustomerID => 0,
# add an ldap filter for valid users (expert setting)
# CustomerUserValidFilter => ‘(!(description=locked))’,
# administrator can’t change customer preferences
AdminSetPreferences => 0,
#    # cache time to live in sec. – cache any database queries
#    CacheTTL => 0,
Map => [
# note: Login, Email and CustomerID are mandatory!
# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
[ ‘UserSalutation’, ‘Title’,      ‘title’,           1, 0, ‘var’, ”, 0 ],
[ ‘UserFirstname’,  ‘Firstname’,  ‘givenname’,       1, 1, ‘var’, ”, 0 ],
[ ‘UserLastname’,   ‘Lastname’,   ‘sn’,              1, 1, ‘var’, ”, 0 ],
[ ‘UserLogin’,      ‘Username’,   ‘uid’,             1, 1, ‘var’, ”, 0 ],
[ ‘UserEmail’,      ‘Email’,      ‘mail’,            1, 1, ‘var’, ”, 0 ],
[ ‘UserCustomerID’, ‘CustomerID’, ‘mail’,            0, 1, ‘var’, ”, 0 ],
#        [ ‘UserCustomerIDs’, ‘CustomerIDs’, ‘second_customer_ids’, 1, 0, ‘var’, ”, 0 ],
[ ‘UserPhone’,      ‘Phone’,      ‘telephonenumber’, 1, 0, ‘var’, ”, 0 ],
[ ‘UserAddress’,    ‘Address’,    ‘postaladdress’,   1, 0, ‘var’, ”, 0 ],
[ ‘UserComment’,    ‘Comment’,    ‘description’,     1, 0, ‘var’, ”, 0 ],
],
};

my environment: :

OS Centos 6.5

OTRS 3.3

Zimbra 8.5

a bit modification from here

From → Linux

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: