0
我刚刚完成了OTRS-3.2.10-02.noarch.rpm的安装,现在我试图将它连接到基于Windows Server 2003 SP2的Active Directory (LDAP)。下面是我的配置的内容(从/opt/otrs/Kernel/Config.pm):如何通过ldap验证OTRS用户(Active Directory Windows Server 2003)
# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2013 OTRS AG, http://otrs.org/
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --
# Note:
#
# -->> Most OTRS configuration should be done via the OTRS web interface
# and the SysConfig. Only for some configuration, such as database
# credentials and customer data source changes, you should edit this
# file. For changes do customer data sources you can copy the definitions
# from Kernel/Config/Defaults.pm and paste them in this file.
# Config.pm will not be overwritten when updating OTRS.
# --
package Kernel::Config;
use strict;
use warnings;
use utf8;
sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# The database host
$Self->{'DatabaseHost'} = 'localhost';
# The database name
$Self->{'Database'} = 'otrs';
# The database user
$Self->{'DatabaseUser'} = 'otrsadmin';
# The password of database user. You also can use bin/otrs.CryptPassword.pl
# for crypted passwords
$Self->{'DatabasePw'} = '76ynhi0r';
# The database DSN for MySQL ==> more: "perldoc DBD::mysql"
$Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# The database DSN for PostgreSQL ==> more: "perldoc DBD::Pg"
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a TCP/IP connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# if you have PostgresSQL 8.1 or earlier, activate the legacy driver with this line:
# $Self->{DatabasePostgresqlBefore82} = 1;
# The database DSN for Microsoft SQL Server - only supported if OTRS is
# installed on Windows as well
# $Self->{DatabaseDSN} = "DBI:ODBC:driver={SQL Server};Database=$Self->{Database};Server=$Self->{DatabaseHost},1433";
# The database DSN for Oracle ==> more: "perldoc DBD::oracle"
# $ENV{ORACLE_HOME} = '/u01/app/oracle/product/10.2.0/client_1';
# $ENV{NLS_DATE_FORMAT} = 'YYYY-MM-DD HH24:MI:SS';
# $ENV{NLS_LANG} = "american_america.utf8";
# $Self->{DatabaseDSN} = "DBI:Oracle:sid=OTRS;host=$Self->{DatabaseHost};port=1522;";
# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = '/opt/otrs';
# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{CheckMXRecord} = 0;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #
$DIBI$
# This is an example configuration for an LDAP auth. backend.
# (take care that Net::LDAP is installed!)
$Self->{AuthModule1} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host1'} = '192.168.10.10';
$Self->{'AuthModule::LDAP::BaseDN1'} = 'dc=mydomain,dc=com, dc=pk';
$Self->{'AuthModule::LDAP::UID1'} = 'sAMAccountName';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthModule::LDAP::SearchUserDN1'} = 'CN=otrs search,OU=Users,OU=MACPAK,DC=mydomain,DC=com,DC=pk';
$Self->{'AuthModule::LDAP::SearchUserPw1'} = '76Ynhi0r';
# In case you need to use OTRS in iso-charset, you can define this
# by using this option (converts utf-8 data from LDAP to iso).
# $Self->{'AuthModule::LDAP::Charset'} = 'iso-8859-1';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
# --------------------------------------------------- #
# authentication sync settings #
# (enable agent data sync. after succsessful #
# authentication) #
# --------------------------------------------------- #
# This is an example configuration for an LDAP auth sync. backend.
# (take care that Net::LDAP is installed!)
$Self->{AuthSyncModule1} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host1'} = '192.168.10.10';
$Self->{'AuthSyncModule::LDAP::BaseDN1'} = 'dc=mydomain,dc=com,dc=pk';
$Self->{'AuthSyncModule::LDAP::UID1'} = 'sAMAccountName';
# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthSyncModule::LDAP::SearchUserDN1'} = 'CN=otrs search,OU=Users,OU=MACPAK,DC=mydomain,DC=com,DC=pk';
$Self->{'AuthSyncModule::LDAP::SearchUserPw1'} = '76Ynhi0r';
# AuthSyncModule::LDAP::UserSyncMap
# (map if agent should create/synced from LDAP to DB after successful login)
$Self->{'AuthSyncModule::LDAP::UserSyncMap1'} = {
# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
# In case you need to use OTRS in iso-charset, you can define this
# by using this option (converts utf-8 data from LDAP to iso).
# $Self->{'AuthSyncModule::LDAP::Charset'} = 'iso-8859-1';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
# $Self->{'AuthSyncModule::LDAP::Params'} = {
# port => 389,
# timeout => 120,
# async => 0,
# version => 3,
# };
#Enable LDAP authentication for Customers/Users
$Self->{'Customer::AuthModule2'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host2'} = '192.168.10.10';
$Self->{'Customer::AuthModule::LDAP::BaseDN2'} = 'dc=mydomain,dc=com,dc=pk';
$Self->{'Customer::AuthModule::LDAP::UID2'} = 'sAMAccountName';
#The following is valid but would only be necessary if the
#anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN2'} = 'CN=otrs search,OU=Users,OU=MACPAK,DC=mydomain,DC=com,DC=pk';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw2'} = '76Ynhi0r';
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '192.168.10.10',
BaseDN => 'dc=mydomain,dc=com,dc=pk,
SSCOPE => 'sub',
UserDN =>'CN=otrs search,OU=Users,OU=MACPAK,DC=mydomain,DC=com,DC=pk',
UserPw => '76Ynhi0r',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
#Add the following lines when only users are allowed to login if they reside in the spicified security group
#Remove these lines if you want to provide login to all users specified in the User Base DN
#example: $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=BaseOU, dc=example, dc=com';
$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'CN=otrs search,OU=Users,OU=MACPAK,DC=mydomain,DC=com,DC=pk';
$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'memberUid';
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID'
# Die if backend can't work, e. g. can't connect to server.
# $Self->{'AuthSyncModule::LDAP::Die'} = 1;
# Die if backend can't work, e. g. can't connect to server.
# $Self->{'AuthModule::LDAP::Die'} = 1;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# end of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
}
# ---------------------------------------------------- #
# needed system stuff (don't edit this) #
# ---------------------------------------------------- #
use strict;
use warnings;
use vars qw(@ISA);
use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');
# -----------------------------------------------------#;
1;
After this, I am no more able to connect my orts with http://192.168.10.15/otrs/index.pl and when use
猫的/ var /日志/的httpd/error_log中|尾部
其输出是;
[[email protected] ~]# cat /var/log/httpd/error_log | tail
[Fri Aug 30 21:55:36 2013] Config.pm: (Missing operator before $;?)
[Fri Aug 30 21:55:36 2013] Config.pm: Scalar found where operator expected at /opt/otrs//Kernel/Config.pm line 89, near "$;
[Fri Aug 30 21:55:36 2013] Config.pm:
[Fri Aug 30 21:55:36 2013] Config.pm: # This is an example configuration for an LDAP auth. backend.
[Fri Aug 30 21:55:36 2013] Config.pm: # (take care that Net::LDAP is installed!)
[Fri Aug 30 21:55:36 2013] Config.pm:
[Fri Aug 30 21:55:36 2013] Config.pm: $Self"
[Fri Aug 30 21:55:36 2013] Config.pm: (Missing operator before $Self?)
[Fri Aug 30 21:55:36 2013] [error] Illegal declaration of subroutine Kernel::Config:: at /opt/otrs//Kernel/Config.pm line 176.\nCompilation failed in require at /opt/otrs/scripts/apache2-perl-startup.pl line 68.\nBEGIN failed--compilation aborted at /opt/otrs/scripts/apache2-perl-startup.pl line 68.\nCompilation failed in require at (eval 2) line 1.\n
[Fri Aug 30 21:55:36 2013] [error] Can't load Perl file: /opt/otrs/scripts/apache2-perl-startup.pl for server macpk-manage.macrosoftinc.com.pk:80, exiting...
我也尝试重新启动httpd服务,但它失败,甚至当我重新启动的CentOS 6.4,它显示的httpd无法运行,Aanyhelp将得到高度赞赏和感谢提前;
感谢MichielB, 我就跑您提供的命令,在这里是输出;( –