斗鱼卡卡全名:OTRS Windows Active Directory 帐号同步实践参考一例

来源：百度文库编辑：中财网时间：2024/05/06 04:58:51

以下为厦门吉之特网络技术有限公司的OTRS 配置文件参考，密码已和谐，重点部分已用蓝色字体标识出来

[root@otrs3 Kernel]# cat Config.pm# --# Kernel/Config.pm - Config file for OTRS kernel# Copyright (C) 2001-2010 OTRS AG, http://otrs.org/# --# $Id: Config.pm.dist,v 1.23 2010/01/13 22:25:00 martin Exp $# --# This software comes with ABSOLUTELY NO WARRANTY. For details, see# the enclosed file COPYING for license information (AGPL). If you# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.# --# Note:## -->> OTRS does have a lot of config settings. For more settings# (Notifications, Ticket::ViewAccelerator, Ticket::NumberGenerator,# LDAP, PostMaster, Session, Preferences, ...) see# Kernel/Config/Defaults.pm and copy your wanted lines into "this"# config file. This file will not be changed on update!## --
package Kernel::Config;
sub Load { my $Self = shift; # ---------------------------------------------------- # # ---------------------------------------------------- # # # # Start of your own config options!!! # # # # ---------------------------------------------------- # # ---------------------------------------------------- #
# ---------------------------------------------------- # # database settings # # ---------------------------------------------------- # # DatabaseHost # (The database host.) $Self->{'DatabaseHost'} = 'localhost'; # Database # (The database name.) $Self->{'Database'} = 'otrs'; # DatabaseUser # (The database user.) $Self->{'DatabaseUser'} = 'otrs'; # DatabasePw # (The password of database user. You also can use bin/otrs.CryptPassword.pl # for crypted passwords.) $Self->{'DatabasePw'} = '密码已和谐'; # DatabaseDSN # (The database DSN for MySQL ==> more: "man DBD::mysql") $Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# (The database DSN for PostgreSQL ==> more: "man DBD::Pg") # if you want to use a local socket connection# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};"; # if you want to use a tcpip connection# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# ---------------------------------------------------- # # fs root directory # ---------------------------------------------------- # $Self->{Home} = '/opt/otrs';
# ---------------------------------------------------- # # insert your own config settings "here" # # config settings taken from Kernel/Config/Defaults.pm # # ---------------------------------------------------- # # $Self->{SessionUseCookie} = 0; # $Self->{CheckMXRecord} = 0;
# ---------------------------------------------------- #
# ---------------------------------------------------- # # data inserted by installer # # ---------------------------------------------------- # # $DIBI$ $Self->{'DefaultCharset'} = 'utf-8';
#Enable LDAP authentication for Customers / Users 这里配置客户的AD帐号集成 $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = '10.2.50.100'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'cn=users,dc=woobest,dc=com'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#The following is valid but would only be necessary if the 这里配置获取AD目录与用户数据的查询帐号#anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrsldap'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '密码已和谐';
#CustomerUser#(customer user database backend and settings)
$Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => '10.2.50.100', BaseDN => 'cn=users,dc=woobest,dc=com', SSCOPE => 'sub', UserDN =>'otrsldap', UserPw => '密码已和谐', SourceCharset => 'utf-8', DestCharset => 'utf-8',},# customer unique id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'mail', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'],
Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], ], };
# An configuration for an LDAP auth. backend. 这里配置支持人员的AD帐号验证# (Make sure Net::LDAP is installed!)$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';$Self->{'AuthModule::LDAP::Host'} = '10.2.50.100';$Self->{'AuthModule::LDAP::BaseDN'} = 'cn=users,dc=woobest,dc=com';$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
# The following is valid but would only be necessary if the# anonymous user do NOT have permission to read from the LDAP tree$Self->{'AuthModule::LDAP::SearchUserDN'} = 'otrsldap';$Self->{'AuthModule::LDAP::SearchUserPw'} = '密码已和谐';
# UserSyncLDAPMap# (map if agent should create/synced from LDAP to DB after login) $Self->{UserSyncLDAPMap} = { # DB -> LDAP UserFirstname => 'givenName', UserLastname => 'sn', UserEmail => 'mail', };# UserTable $Self->{DatabaseUserTable} = 'users'; $Self->{DatabaseUserTableUserID} = 'id'; $Self->{DatabaseUserTableUserPW} = 'pw'; $Self->{DatabaseUserTableUser} = 'login';
#Add the following lines when only users are allowed to login if they reside in the spicified security group#Remove these lines if you want to provide login to all users specified in the User Base DN $Self->{'AuthModule::LDAP::GroupDN'} = 'cn=ITS,cn=users,dc=woobest,dc=com'; $Self->{'AuthModule::LDAP::AccessAttr'} = 'member'; $Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)$Self->{'AuthModule::LDAP::Params'} = { port => 389, timeout => 120, async => 0, version => 3,};
# agent data sync against ldap$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';$Self->{'AuthSyncModule::LDAP::Host'} = '10.2.50.100';$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'cn=ITS,cn=users,dc=woobest,dc=com';$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'cn=otrsldap,cn=users,dc=woobest,dc=com';$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = '密码已和谐';$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {# DB -> LDAP UserFirstname => 'givenName', UserLastname => 'sn', UserEmail => 'mail',};
# AuthSyncModule::LDAP::UserSyncInitialGroups# (sync following group with rw permission after initial create of first agent# login)$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = ['users',]; # ---------------------------------------------------- # # ---------------------------------------------------- # # # # End of your own config options!!! # # # # ---------------------------------------------------- # # ---------------------------------------------------- #}
# ---------------------------------------------------- ## needed system stuff (don't edit this) ## ---------------------------------------------------- #use strict;use warnings;
use vars qw(@ISA $VERSION);$VERSION = qw($Revision: 1.23 $)[1];
use Kernel::Config::Defaults;push (@ISA, 'Kernel::Config::Defaults');
# -----------------------------------------------------#
1;

Configuring OTRS to make Agents authenticate via LDAP (MS Windows Active Directory)

#Enable LDAP authentication for Customers / Users $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; $Self->{'AuthModule::LDAP::Host'} = 'host.example.com'; $Self->{'AuthModule::LDAP::BaseDN'} = 'ou=BaseOU,dc=example,dc=com'; $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; #The following is valid but would only be necessary if the#anonymous user do NOT have permission to read from the LDAP tree $Self->{'AuthModule::LDAP::SearchUserDN'} = 'otrs_ldap'; $Self->{'AuthModule::LDAP::SearchUserPw'} = 'PASSWORD';
# UserSyncLDAPMap# (map if agent should create/synced from LDAP to DB after login) $Self->{UserSyncLDAPMap} = { # DB -> LDAP UserFirstname => 'givenName', UserLastname => 'sn', UserEmail => 'mail', };
# UserSyncLDAPGroups# (If "LDAP" was selected for AuthModule, you can specify# initial user groups for first login.) $Self->{UserSyncLDAPGroups} = [ 'users', ];
# UserTable $Self->{DatabaseUserTable} = 'users'; $Self->{DatabaseUserTableUserID} = 'id'; $Self->{DatabaseUserTableUserPW} = 'pw'; $Self->{DatabaseUserTableUser} = 'login';
#Add the following lines when only users are allowed to login if they reside in the spicified security group#Remove these lines if you want to provide login to all users specified in the User Base DN $Self->{'AuthModule::LDAP::GroupDN'} =''CN=otrs_ldap_allow_A,OU=Groups,OU=BaseOU,DC=example,DC=com'; $Self->{'AuthModule::LDAP::AccessAttr'} = 'member'; $Self->{'AuthModule::LDAP::UserAttr'} = 'DN';

什么是OTRS软件? 如何取消WINDOWS的ACTIVE DESKTOP 系统提示 Active Movie Windows:explorer.exe -应用程序错误 windows xp 如何安装Active Directory(活动目录）？关于windows active movie 的问题,高手进 Microsft Windows遇到意外错误，电脑已经关闭Active Desktop.我要怎样才能恢复它啊？？？ windows 2000中工作组，独立工作站和没有active Directory 是什么 Active Directory（活动目录）的Windows 2000 Server 如何设置详细步骤怎么样设置windows xp 不要阻止Active X控件的安装，加急！万分感谢！ Active Armor active disktop Active Desktop active反义词 active是什么意思 Active desktop ACTIVE DESTTOP ACTIVE是什么意思？我机器开了以后桌面上出现个恢复Active DesKtop 说是Microsoft Windows 遇到意外错误怎么解决? 我机器开了以后桌面上出现个恢复Active DesKtop 说是Microsoft Windows 遇到意外错误 Active Desktop??是什么啊？怎么关active桌面 active怎么用 active控件是什么呀? active player 怎么快进