Ansicht von 0 Antwort-Themen
  • Autor
    Beiträge
    • 28. Januar 2025 um 15:10 Uhr - Views: 12 #34087
      Lars Hampe
      Teilnehmer

        Hallo alle zusammen,

        ich habe ein 10.x Testsystem auf Docker installiert. Nun sollte das Ganze produktiv gehen und die Docker Version war zu langsam.

        Also neu aufgesetzt, Erstkonfiguration lief perfekt nur bei der Einrichtung des LDAP ist leider Schluss. Anbei ein Auszug aus der Config.pm. Beim Starten meckert das System die Zeilen ab Customer an.. Was ist hier falsch ?

        # insert your own config settings „here“               #
        # config settings taken from Kernel/Config/Defaults.pm #
        # —————————————————- #

        # $Self->{SessionUseCookie} = 0;
        # $Self->{CheckMXRecord} = 0;

        $Self->{AuthModule1} = ‚Kernel::System::Auth::DB‘;
        ### Backend 2
        $Self->{AuthModule} = ‚Kernel::System::Auth::LDAP‘;
        $Self->{‚AuthModule::LDAP::Host‘} = ‚HOSTNAME‘;
        $Self->{‚AuthModule::LDAP::BaseDN‘} = ‚DOMAINNAME‘;
        $Self->{‚AuthModule::LDAP::UID‘} = ’sAMAccountName‘;

        # This is an example configuration for an LDAP auth sync. backend.
        # (take care that Net::LDAP is installed!)
        $Self->{AuthSyncModule} = ‚Kernel::System::Auth::Sync::LDAP‘;
        $Self->{‚AuthSyncModule::LDAP::Host‘} = ‚HOSTNAME‘;
        $Self->{‚AuthSyncModule::LDAP::BaseDN‘} = ‚DOMAINE‘;
        $Self->{‚AuthSyncModule::LDAP::UID‘} = ’sAMAccountName‘;

        # The following is valid but would only be necessary if the
        # anonymous user do NOT have permission to read from the LDAP tree
        $Self->{‚AuthSyncModule::LDAP::SearchUserDN‘} = ‚USER‘;
        $Self->{‚AuthSyncModule::LDAP::SearchUserPw‘} = ‚PASS‘;

        # AuthSyncModule::LDAP::UserSyncMap
        # (map if agent should create/synced from LDAP to DB after successful login)
        # you may specify LDAP-Fields as either
        #  * list, which will check each field. first existing will be picked ( [„givenName“,“cn“,“_empty“] )
        #  * name of an LDAP-Field (may return empty strings) („givenName“)
        #  * fixed strings, prefixed with an underscore: „_test“, which will always return this fixed string

        $Self->{‚AuthSyncModule::LDAP::UserSyncMap‘} = {
        #        # DB -> LDAP
        UserFirstname => ‚givenName‘,
        UserLastname  => ’sn‘,
        UserEmail     => ‚mail‘,
        };

        # CustomerUser
        # (customer user ldap backend and settings)
        $Self->{CustomerUser} = {
        Name => ‚LDAP Backend‘,
        Module => ‚Kernel::System::CustomerUser::LDAP‘,
        Params => {
        # ldap host
        Host => ‚HOSTNAME‘,
        # ldap base dn
        BaseDN => ‚DOMAIN‘,
        # search scope (one|sub)
        SSCOPE => ’sub‘,
        # The following is valid but would only be necessary if the
        # anonymous user does NOT have permission to read from the LDAP tree
        UserDN => ‚USER‘,
        UserPw => ‚PASS‘,
        # in case you want to add always one filter to each ldap query, use
        # this option. e. g. AlwaysFilter => ‚(mail=*)‘ or AlwaysFilter => ‚(objectclass=user)‘
        AlwaysFilter => “,
        # if the charset of your ldap server is iso-8859-1, use this:
        # SourceCharset => ‚iso-8859-1‘,
        SourceCharset => ‚utf-8‘,
        DestCharset => ‚utf-8‘,
        # die if backend can’t work, e. g. can’t connect to server
        Die => 0,
        # Net::LDAP new params (if needed – for more info see perldoc Net::LDAP)
        Params => {
        port => 143,
        timeout => 120,
        async => 0,
        version => 3,
        },
        },

        # customer unique id
        CustomerKey => ’sAMAccountName‘,
        # customer #
        CustomerID => ‚mail‘,
        CustomerUserListFields => [‚cn‘, ‚mail‘],
        CustomerUserSearchFields => [’sAMAccountName‘, ‚cn‘, ‚mail‘],
        CustomerUserSearchPrefix => “,
        CustomerUserSearchSuffix => ‚*‘,
        CustomerUserSearchListLimit => 250,
        CustomerUserPostMasterSearchFields => [‚mail‘],
        CustomerUserNameFields => [‚givenname‘, ’sn‘],
        CustomerUserValidFilter => ‚(|(employeeNumber=*)(employeeID=*))‘,
        Map => [
        [ ‚UserFirstname‘,   Translatable(‚Firstname‘),           ‚givenname‘,           1, 1, ‚var‘, “, 1, undef, undef ],
        [ ‚UserLastname‘,    Translatable(‚Lastname‘),            ’sn‘,                  1, 1, ‚var‘, “, 1, undef, undef ],
        [ ‚UserLogin‘,       Translatable(‚Username‘),            ’sAMAccountName‘,                 1, 1, ‚var‘, “, 1, undef, undef ],
        [ ‚UserEmail‘,       Translatable(‚Email‘),               ‚mail‘,                1, 1, ‚var‘, “, 1, undef, undef ],
        [ ‚Abteilung‘,       Translatable(‚Abteilung‘),          ‚department‘,          1, 1, ‚var‘, “, 1, undef. undef ],
        [ ‚Status‘,          Translatable(‚Status‘),              ‚title‘,            1, 1, ‚var‘, “, 1, undef, undef ],
        [ ‚UserCustomerID‘,  Translatable(‚CustomerID‘),          ‚mail‘,                0, 1, ‚var‘, “, 1, undef, undef ],
        # [ ‚UserCustomerIDs‘, Translatable(‚CustomerIDs‘),         ’second_customer_ids‘, 1, 0, ‚var‘, “, 1, undef, undef ],
        [ ‚UserPhone‘,       Translatable(‚Phone‘),               ‚telephonenumber‘,     1, 0, ‚var‘, “, 1, undef, undef ],
        ],
        };

        # —————————————————- #
        #                                                      #
        # end of your own config options!!!                    #
        #                                                      #
        # —————————————————- #

        Danke schon mal …

         

    • Autor
      Beiträge
    Ansicht von 0 Antwort-Themen
    • Du musst angemeldet sein, um auf dieses Thema antworten zu können.