All right, heres what I see. You set the LDAP Params twice and I didn't need them at all. You need to replace every instance of 'uid' with 'sAMAccountName.' I also had to layout the username differently. Thats just what I see.
# CustomerUser # (customer user ldap backend and settings) $Self->{CustomerUser} = { Name => 'Active Directory', Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => 'ADServer.domainname.com', BaseDN => 'dc=domainname,dc=com', SSCOPE => 'sub', UserDN => 'cn=ADUsername,ou=users,dc=domainname,dc=com', UserPw => 'password', }, # customer uniq id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'mail', CustomerUserListFields => ['cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], # show now own tickets in customer panel, CompanyTickets CustomerUserExcludePrimaryCustomerID => 0, # admin can't change customer preferences AdminSetPreferences => 0, Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly [ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ], [ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ], [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ], [ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ], ], }; Kurt O'Connor Linn State Technical College [EMAIL PROTECTED] 573-897-5275 ---------------------------------------------------------- ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pascal Rebsamen Sent: Thursday, September 20, 2007 4:52 AM To: User questions and discussions about OTRS.org Subject: [otrs] Problem with LDAP auth -Need CustomerID!!! hi, i'm searching now 3 hrs and can't find the error. i did the setup for ldap auth in the config.pm. The LDAP Auth. works, but after the logon, i receive the following error: Fehler: Need CustomerID!!! Kommentar: Traceback: ERROR: OTRS-CGI-10 Perl: 5.8.8 OS: linux Time: Thu Sep 20 11:42:08 2007 Message: Need CustomerID!!! Traceback (4519): Module: Kernel::Output::HTML::Layout::CustomerError (v1.48) Line: 3308 Module: Kernel::Modules::CustomerTicketOverView::Run (v1.42) Line: 72 Module: Kernel::System::Web::InterfaceCustomer::Run (v1.20) Line: 704 Module: /opt/otrs/bin/cgi-bin/customer.pl (v1.37) Line: 47 My config: # ######################################################### # CUSTOMER Auth # ######################################################### # This is an example configuration for an LDAP auth. backend. # (take care that Net::LDAP is installed!) $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = 'MeinDC'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=company,dc=local'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; # Check if the user is allowed to auth in a posixGroup # (e. g. user needs to be in a group xyz to use otrs) #$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=otrsallow,ou=posixGroups,dc=example,dc=com'; #$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'memberUid'; # for ldap posixGroups objectclass (just uid) #$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID'; # for non ldap posixGroups objectclass (full user dn) # # $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'; # The following is valid but would only be necessary if the # anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'domain\username'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password'; # in case you want to add always one filter to each ldap query, use # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)' $Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(mail=*)'; # in case you want to add a suffix to each customer login name, then # you can use this option. e. g. user just want to use user but # in your ldap directory exists [EMAIL PROTECTED] # $Self->{'Customer::AuthModule::LDAP::UserSuffix'} = '@domain.com'; # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) $Self->{'Customer::AuthModule::LDAP::Params'} = { port => 389, timeout => 120, async => 0, version => 3, }; # CustomerUser # (customer user ldap backend and settings) $Self->{CustomerUser} = { Name => 'LDAP Backend', Module => 'Kernel::System::CustomerUser::LDAP', Params => { # # ldap host Host => 'meinDC', # # ldap base dn BaseDN => 'ou=company,o=local', # # search scope (one|sub) SSCOPE => 'sub', # # The following is valid but would only be necessary if the # # anonymous user does NOT have permission to read from the LDAP tree UserDN => 'domain\user', UserPw => 'meinpassword', # # in case you want to add always one filter to each ldap query, use # # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)' AlwaysFilter => '(mail=*)', # # if your frontend is e. g. iso-8859-1 and the charset of your # # ldap server is utf-8, use this options (if not, ignore it) SourceCharset => 'utf-8', DestCharset => 'utf-8', # # die if backend can't work, e. g. can't connect to server Die => 1, # # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) Params => { port => 389, timeout => 120, async => 0, version => 3, }, }, # # customer uniq id CustomerKey => 'uid', # # customer # CustomerID => 'mail', CustomerUserListFields => ['cn', 'mail'], CustomerUserSearchFields => ['uid', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], # # show now own tickets in customer panel, CompanyTickets CustomerUserExcludePrimaryCustomerID => 0, # # add a ldap filter for valid users (expert setting) # # CustomerUserValidFilter => '(!(description=gesperrt))', # # admin can't change customer preferences AdminSetPreferences => 0, # # cache time to life in sec. - cache any ldap queris CacheTTL => 0, Map => [ # # note: Login, Email and CustomerID needed! # # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly [ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ], [ 'UserLogin', 'Username', 'uid', 1, 1, 'var', '', 0 ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ], # [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ], [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ], [ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ], ], }; NOTE: This e-mail transmission may contain confidential information. If you are not the intended recipient, employee or agent responsible for delivering this information to the intended recipient, unauthorized disclosure, copying, distribution or use of the contents of this transmission is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and delete it from your computer. Thank you for your compliance.
_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/