Also, unless you have added extra values into your AD schema, the UID value for AD is 'sAMAccountName' not 'uid'
> $Self->{'Customer::AuthModule::LDAP::UID'} = 'uid'; > CustomerKey => 'uid', Steve, As per your 2 emails I gave your suggestions a try: Firstly I fully qualified the ldap user: $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=ldap.lookup, OU=Support, OU=IT, OU=Melbourne, OU=Staff, DC=company, DC=com, DC=au'; This gave me Jan 20 09:44:17 mel-ithlp OTRS-CGI-03[11782]: [Error][Kernel::System::CustomerUser::LDAP::new][Line:144]: First bind failed! 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525, v893 Then I changed the uid value to sAMAccountname CustomerKey => 'sAMAaccountName', This gave me Jan 20 09:44:17 mel-ithlp OTRS-CGI-03[11782]: [Error][Kernel::System::CustomerAuth::LDAP::Auth][Line:199]: First bind failed! 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525, v893 I note that in the first the error is taking place in [Kernel::System::CustomerUser::LDAP::new][Line:144] whereas in the second the error is in [Error][Kernel::System::CustomerAuth::LDAP::Auth][Line:199] I have no idea what THAT means. As of right now my Config.pm is: $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = '192.168.1.10'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=company,dc=com,dc=au'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=ldap.lookup, OU=Support, OU=IT, OU=Melbourne, OU=Staff, DC=company, DC=com, DC=au'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password'; $Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => '192.168.1.10', BaseDN => 'DC=company,DC=com,DC=au', SSCOPE => 'sub', UserDN =>'CN=ldap.lookup, OU=Support, OU=IT, OU=Melbourne, OU=Staff, DC=company, DC=com, DC=au', UserPw => 'password', }, CustomerKey => 'sAMAaccountName', CustomerID => 'mail', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], ], }; ##################################################################################### This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal ##################################################################################### _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs