Is there even a way for the Agent to authenticate over LDAP anymore? It looks like it has been taken out. I've been going through SysConfig and can't find anything on it. Anything I also try to throw at it by manually editing Config.pm leaves the system broken. I've also uninstalled and reinstalled a few times now.
Justin On Tue, Aug 25, 2009 at 12:18 PM, <guenther.ra...@gmx.de> wrote: > Hi, > > same problem here, but only with one of 200: > I have tested it, with case-sensitive typed > username, it works - but no problem with > case-sensitive for all the others... > > Günther > > > -------- Original-Nachricht -------- > > Datum: Tue, 25 Aug 2009 12:12:17 -0400 > > Von: Justin Holt <holt.justin...@gmail.com> > > An: otrs@otrs.org > > Betreff: [otrs] Active Directory and 2.4.3 issues > > > I finally went to make the jump to 2.4.3 from 2.3.4 and am having a bit > of > > an issue. Customers still authenticate against our Active Directory > > Server > > just fine, but when an agent tries to authenticate, it all blows up. > > > > "Panic, user authenticated but no user data can be found in OTRS DB!! > > Perhaps the user is invalid." > > > > Here is the whole LDAP configuration part from my config.pm that I just > > copied and pasted out of the config.pm for 2.3.4. I have seen that > there > > are others with this same issue but there have been no responses. This > is > > all running on a windows 2003 server with a regurlar install of OTRS. > Any > > Ideas? > > #-----------------------Customer > > Data------------------------------------------------ > > > > > > #Enable LDAP authentication for Customers / Users > > $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; > > $Self->{'Customer::AuthModule::LDAP::Host'} = 'vdp-dc-003'; > > $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=ci, dc=vernon, > > dc=ct, > > dc=us'; > > $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; > > > > #The following is valid but would only be necessary if the > > #anonymous user do NOT have permission to read from the LDAP tree > > $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs_ldap'; > > $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '1qaz2wsx'; > > > > #CustomerUser > > #(customer user database backend and settings) > > $Self->{CustomerUser} = { > > Module => 'Kernel::System::CustomerUser::LDAP', > > Params => { > > Host => 'vdp-dc-003', > > BaseDN => 'dc=ci, dc=vernon, dc=ct, dc=us', > > SSCOPE => 'sub', > > UserDN =>'otrs_ldap', > > UserPw => '1qaz2wsx', > > }, > > # customer unique id > > CustomerKey => 'sAMAccountName', > > # customer # > > CustomerID => 'mail', > > CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], > > CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], > > CustomerUserSearchPrefix => '', > > CustomerUserSearchSuffix => '*', > > CustomerUserSearchListLimit => 250, > > CustomerUserPostMasterSearchFields => ['mail'], > > CustomerUserNameFields => ['givenname', 'sn'], > > Map => [ > > # note: Login, Email and CustomerID needed! > > # var, frontend, storage, shown, required, storage-type > > #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], > > [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], > > [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], > > [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], > > [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], > > [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], > > [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], > > #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], > > #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], > > ], > > }; > > # -------------------------End Customer > data----------------------------- > > > > > > #------------------------------Agent > Data--------------------------------- > > > > #Enable LDAP authentication for Customers / Users > > $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; > > $Self->{'AuthModule::LDAP::Host'} = 'vdp-dc-003'; > > $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=ci, dc=vernon, dc=ct, dc=us'; > > $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; > > > > #The following is valid but would only be necessary if the > > #anonymous user do NOT have permission to read from the LDAP tree > > $Self->{'AuthModule::LDAP::SearchUserDN'} = 'otrs_ldap'; > > $Self->{'AuthModule::LDAP::SearchUserPw'} = '1qaz2wsx'; > > > > # UserSyncLDAPMap > > # (map if agent should create/synced from LDAP to DB after login) > > $Self->{UserSyncLDAPMap} = { > > # DB -> LDAP > > UserFirstname => 'givenName', > > UserLastname => 'sn', > > UserEmail => 'mail', > > }; > > > > # UserSyncLDAPGroups > > # (If "LDAP" was selected="selected" for AuthModule, you can specify > > # initial user groups for first login.) > > $Self->{UserSyncLDAPGroups} = [ > > 'users', > > ]; > > > > # UserTable > > $Self->{DatabaseUserTable} = 'users'; > > $Self->{DatabaseUserTableUserID} = 'id'; > > $Self->{DatabaseUserTableUserPW} = 'pw'; > > $Self->{DatabaseUserTableUser} = 'login'; > > > > #Add the following lines when only users are allowed to login if they > > reside > > in the spicified security group > > #Remove these lines if you want to provide login to all users specified > in > > the User Base DN > > $Self->{'AuthModule::LDAP::GroupDN'} > > ='CN=otrs_ldap_allow_A,CN=Builtin,DC=ci,DC=vernon,DC=ct,DC=us'; > > $Self->{'AuthModule::LDAP::AccessAttr'} = 'member'; > > $Self->{'AuthModule::LDAP::UserAttr'} = 'DN'; > > > > #---------------------------End Agent > Data-------------------------------- > > -- > GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT! > Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01 > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! > http://www.otrs.com/en/support/enterprise-subscription/ >
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! http://www.otrs.com/en/support/enterprise-subscription/