Is there even a way for the Agent to authenticate over LDAP anymore? It
looks like it has been taken out. I've been going through SysConfig and
can't find anything on it. Anything I also try to throw at it by manually
editing Config.pm leaves the system broken. I've also uninstalled and
reinstalled a few times now.
Justin
On Tue, Aug 25, 2009 at 12:18 PM, <guenther.ra...@gmx.de> wrote:
> Hi,
>
> same problem here, but only with one of 200:
> I have tested it, with case-sensitive typed
> username, it works - but no problem with
> case-sensitive for all the others...
>
> Günther
>
>
> -------- Original-Nachricht --------
> > Datum: Tue, 25 Aug 2009 12:12:17 -0400
> > Von: Justin Holt <holt.justin...@gmail.com>
> > An: otrs@otrs.org
> > Betreff: [otrs] Active Directory and 2.4.3 issues
>
> > I finally went to make the jump to 2.4.3 from 2.3.4 and am having a bit
> of
> > an issue. Customers still authenticate against our Active Directory
> > Server
> > just fine, but when an agent tries to authenticate, it all blows up.
> >
> > "Panic, user authenticated but no user data can be found in OTRS DB!!
> > Perhaps the user is invalid."
> >
> > Here is the whole LDAP configuration part from my config.pm that I just
> > copied and pasted out of the config.pm for 2.3.4. I have seen that
> there
> > are others with this same issue but there have been no responses. This
> is
> > all running on a windows 2003 server with a regurlar install of OTRS.
> Any
> > Ideas?
> > #-----------------------Customer
> > Data------------------------------------------------
> >
> >
> > #Enable LDAP authentication for Customers / Users
> > $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
> > $Self->{'Customer::AuthModule::LDAP::Host'} = 'vdp-dc-003';
> > $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=ci, dc=vernon,
> > dc=ct,
> > dc=us';
> > $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
> >
> > #The following is valid but would only be necessary if the
> > #anonymous user do NOT have permission to read from the LDAP tree
> > $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs_ldap';
> > $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '1qaz2wsx';
> >
> > #CustomerUser
> > #(customer user database backend and settings)
> > $Self->{CustomerUser} = {
> > Module => 'Kernel::System::CustomerUser::LDAP',
> > Params => {
> > Host => 'vdp-dc-003',
> > BaseDN => 'dc=ci, dc=vernon, dc=ct, dc=us',
> > SSCOPE => 'sub',
> > UserDN =>'otrs_ldap',
> > UserPw => '1qaz2wsx',
> > },
> > # customer unique id
> > CustomerKey => 'sAMAccountName',
> > # customer #
> > CustomerID => 'mail',
> > CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
> > CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
> > CustomerUserSearchPrefix => '',
> > CustomerUserSearchSuffix => '*',
> > CustomerUserSearchListLimit => 250,
> > CustomerUserPostMasterSearchFields => ['mail'],
> > CustomerUserNameFields => ['givenname', 'sn'],
> > Map => [
> > # note: Login, Email and CustomerID needed!
> > # var, frontend, storage, shown, required, storage-type
> > #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
> > [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
> > [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
> > [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
> > [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
> > [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
> > [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
> > #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
> > #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
> > ],
> > };
> > # -------------------------End Customer
> data-----------------------------
> >
> >
> > #------------------------------Agent
> Data---------------------------------
> >
> > #Enable LDAP authentication for Customers / Users
> > $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
> > $Self->{'AuthModule::LDAP::Host'} = 'vdp-dc-003';
> > $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=ci, dc=vernon, dc=ct, dc=us';
> > $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
> >
> > #The following is valid but would only be necessary if the
> > #anonymous user do NOT have permission to read from the LDAP tree
> > $Self->{'AuthModule::LDAP::SearchUserDN'} = 'otrs_ldap';
> > $Self->{'AuthModule::LDAP::SearchUserPw'} = '1qaz2wsx';
> >
> > # UserSyncLDAPMap
> > # (map if agent should create/synced from LDAP to DB after login)
> > $Self->{UserSyncLDAPMap} = {
> > # DB -> LDAP
> > UserFirstname => 'givenName',
> > UserLastname => 'sn',
> > UserEmail => 'mail',
> > };
> >
> > # UserSyncLDAPGroups
> > # (If "LDAP" was selected="selected" for AuthModule, you can specify
> > # initial user groups for first login.)
> > $Self->{UserSyncLDAPGroups} = [
> > 'users',
> > ];
> >
> > # UserTable
> > $Self->{DatabaseUserTable} = 'users';
> > $Self->{DatabaseUserTableUserID} = 'id';
> > $Self->{DatabaseUserTableUserPW} = 'pw';
> > $Self->{DatabaseUserTableUser} = 'login';
> >
> > #Add the following lines when only users are allowed to login if they
> > reside
> > in the spicified security group
> > #Remove these lines if you want to provide login to all users specified
> in
> > the User Base DN
> > $Self->{'AuthModule::LDAP::GroupDN'}
> > ='CN=otrs_ldap_allow_A,CN=Builtin,DC=ci,DC=vernon,DC=ct,DC=us';
> > $Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
> > $Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
> >
> > #---------------------------End Agent
> Data--------------------------------
>
> --
> GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT!
> Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01
> ---------------------------------------------------------------------
> OTRS mailing list: otrs - Webpage: http://otrs.org/
> Archive: http://lists.otrs.org/pipermail/otrs
> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
>
> NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
> http://www.otrs.com/en/support/enterprise-subscription/
>
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/
