Lol, you're most welcome Troy. Enjoy using OTRS.
On Fri, Feb 5, 2010 at 8:06 PM, Troy Shafer <troyksha...@yahoo.com> wrote: > YOU ARE THE MAN! > > -Troy > > > ------------------------------ > *From:* David Holder <david.hol...@gmail.com> > > *To:* User questions and discussions about OTRS. <otrs@otrs.org> > *Sent:* Fri, February 5, 2010 2:30:25 PM > > *Subject:* Re: [otrs] AD Synch > > Hi Troy, > > Instead of this: > > CustomerKey => 'sAMAccountName', > CustomerID => 'sAMAccountName', > > Try this: > > CustomerKey => 'sAMAccountName', > CustomerID => 'mail' > > Regards, > > Troy Shafer wrote: > > ok, i'm missing something.. below is my customer ldap code. I made sure all > uid were changed too sAMAccountName... (i changed specific domain info for > obvious reasons) > > > #Customer LDAP Settings > > $Self->{CustomerUser} = { > Module => 'Kernel::System::CustomerUser::LDAP', > Params => { > Host => '192.168.30.55', > BaseDN => 'dc=domain,dc=com', > SSCOPE => 'sub', > UserDN => 'cn=otrs,ou=mis,ou=User_Accounts,dc=domain,dc=com', > UserPw => 'otrspassword', > }, > CustomerKey => 'sAMAccountName', > CustomerID => 'sAMAccountName', > CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], > CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], > CustomerUserPostMasterSearchFields => ['mail'], > CustomerUserNameFields => ['givenname', 'sn'], > Map => [ > # note: Login, Email and CustomerID needed! > # var, frontend, storage, shown, required, storage-type > # [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], > [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], > [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], > [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], > [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], > [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], > # [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], > # [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], > # [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], > ], > }; > > > -Troy > > > ------------------------------ > *From:* Troy Shafer <troyksha...@yahoo.com> <troyksha...@yahoo.com> > *To:* User questions and discussions about OTRS. > <otrs@otrs.org><otrs@otrs.org> > *Sent:* Fri, February 5, 2010 1:00:36 PM > *Subject:* Re: [otrs] AD Synch > > Ok i went back and tried the customer login and I get an error that says... > Error: Need CustomerID!!! I'm sure this is common. > > I think i found my answer here: > http://lists.otrs.org/pipermail/otrs/2004-October/006523.html > > I'll report back if I did i'm sure i can't be the only one looking for > this... or i'm a moron and i AM the only one :) > > Thanks Sune and David, i've seen your post throughout my search and i do > appreciate such knowledgeable admins helping us out. > > > > -Troy > > > ------------------------------ > *From:* Sune T. Tougaard <s...@lyngsoesystems.com> <s...@lyngsoesystems.com> > *To:* User questions and discussions about OTRS. > <otrs@otrs.org><otrs@otrs.org> > *Sent:* Thu, February 4, 2010 6:46:41 PM > *Subject:* Re: [otrs] AD Synch > > If this by any chance is for the customer part (it’s a big install if you > have 3000 agents, I think), perhaps the following may be helpful. > > > > By “No user data” it could mean that some info that is required in the OTRS > DB is not available in the AD/LDAP lookup. So one thing to check, I guess, > would be if the AD is populated with the needed data. > > In my setup I think that the only parts “required” for the customer part > are Login, Email and CustomerID. > > > > In my Customer Authentication part of the config, I have those fields > mapped as follows: > > > > # 'var', 'frontend', 'storage', shown, required, 'storage-type' > > [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], > > [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], > > [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], > > > > So, in my AD, if I have empty “sAMAccountName” or “mail” fields, I would > get the “No user data” error when logging in. > > Also, I believe that the UID must be set to “sAMAccountName”, the default > is UPN as far as I recall. > > > > Your otrs log may give your hints to what may be missing or going wrong. > > Perhaps you could show us the authen part of your config, that could help. > > > > It’s been a while since I was last deep in otrs, so I may be using an > older version. Dunno if all this applies to yours. > > I may also be totally off track, it was setup years ago. > > > > -- > > /Sune T. > > > > *From:* otrs-boun...@otrs.org > [mailto:otrs-boun...@otrs.org<otrs-boun...@otrs.org>] > *On Behalf Of *David Holder > *Sent:* 05 February 2010 00:16 > *To:* User questions and discussions about OTRS. > *Subject:* Re: [otrs] AD Synch > > > > Hi Troy, > > AFAIK agents are authenticated against OTRS's database, but the information > for those accounts is first probed in the LDAP directory. If you're getting > a "panic no user data!" when logging in as a agent, the information isn't > being synced to OTRS's database. Have you implemented the following code: > > # agent data sync against ldap > > $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP'; > > $Self->{'AuthSyncModule::LDAP::Host'} = 'ldap://ldap.example.com/'; > > $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=otrs, dc=org'; > > $Self->{'AuthSyncModule::LDAP::UID'} = 'uid'; > > $Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'uid=sys, ou=user, > dc=otrs, dc=org'; > > $Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'some_pass'; > > $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = { > > # DB -> LDAP > > UserFirstname => 'givenName', > > UserLastname => 'sn', > > UserEmail => 'mail', > > }; > > [...] > > > > # AuthSyncModule::LDAP::UserSyncInitialGroups > > # (sync following group with rw permission after initial create of first > agent > > # login) > > $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [ > > 'users', > > ]; > > > > If you haven't implemented the above, do so and let us know how you get on. > If you get compeltely stuck I can send you a blank config from my current > OTRS setup, which I have e-mailed to several people already to help them > resolve their AD sync/access issues. > > Regards, > > David > > > Troy Shafer wrote: > > I have searched and searched but can't seem to find the answer. > > So i setup the Config.pm to use AD authentication.. then of course i got > the Panic! No user data! error. We have over 3,000 employees. I'm not > going to sit here and create an account for each of them. I do have it > searching AD successfully and autheniticating against AD. > > I've seen examples of user synchronization on the web and everytime i try > those code in the config file and restart apache i can't login to otrs with > an AD account or r...@localhost. > > Essentially i'm looking for the code that will allow authentication against > AD without the user needing to be in the otrs db... or.. > > When authenticated against AD the user is automatically created in the OTRS > DB.. > > or some variation that doesn't need me to create 3000 accounts by hand. > > > > -Troy > > > > > > > > > ------------------------------ > > > > --------------------------------------------------------------------- > > OTRS mailing list: otrs - Webpage: http://otrs.org/ > > Archive: http://lists.otrs.org/pipermail/otrs > > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > > > NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! > > http://www.otrs.com/en/support/enterprise-subscription/ > > > > > ------------------------------ > > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > NEW! ENTERPRISE SUBSCRIPTION - Get more information > NOW!http://www.otrs.com/en/support/enterprise-subscription/ > > > > > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! > http://www.otrs.com/en/support/enterprise-subscription/ >
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! http://www.otrs.com/en/support/enterprise-subscription/