I found the issue in the syslog, my 'mail' attribute wasn't assigned. Thank you for your efforts!
Andy On Friday, 12-16-2011 on 10:38 am Andy Graybeal wrote: > Greetings, > I'm new to OTRS and LDAP. > > I would like to implement OTRS with LDAP and have the 'agents' automatically > created with AuthSyncModule. > > My LDAP server is the one that is packaged with Zentyal. > > I am running Ubuntu 10.04. I followed these instructions for the > installation: > http://wiki.otrs.org/index.php?title=Installation_on_Ubuntu_Lucid_Lynx_%2810.4%29 > > Before I configured the AuthModule/AuthSyncModule, I could login just fine > with OTRS. > > I read the part of 3.0 manual regarding the auth and sync of Agents with LDAP > directory server, and cut and paste the settings out of the manual into my > Config.pm. > > What is happening is that when I login to OTRS with an LDAP user, it says: > Panic, user authenticated but no user data can be found in OTRS DB!! Perhaps > the user is invalid. > > It looks like AuthSync isn't working correctly. How do I troubleshoot what > I'm doing wrong? > > This is my AuthModule and AuthSyncModule config this in my Config.pm: > > # This is an example configuration for an LDAP auth. backend. > # (Make sure Net::LDAP is installed!) > $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; > $Self->{'AuthModule::LDAP::Host'} = '192.168.2.222'; > $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=zabulon,dc=casanueva,dc=com'; > $Self->{'AuthModule::LDAP::UID'} = 'uid'; > > # Check if the user is allowed to auth in a posixGroup > # (e. g. user needs to be in a group xyz to use otrs) > #$Self->{'AuthModule::LDAP::GroupDN'} = > 'cn=otrsallow,ou=posixGroups,dc=example,dc=com'; > #$Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid'; > # for ldap posixGroups objectclass (just uid) > # $Self->{'AuthModule::LDAP::UserAttr'} = 'UID'; > # for non ldap posixGroups objectclass (with full user dn) > # $Self->{'AuthModule::LDAP::UserAttr'} = 'DN'; > > # The following is valid but would only be necessary if the > # anonymous user do NOT have permission to read from the LDAP tree > #$Self->{'AuthModule::LDAP::SearchUserDN'} = ''; > #$Self->{'AuthModule::LDAP::SearchUserPw'} = ''; > > # in case you want to add always one filter to each ldap query, use > # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => > '(objectclass=user)' > #$Self->{'AuthModule::LDAP::AlwaysFilter'} = ''; > > # in case you want to add a suffix to each login name, then > # you can use this option. e. g. user just want to use user but > # in your ldap directory exists user@domain. > # $Self->{'AuthModule::LDAP::UserSuffix'} = '@domain.com'; > > # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) > $Self->{'AuthModule::LDAP::Params'} = { > port => 389, > timeout => 120, > async => 0, > version => 3, > }; > > # agent data sync against ldap > $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP'; > $Self->{'AuthSyncModule::LDAP::Host'} = '192.168.2.222'; > $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=zabulon,dc=casanueva,dc=com'; > $Self->{'AuthSyncModule::LDAP::UID'} = 'uid'; > $Self->{'AuthSyncModule::LDAP::SearchUserDN'} = > 'cn=ebox,dc=zabulon,dc=casanueva,dc=com'; > $Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'some_pass'; > $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = { > # DB -> LDAP > UserFirstname => 'givenName', > UserLastname => 'sn', > UserEmail => 'mail', > }; > #[...] > > # AuthSyncModule::LDAP::UserSyncInitialGroups > # (sync following group with rw permission after initial create of first agent > # login) > $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [ > 'users', > ]; > > > Andy > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
