Cosme; The UserEmail attribute is required This log line: [Thu Jan 28 10:45:40 2016][Error][Kernel::System::User::UserAdd][348] Need UserEmail!
Indicates that there isn't an email address for the agent it is trying to insert. Have you verified the "mail " is a proper attribute of your LDAP server, and that it is populated for the agent you're trying to have login? Can you tell us what your LDAP server is (Microsoft Active Directory, OpenLDAP, Apache Directory, etc.)? Thank you, Dominic L. Hilsbos, MBA, EIT, CSDA Director - Information Technology [Perform Air International, Inc.] dhils...@performair.com<mailto:dhils...@performair.com> www.PerformAir.com<http://www.performair.com> From: otrs-boun...@otrs.org [mailto:otrs-boun...@otrs.org] On Behalf Of Cosme Faria Corrêa Sent: Thursday, January 28, 2016 11:08 AM To: otrs@otrs.org Subject: Re: [otrs] Login not creating a DB entry for a new LDAP agent Hi Alvaro, thanks for your help. I am not sure if I undesrtand. I walked arround sysconfig, without success. CustomerInformationCenter 1 Framework Frontend::Admin 4 Framework Frontend::Admin::AdminCustomerCompany 1 Framework Frontend::Admin::AdminCustomerUser 1 Framework Frontend::Admin::AdminSelectBox 1 Framework Frontend::Admin::ModuleRegistration 28 Framework Frontend::Agent 29 Framework Frontend::Agent::Auth::TwoFactor 4 Framework Frontend::Agent::Dashboard 11 Framework Frontend::Agent::LinkObject 1 Framework Frontend::Agent::ModuleMetaHead 1 Framework Frontend::Agent::ModuleNotify 7 Framework Frontend::Agent::ModuleRegistration 15 Framework Frontend::Agent::NavBarModule 2 Framework Frontend::Agent::Preferences 13 Framework Frontend::Agent::SearchRouter 1 Framework Frontend::Agent::Stats 10 Framework Frontend::Customer 28 Framework Frontend::Customer::Auth 26 Framework Frontend::Customer::Auth::TwoFactor 4 Framework Frontend::Customer::ModuleMetaHead I have: * Frontend::Customer::Auth I do not have: * Frontend::Agent::Auth Why? I am using LDAP with memberof. My idea is: * Do not use root@localhost in normal operation. * LDAP Auth is suppressing DB Auth. I have no problems If i create, manually, an account and log AFTER. This is a part of my Config.pm ... # OpenLDAP # authenticate agents against ldap $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; $Self->{'AuthModule::LDAP::Host'} = '127.0.0.1'; $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=aaa,dc=bb'; $Self->{'AuthModule::LDAP::UID'} = 'uid'; # Check if the user is allowed to auth in a posixGroup # (e. g. user needs to be in a group clerks to use otrs) $Self->{'AuthModule::LDAP::GroupDN'} = 'cn=clerks,ou=Group,dc=aaa,dc=bb'; # $Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid'; $Self->{'AuthModule::LDAP::AccessAttr'} = 'member'; $Self->{'AuthModule::LDAP::UserAttr'} = 'DN'; # defines AuthSyncBackend (AuthSyncModule) for AuthModule # if this key exists and is empty, there won't be a sync. # example values: AuthSyncBackend, AuthSyncBackend2 $Self->{'AuthModule::UseSyncBackend'} = 'AuthSyncBackend'; # sync agents from ldap to mysql $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP'; $Self->{'AuthSyncModule::LDAP::Host'} = '127.0.0.1'; # $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'ou=People,dc=aaa,dc=bb'; $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=aaa,dc=bb'; $Self->{'AuthSyncModule::LDAP::UID'} = 'uid'; $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = { # DB -> LDAP UserFirstname => 'givenName', UserLastname => 'sn', UserEmail => 'mail', UserMobile => 'mobile', # UserComment => 'description', }; # AuthSyncModule::LDAP::UserSyncInitialGroups # (sync following group with rw permission after initial create of first agent # login) $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [ 'users', ]; # Attributes needed for group syncs # (attribute name for group value key) # $Self->{'AuthSyncModule::LDAP::AccessAttr'} = 'memberUid'; $Self->{'AuthSyncModule::LDAP::AccessAttr'} = 'member'; # (attribute for type of group content UID/DN for full ldap name) # $Self->{'AuthSyncModule::LDAP::UserAttr'} = 'UID'; $Self->{'AuthSyncModule::LDAP::UserAttr'} = 'DN'; # AuthSyncModule::LDAP::UserSyncGroupsDefinition # (If "LDAP" was selected for AuthModule and you want to sync LDAP # groups to otrs groups, define the following.) $Self->{'AuthSyncModule::LDAP::UserSyncGroupsDefinition'} = { # # ldap group 'cn=netadmins,ou=Group,dc=aaa,dc=bb' => { # # otrs group 'admin' => { # # permission rw => 1, ro => 1, }, }, 'cn=users,ou=Group,dc=aaa,dc=bb' => { 'users' => { rw => 1, ro => 1, }, } }; ... Could you help me? I will appreciate any kind of directions or examples. TIA On 28/01/16 11:15, Alvaro Cordero wrote: Hello, That means that the user cannot be sync to the database, you need to verify the user mapping in sysconfig, to match the fields from ldap into OTRS. Regards 2016-01-28 9:59 GMT-06:00 Cosme Faria Corrêa <cosm...@canalsac.com.br<mailto:cosm...@canalsac.com.br>>: Hi, my interface message is that: Panic, user authenticated but no user data can be found in OTRS DB!! Perhaps the user is invalid. My log says: [Thu Jan 28 10:45:40 2016][Error][Kernel::System::User::UserLookup][922] No UserID found for 'johndoe'! [Thu Jan 28 10:45:40 2016][Error][Kernel::System::User::UserLookup][922] No UserID found for 'johndoe'! [Thu Jan 28 10:45:40 2016][Error][Kernel::System::User::UserAdd][348] Need UserEmail! [Thu Jan 28 10:45:40 2016][Error][Kernel::System::Auth::Sync::LDAP::Sync][281] Can't create user 'johndoe' (uid=johndoe,ou=People,dc=aaa,dc=bb) in RDBMS! [Thu Jan 28 10:45:40 2016][Error][Kernel::System::User::UserLookup][922] No UserID found for 'johndoe'! The point is, Why? Why it can't? [Thu Jan 28 10:45:40 2016][Error][Kernel::System::Auth::Sync::LDAP::Sync][281] Can't create user 'johndoe' (uid=johndoe,ou=People,dc=aaa,dc=bb) in RDBMS! -- Cosme Corrêa +55 21 4042-6606<tel:%2B55%2021%204042-6606> CanalSAC O Nosso Negócio é Relacionamento --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs -- Alvaro Cordero Retana Consultor de Tecnologias Tel: 22585757 ext 123 Email: alv...@gridshield.net<mailto:alv...@gridshield.net> [http://www.gridshield.com/images/gs-signature.png] --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs -- Cosme Corrêa +55 21 4042-6606 CanalSAC O Nosso Negócio é Relacionamento
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs