As Dominic indicates, I didn't see that part in the log earlier, but that's exactly what I meant, you need to tell in the config file what fields from ldap match the ones iin your data base and email is mandatory.
Regards. 2016-01-28 13:36 GMT-06:00 <dhils...@performair.com>: > Cosme; > > > > The UserEmail attribute is required > > This log line: > > [Thu Jan 28 10:45:40 2016][Error][Kernel::System::User::UserAdd][348] Need > UserEmail! > > > > Indicates that there isn’t an email address for the agent it is trying to > insert. > > Have you verified the “mail “ is a proper attribute of your LDAP server, > and that it is populated for the agent you’re trying to have login? > > > > Can you tell us what your LDAP server is (Microsoft Active Directory, > OpenLDAP, Apache Directory, etc.)? > > > > Thank you, > > > > Dominic L. Hilsbos, MBA, EIT, CSDA > > Director – Information Technology > > [image: Perform Air International, Inc.] > > dhils...@performair.com > > www.PerformAir.com <http://www.performair.com> > > > > > > *From:* otrs-boun...@otrs.org [mailto:otrs-boun...@otrs.org] *On Behalf > Of *Cosme Faria Corrêa > *Sent:* Thursday, January 28, 2016 11:08 AM > *To:* otrs@otrs.org > *Subject:* Re: [otrs] Login not creating a DB entry for a new LDAP agent > > > > Hi Alvaro, > > thanks for your help. > > I am not sure if I undesrtand. > > I walked arround sysconfig, without success. > > CustomerInformationCenter > > 1 > > Framework > > Frontend::Admin > > 4 > > Framework > > Frontend::Admin::AdminCustomerCompany > > 1 > > Framework > > Frontend::Admin::AdminCustomerUser > > 1 > > Framework > > Frontend::Admin::AdminSelectBox > > 1 > > Framework > > Frontend::Admin::ModuleRegistration > > 28 > > Framework > > Frontend::Agent > > 29 > > Framework > > Frontend::Agent::Auth::TwoFactor > > 4 > > Framework > > Frontend::Agent::Dashboard > > 11 > > Framework > > Frontend::Agent::LinkObject > > 1 > > Framework > > Frontend::Agent::ModuleMetaHead > > 1 > > Framework > > Frontend::Agent::ModuleNotify > > 7 > > Framework > > Frontend::Agent::ModuleRegistration > > 15 > > Framework > > Frontend::Agent::NavBarModule > > 2 > > Framework > > Frontend::Agent::Preferences > > 13 > > Framework > > Frontend::Agent::SearchRouter > > 1 > > Framework > > Frontend::Agent::Stats > > 10 > > Framework > > Frontend::Customer > > 28 > > Framework > > Frontend::Customer::Auth > > 26 > > Framework > > Frontend::Customer::Auth::TwoFactor > > 4 > > Framework > > Frontend::Customer::ModuleMetaHead > > > I have: > > - Frontend::Customer::Auth > > I do not have: > > - Frontend::Agent::Auth > > Why? > > > I am using LDAP with memberof. > My idea is: > > - Do not use root@localhost in normal operation. > - LDAP Auth is suppressing DB Auth. > > I have no problems If i create, manually, an account and log AFTER. > > This is a part of my Config.pm > > ... > # OpenLDAP > # authenticate agents against ldap > $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; > $Self->{'AuthModule::LDAP::Host'} = '127.0.0.1'; > $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=aaa,dc=bb'; > $Self->{'AuthModule::LDAP::UID'} = 'uid'; > > # Check if the user is allowed to auth in a posixGroup > # (e. g. user needs to be in a group clerks to use otrs) > $Self->{'AuthModule::LDAP::GroupDN'} = > 'cn=clerks,ou=Group,dc=aaa,dc=bb'; > # $Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid'; > $Self->{'AuthModule::LDAP::AccessAttr'} = 'member'; > $Self->{'AuthModule::LDAP::UserAttr'} = 'DN'; > > # defines AuthSyncBackend (AuthSyncModule) for AuthModule > # if this key exists and is empty, there won't be a sync. > # example values: AuthSyncBackend, AuthSyncBackend2 > $Self->{'AuthModule::UseSyncBackend'} = 'AuthSyncBackend'; > > # sync agents from ldap to mysql > $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP'; > $Self->{'AuthSyncModule::LDAP::Host'} = '127.0.0.1'; > # $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'ou=People,dc=aaa,dc=bb'; > $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=aaa,dc=bb'; > $Self->{'AuthSyncModule::LDAP::UID'} = 'uid'; > > $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = { > # DB -> LDAP > UserFirstname => 'givenName', > UserLastname => 'sn', > UserEmail => 'mail', > UserMobile => 'mobile', > # UserComment => 'description', > }; > > # AuthSyncModule::LDAP::UserSyncInitialGroups > # (sync following group with rw permission after initial create of > first agent > # login) > $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [ > 'users', > ]; > > # Attributes needed for group syncs > # (attribute name for group value key) > # $Self->{'AuthSyncModule::LDAP::AccessAttr'} = 'memberUid'; > $Self->{'AuthSyncModule::LDAP::AccessAttr'} = 'member'; > # (attribute for type of group content UID/DN for full ldap name) > # $Self->{'AuthSyncModule::LDAP::UserAttr'} = 'UID'; > $Self->{'AuthSyncModule::LDAP::UserAttr'} = 'DN'; > > # AuthSyncModule::LDAP::UserSyncGroupsDefinition > # (If "LDAP" was selected for AuthModule and you want to sync LDAP > # groups to otrs groups, define the following.) > $Self->{'AuthSyncModule::LDAP::UserSyncGroupsDefinition'} = { > # # ldap group > 'cn=netadmins,ou=Group,dc=aaa,dc=bb' => { > # # otrs group > 'admin' => { > # # permission > rw => 1, > ro => 1, > }, > }, > 'cn=users,ou=Group,dc=aaa,dc=bb' => { > 'users' => { > rw => 1, > ro => 1, > }, > } > }; > ... > > > Could you help me? > I will appreciate any kind of directions or examples. > > TIA > > On 28/01/16 11:15, Alvaro Cordero wrote: > > Hello, > > > > That means that the user cannot be sync to the database, you need to > verify the user mapping in sysconfig, to match the fields from ldap into > OTRS. > > > > Regards > > > > > > 2016-01-28 9:59 GMT-06:00 Cosme Faria Corrêa <cosm...@canalsac.com.br>: > > Hi, > > my interface message is that: > Panic, user authenticated but no user data can be found in OTRS DB!! > Perhaps the user is invalid. > > My log says: > [Thu Jan 28 10:45:40 2016][Error][Kernel::System::User::UserLookup][922] > No UserID found for 'johndoe'! > [Thu Jan 28 10:45:40 2016][Error][Kernel::System::User::UserLookup][922] > No UserID found for 'johndoe'! > [Thu Jan 28 10:45:40 2016][Error][Kernel::System::User::UserAdd][348] Need > UserEmail! > [Thu Jan 28 10:45:40 > 2016][Error][Kernel::System::Auth::Sync::LDAP::Sync][281] Can't create user > 'johndoe' (uid=johndoe,ou=People,dc=aaa,dc=bb) in RDBMS! > [Thu Jan 28 10:45:40 2016][Error][Kernel::System::User::UserLookup][922] > No UserID found for 'johndoe'! > > The point is, Why? Why it can't? > [Thu Jan 28 10:45:40 > 2016][Error][Kernel::System::Auth::Sync::LDAP::Sync][281] Can't create user > 'johndoe' (uid=johndoe,ou=People,dc=aaa,dc=bb) in RDBMS! > > -- > Cosme Corrêa > +55 21 4042-6606 > CanalSAC > O Nosso Negócio é Relacionamento > > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > > > > > -- > > > *Alvaro Cordero Retana Consultor de Tecnologias* > > *Tel: 22585757 ext 123* > > *Email:* alv...@gridshield.net > > > > > --------------------------------------------------------------------- > > OTRS mailing list: otrs - Webpage: http://otrs.org/ > > Archive: http://lists.otrs.org/pipermail/otrs > > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > > > > -- > > Cosme Corrêa > > +55 21 4042-6606 > > CanalSAC > > O Nosso Negócio é Relacionamento > > > --------------------------------------------------------------------- > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > -- *Alvaro Cordero RetanaConsultor de Tecnologias* *Tel: 22585757 ext 123* *Email:* alv...@gridshield.net
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
