Hi Roy, Thanks for looking at my config! I hadn't considered using the UPN instead of the sAMAccountName. No luck, unfortunately.
The old and new installations are on two different VMs, and I used the same syntax and similar parameters with the exception of switching to LDAPS instead of plaintext LDAP. I didn't have to specify the port and protocol in the Net::LDAP or hostname fields. Besides that, nothing has changed. They weren't rolled out to production yet so are/were stock (besides this LDAP auth) with no tickets except for test tickets. I've switched sAMAccountname to userPrincipalName in the relevant fields and commented out the appending UserSuffix line. The customer fields repopulated using the UPN as username and customer ID, but same error. Syslog: OTRS-CGI-10[3833]: [Error][Kernel::System::User::UserLookup][Line:922]: No UserID found for '[email protected]'! OTRS-CGI-10[3832]: [Error][Kernel::System::User::UserLookup][Line:922]: No UserID found for 'test.user'! Apache error.log: ERROR: OTRS-CGI-10 Perl: 5.22.1 OS: linux Time: Fri Jun 30 17:20:15 2017 Message: No UserID found for '[email protected]'! RemoteAddress: 192.168.0.61 RequestURI: /otrs/index.pl Traceback (3833): Module: Kernel::System::User::UserLookup Line: 922 Module: Kernel::System::Auth::Auth Line: 241 Module: Kernel::System::Web::InterfaceAgent::Run Line: 226 Module: ModPerl::ROOT::ModPerl::Registry::usr_share_otrs_bin_cgi_2dbin_index_2e pl::handler Line: 40 Module: (eval) (v1.99) Line: 207 Module: ModPerl::RegistryCooker::run (v1.99) Line: 207 Module: ModPerl::RegistryCooker::default_handler (v1.99) Line: 173 Module: ModPerl::Registry::handler (v1.99) Line: 32 ERROR: OTRS-CGI-10 Perl: 5.22.1 OS: linux Time: Fri Jun 30 17:20:20 2017 Message: No UserID found for 'test.user'! RemoteAddress: 192.168.0.61 RequestURI: /otrs/index.pl Traceback (3832): Module: Kernel::System::User::UserLookup Line: 922 Module: Kernel::System::Auth::Auth Line: 241 Module: Kernel::System::Web::InterfaceAgent::Run Line: 226 Module: ModPerl::ROOT::ModPerl::Registry::usr_share_otrs_bin_cgi_2dbin_index_2e pl::handler Line: 40 Module: (eval) (v1.99) Line: 207 Module: ModPerl::RegistryCooker::run (v1.99) Line: 207 Module: ModPerl::RegistryCooker::default_handler (v1.99) Line: 173 Module: ModPerl::Registry::handler (v1.99) Line: 32 Thanks! -- --- Evan Spangler Systems Administrator TEK Fusion Global, Inc On Fri, 2017-06-30 at 22:27 +0200, Roy Kaldung wrote: > Hi Evan, > > Is this the same config you’re using on your other system? > > > > > On Jun 30, 2017, at 9:08 PM, Evan Spangler <evan.spangler@tekfusion > > inc.com> wrote: > > > > $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; > > > > $Self->{'Customer::AuthModule::LDAP::UserSuffix'} = '@domain.com'; > Looks weird to me to add the domain to the sAMAccountName. AFAIK know > sAMAccountName plus the domain is mostly the userPrincipalName. > Did you tried it without the UserSuffix when the customer enter the > sAMAccountName? > > - Roy > This e-mail may contain confidential or privileged information. This communication and any attached documents may also contain data subject to the International Traffic in Arms Regulations or U.S. Export Administration Regulations and cannot be disseminated, distributed or copied to foreign nationals, residing in the U.S. or abroad, without the prior approval of the U.S. Department of State or appropriate export licensing authority. If you are not the intended recipient, please notify the sender immediately by return e-mail with a copy to: [email protected] and delete this e-mail and all copies and attachments. Opinions, conclusions and other information in this message that do not relate to the official business of Tek Fusion Global, Inc., shall be understood as neither given nor endorsed by it. --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs
