Morning!
I think the issue is with the 1 you added. It has to be just after the
AuthModule but not after the ::
Let me explain: The LDAP modules expects some parameters: Host, BaseDN, etc.
These names cannot change. What can change is the identifier of the auth module
you're configuring. I think it should be something as:
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = '10.0.0.2';
$Self->{'AuthModule::LDAP::BaseDN'} = 'DC=DOMAIN01,DC=local';
[...]
$Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule1::LDAP::Host'} = '192.168.0.2';
$Self->{'AuthModule1::LDAP::BaseDN'} = 'DC=DOMAIN02,DC=local';
[...]
Best,
Juanma
> On 2019.08.21, at 00:30, Nick Bright <[email protected]> wrote:
>
> Greetings,
>
> I'm setting up an OTRS 6 installation on CentOS 7, with the latest version of
> OTRS (installed today). OS is fully updated.
>
> Following the documentation at
> https://doc.otrs.com/doc/manual/admin/6.0/en/html/external-backends.html#agent-auth-backend-ldap
> I was able to configure OTRS to authenticate and successfully log in on the
> primary domain that I want to use (Windows AD back ends).
>
> I added a second domain by adding "1" to the end of the AuthModule and
> AuthSyncModule clauses, but I'm getting an error when trying to log in with a
> user on that domain stating "Authentication succeeded, but no user data
> record is found in the database." In /var/log/messages the error is
> OTRS-CGI-99[14435]: [Error][Kernel::System::User::UserLookup][Line:969]: No
> UserID found for 'username'!
>
> I suspect (hope) there's just some silly configuration error I'm not seeing.
>
> $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
> $Self->{'AuthModule::LDAP::Host'} = '10.0.0.2';
> $Self->{'AuthModule::LDAP::BaseDN'} = 'DC=DOMAIN01,DC=local';
> $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
> $Self->{'AuthModule::LDAP::SearchUserDN'} = '[email protected]';
> $Self->{'AuthModule::LDAP::SearchUserPw'} ='PASSWORD';
> $Self->{'AuthModule::LDAP::AlwaysFilter'} = '';
> $Self->{'AuthModule::Radius::Die'} = 1;
> $Self->{'AuthModule::LDAP::Params'} = {port => 389, timeout => 120, async
> => 0, version => 3,};
> $Self->{'AuthModule::UseSyncBackend'} = 'AuthSyncBackend';
> $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
> $Self->{'AuthSyncModule::LDAP::Host'} = 'ldap://10.0.0.2/';
> $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'DC=DOMAIN01,DC=local';
> $Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
> $Self->{'AuthSyncModule::LDAP::SearchUserDN'} = '[email protected]';
> $Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'PASSWORD';
> $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {UserFirstname =>
> 'givenName', UserLastname => 'sn', UserEmail => 'mail',};
> $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = ['users',];
> # ---- SECONDARY SERVER
> $Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
> $Self->{'AuthModule::LDAP::Host1'} = '192.168.0.2';
> $Self->{'AuthModule::LDAP::BaseDN1'} = 'DC=DOMAIN02,DC=local';
> $Self->{'AuthModule::LDAP::UID1'} = 'sAMAccountName';
> $Self->{'AuthModule::LDAP::SearchUserDN1'} = '[email protected]';
> $Self->{'AuthModule::LDAP::SearchUserPw1'} ='PASSWORD';
> $Self->{'AuthModule::LDAP::AlwaysFilter1'} = '';
> $Self->{'AuthModule::LDAP::Params1'} = {port => 389, timeout => 120,
> async => 0, version => 3,};
> $Self->{'AuthModule::UseSyncBackend1'} = 'AuthSyncBackend';
> $Self->{'AuthSyncModule1'} = 'Kernel::System::Auth::Sync::LDAP';
> $Self->{'AuthSyncModule::LDAP::Host1'} = 'ldap://192.168.0.2/';
> $Self->{'AuthSyncModule::LDAP::BaseDN1'} = 'DC=DOMAIN02,DC=local';
> $Self->{'AuthSyncModule::LDAP::UID1'} = 'sAMAccountName';
> $Self->{'AuthSyncModule::LDAP::SearchUserDN1'} =
> '[email protected]';
> $Self->{'AuthSyncModule::LDAP::SearchUserPw1'} = 'PASSWORD';
> $Self->{'AuthSyncModule::LDAP::UserSyncMap1'} = {UserFirstname =>
> 'givenName', UserLastname => 'sn', UserEmail => 'mail',};
> $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups1'} = ['users',];
>
> --
> -----------------------------------------------
> - Nick Bright -
> - Vice President of Technology -
> - Valnet -=- We Connect You -=- -
> - Tel 888-332-1616 x 315 / Fax 620-331-0789 -
> - Web http://www.valnet.net/ -
> -----------------------------------------------
> - Are your files safe? -
> - Valnet Vault - Secure Cloud Backup -
> - More information & 30 day free trial at -
> - http://www.valnet.net/services/valnet-vault -
> -----------------------------------------------
>
> ---------------------------------------------------------------------
> OTRS mailing list: otrs - Webpage: http://otrs.org/
> Archive: http://lists.otrs.org/pipermail/otrs
> To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs
