I was able to resolve the issue by changing
$Self->{'AuthModule::UseSyncBackend1'} = 'AuthSyncBackend';
to
$Self->{'AuthModule::UseSyncBackend'} = 'AuthSyncBackend1';
On 8/21/2019 2:39 PM, Nick Bright wrote:
It seems to not be importing the user. I have seen this happen if
"mail" is blank in the LDAP (AD). However, I've verified that 'mail'
is present. I use this secondary domain with another OTRS instance as
the primary domain, and it does work correctly there.
On 8/21/2019 8:01 AM, Gustavo Antonio Lutz de Matos wrote:
Hello everyone!
Sorry Juan, but it's not that. I use this feature and Nick's
configuration is ok.
What happened was that the user authentication passed, but was not
found in the OTRS database.
Somehow the user was not imported, or it can not be validated due
some failure.
Em qua, 21 de ago de 2019 às 02:34, Juan Manuel Clavero Almirón
<[email protected] <mailto:[email protected]>> escreveu:
Morning!
I think the issue is with the 1 you added. It has to be just
after the AuthModule but not after the ::
Let me explain: The LDAP modules expects some parameters: Host,
BaseDN, etc. These names cannot change. What can change is the
identifier of the auth module you're configuring. I think it
should be something as:
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = '10.0.0.2';
$Self->{'AuthModule::LDAP::BaseDN'} = 'DC=DOMAIN01,DC=local';
[...]
$Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule1::LDAP::Host'} = '192.168.0.2';
$Self->{'AuthModule1::LDAP::BaseDN'} = 'DC=DOMAIN02,DC=local';
[...]
Best,
Juanma
On 2019.08.21, at 00:30, Nick Bright <[email protected]
<mailto:[email protected]>> wrote:
Greetings,
I'm setting up an OTRS 6 installation on CentOS 7, with the
latest version of OTRS (installed today). OS is fully updated.
Following the documentation at
https://doc.otrs.com/doc/manual/admin/6.0/en/html/external-backends.html#agent-auth-backend-ldap
I was able to configure OTRS to authenticate and successfully
log in on the primary domain that I want to use (Windows AD back
ends).
I added a second domain by adding "1" to the end of the
AuthModule and AuthSyncModule clauses, but I'm getting an error
when trying to log in with a user on that domain stating
"Authentication succeeded, but no user data record is found in
the database." In /var/log/messages the error is
OTRS-CGI-99[14435]:
[Error][Kernel::System::User::UserLookup][Line:969]: No UserID
found for 'username'!
I suspect (hope) there's just some silly configuration error I'm
not seeing.
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = '10.0.0.2';
$Self->{'AuthModule::LDAP::BaseDN'} = 'DC=DOMAIN01,DC=local';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN'} =
'[email protected] <mailto:[email protected]>';
$Self->{'AuthModule::LDAP::SearchUserPw'} ='PASSWORD';
$Self->{'AuthModule::LDAP::AlwaysFilter'} = '';
$Self->{'AuthModule::Radius::Die'} = 1;
$Self->{'AuthModule::LDAP::Params'} = {port => 389, timeout
=> 120, async => 0, version => 3,};
$Self->{'AuthModule::UseSyncBackend'} = 'AuthSyncBackend';
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'ldap://10.0.0.2/';
$Self->{'AuthSyncModule::LDAP::BaseDN'} =
'DC=DOMAIN01,DC=local';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} =
'[email protected] <mailto:[email protected]>';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'PASSWORD';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {UserFirstname =>
'givenName', UserLastname => 'sn', UserEmail => 'mail',};
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = ['users',];
# ---- SECONDARY SERVER
$Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host1'} = '192.168.0.2';
$Self->{'AuthModule::LDAP::BaseDN1'} = 'DC=DOMAIN02,DC=local';
$Self->{'AuthModule::LDAP::UID1'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN1'} =
'[email protected] <mailto:[email protected]>';
$Self->{'AuthModule::LDAP::SearchUserPw1'} ='PASSWORD';
$Self->{'AuthModule::LDAP::AlwaysFilter1'} = '';
$Self->{'AuthModule::LDAP::Params1'} = {port => 389, timeout
=> 120, async => 0, version => 3,};
$Self->{'AuthModule::UseSyncBackend1'} = 'AuthSyncBackend';
$Self->{'AuthSyncModule1'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host1'} = 'ldap://192.168.0.2/';
$Self->{'AuthSyncModule::LDAP::BaseDN1'} =
'DC=DOMAIN02,DC=local';
$Self->{'AuthSyncModule::LDAP::UID1'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN1'} =
'[email protected] <mailto:[email protected]>';
$Self->{'AuthSyncModule::LDAP::SearchUserPw1'} = 'PASSWORD';
$Self->{'AuthSyncModule::LDAP::UserSyncMap1'} = {UserFirstname
=> 'givenName', UserLastname => 'sn', UserEmail => 'mail',};
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups1'} =
['users',];
--
-----------------------------------------------
- Nick Bright -
- Vice President of Technology -
- Valnet -=- We Connect You -=- -
- Tel 888-332-1616 x 315 / Fax 620-331-0789 -
- Web http://www.valnet.net/ -
-----------------------------------------------
- Are your files safe? -
- Valnet Vault - Secure Cloud Backup -
- More information & 30 day free trial at -
- http://www.valnet.net/services/valnet-vault -
-----------------------------------------------
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage:http://otrs.org/
Archive:http://lists.otrs.org/pipermail/otrs
To unsubscribe:http://lists.otrs.org/mailman/listinfo/otrs
--
-----------------------------------------------
- Nick Bright -
- Vice President of Technology -
- Valnet -=- We Connect You -=- -
- Tel 888-332-1616 x 315 / Fax 620-331-0789 -
- Webhttp://www.valnet.net/ -
-----------------------------------------------
- Are your files safe? -
- Valnet Vault - Secure Cloud Backup -
- More information & 30 day free trial at -
-http://www.valnet.net/services/valnet-vault -
-----------------------------------------------
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs
--
-----------------------------------------------
- Nick Bright -
- Vice President of Technology -
- Valnet -=- We Connect You -=- -
- Tel 888-332-1616 x 315 / Fax 620-331-0789 -
- Web http://www.valnet.net/ -
-----------------------------------------------
- Are your files safe? -
- Valnet Vault - Secure Cloud Backup -
- More information & 30 day free trial at -
- http://www.valnet.net/services/valnet-vault -
-----------------------------------------------
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs
