I looked in my users section of the admin-area. I have their windows login name in the Username field, their email address in the Email field and the Valid switch is set to Valid. Everything else is set in the LDAP portion of the Config.PM section I send you.
I could not get it working via the SysConfig area of the Admin-area. I did it via the Config.PM file. The admin user referenced in the file I sent is a Domain Admin. I used this account because a previous LDAP VPN software required it. I do not know if it is required for OTRS. One note, 'cn=adminuser,ou=mydomain,dc=mydomain,dc=com' has to match where the user is in AD. I edited the file. Mine is actually: 'cn=Szzzzzr,ou=TEzzzzecurity,dc=tezzzzup,dc=com' , so make sure that you are pointing correctly at the LDAP connection user. -- -- Steven May you have the peace and freedom that come from abandoning all hope of having a better past. --- - --- - - - - - - - -- - - - --- - ------ - - --- - - -- - - - -- - - - "Hamad Al-Gharabally" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Ok I think the LDAP users are not being synced with the local db > (mysql). > > I used the following command: > bin/otrs.addUser -f "Hamad" -l "Al-Gharabally" -p"mypass" -e > "[EMAIL PROTECTED]" -g users hgharabally > > If I disable my account on the domain controller, I can no longer login: > Dec 13 15:16:58 localhost OTRS-CGI-02[8167]: > [Notice][Kernel::System::Auth::LDAP::Auth] User: hgharabally (CN=Hamad > B. Al-Gharabally,OU=Staff,DC=auk,DC=edu,DC=kw) authentication failed: > '80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, > data 533, v893 > > If I enable my account, I manage to login just find: > > Dec 13 15:17:20 localhost OTRS-CGI-02[8183]: > [Notice][Kernel::System::Auth::LDAP::Auth] User: hgharabally (CN=Hamad > B. Al-Gharabally,OU=Staff,DC=auk,DC=edu,DC=kw) authentication ok > (REMOTE_ADDR: 10.1.69.88). > > So I guess the question is how can I sync LDAP to my DB? > > On Tue, 2005-12-13 at 14:35 +0300, Hamad Al-Gharabally wrote: >> I've just double checked that all the required perl modules are >> installed. And they seem to be. >> >> Im lost. And dont know what to do from here on. >> >> On Mon, 2005-12-12 at 16:03 +0300, Hamad Al-Gharabally wrote: >> > Ok Ive looked at your configuration file, and compared it to mine. I've >> > attached my configuration as well. Ive also read a lot of emails in the >> > archives, still I cant seem to see my mistake. >> > >> > I have 2 problems: >> > >> > ---------------------------------------------------------------------------- >> > >> > When I login to the agent front end, the webpage displays the following >> > error: Panic! No UserData!!! >> > >> > Upon checking Syslog: >> > Dec 12 15:56:53 localhost OTRS-CGI-02[5017]: >> > [Notice][Kernel::System::Auth::LDAP::Auth] User: hgharabally (CN=Hamad >> > B. Al-Gharabally,OU=Staff,DC=auk,DC=edu,DC=kw) authentication ok >> > (REMOTE_ADDR: 10.1.69.88). >> > >> > Dec 12 15:56:53 localhost OTRS-CGI-02[5017]: >> > [Notice][Kernel::System::User::GetUserData] Panic! No UserData for user: >> > 'hgharabally'!!! >> > ---------------------------------------------------------------------------- >> > When I log into the client front end: >> > >> > Dec 12 16:00:32 localhost OTRS-CGI-02[5120]: >> > [Notice][Kernel::System::CustomerAuth::LDAP::Auth] CustomerUser: >> > test_customer authentification failed, no LDAP entry found! >> > BaseDN='dc=auk,dc=edu,dc=kw', Filter='(sAMAccountName=test_customer)', >> > (REMOTE_ADDR: 10.1.69.88). >> > ------------------------------------------------------------------------------ >> > >> > Now Im wondering where did I go wrong? >> > >> > (I want both the agents, and customers to authenticate against AD) >> > >> > Best Regards, >> > Hamad Al-Gharabally >> > >> > On Mon, 2005-12-12 at 06:25 -0500, Steven wrote: >> > > mine is attached. >> > > >> > > It has redundant LDAP servers, DLAP login for agents and LDAP login and >> > > info >> > > for customers. >> > > It still uses the OTRS database for agents (to set permissions, etc.), so >> > > you have to make an account for each one in OTRS (same name as AD login >> > > name), it only uses the LDAP for the login. >> > > The list at the bottom is the customer data I am pulling out of AD; You >> > > may >> > > want more or less items there. >> > > >> > > -- >> > > -- >> > > Steven >> > > >> > > May you have the peace and freedom that come from abandoning all hope of >> > > having a better past. >> > > --- - --- - - - - - - - -- - - - --- - ------ >> > > - >> > > - --- - - -- - - - -- - - - >> > > "Hamad Al-Gharabally" <[EMAIL PROTECTED]> wrote in message >> > > news:[EMAIL PROTECTED] >> > > > Hello, >> > > > >> > > > I would like to use OTRS 2.0.4 (on debian) for the tech support dept, >> > > > however I dont know much about LDAP or Active Directory for that >> > > > matter. >> > > > >> > > > Could someone paste a "real" working example config which would allow >> > > > agents and/or customers to log in? (Using the accounts in the Active >> > > > Directory) >> > > > >> > > > Ive taken a look at the Documentation but when it comes to dn cn etc.. >> > > > it seems a bit intimidating. A case example would be. >> > > > >> > > > Were running win2000 domain controllers. >> > > > >> > > > each named: dc1.auk.edu.kw & dc2.auk.edu.kw >> > > > >> > > > Underneath that I have the following Ou's: >> > > > >> > > > + AUK Students >> > > > + Staff >> > > > + Facutly >> > > > >> > > > Now the customers in this case would be the Students & Faculty & Staff >> > > > >> > > > The agents would be in the Staff ou as well. (I might forsee a problem >> > > > here) >> > > > >> > > > Do I need to ask our AD admin to move the agents into a separate OU ? >> > > > >> > > > Best Regards, >> > > > Hamad Al-Gharabally >> > > > >> > > > _______________________________________________ >> > > > OTRS mailing list: otrs - Webpage: http://otrs.org/ >> > > > Archive: http://lists.otrs.org/pipermail/otrs >> > > > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >> > > > Support oder Consulting fr Ihr OTRS System? >> > > > => http://www.otrs.de/ >> > > > >> > > >> > > >> > > begin 666 LDAP-Ref-For-Config.pm >> > > M"@H@("!M>2! ;7ED;VUA:6YH;W-T<R ]#0HH)W1G,3$N;7ED;VUA:6XN8V]M >> > > M)RPG=&<Q,"YM>61O;6%I;BYC;VTG*3L*"B @)%-E;&8M/GLG075T:$UO9'5L >> > > M92=](#T@)TME<FYE;#HZ4WES=&5M.CI!=71H.CI,1$%0)SL*(" @(" D4V5L >> > > M9BT^>R=!=71H36]D=6QE.CI,1$%0.CI(;W-T)WT@/2!<0&UY9&]M86EN:&]S >> > > M=',[( H@(" D4V5L9BT^>R=!=71H36]D=6QE.CI,1$%0.CI"87-E1$XG?2 ] >> > > M("=D8SUM>61O;6%I;BQD8SUC;VTG.PH@(" D4V5L9BT^>R=!=71H36]D=6QE >> > > M.CI,1$%0.CI5240G?2 ]("=S04U!8V-O=6YT3F%M92<["B @)%-E;&8M/GLG >> > > M075T:$UO9'5L93HZ3$1!4#HZ4V5A<F-H57-E<D1.)WT@/2 G8VX]861M:6YU >> > > M<V5R+&]U/6UY9&]M86EN+&1C/6UY9&]M86EN+&1C/6-O;2<["B @)%-E;&8M >> > > M/GLG075T:$UO9'5L93HZ3$1!4#HZ4V5A<F-H57-E<E!W)WT@/2 G861M:6YU >> > > M<V5R<&%S<W=O<F0G.PH@"B @("1396QF+3Y[)T-U<W1O;65R.CI!=71H36]D >> > > M=6QE)WT@/2 G2V5R;F5L.CI3>7-T96TZ.D-U<W1O;65R075T:#HZ3$1!4"<[ >> > > M"@HD4V5L9BT^>R=#=7-T;VUE<CHZ075T:$UO9'5L93HZ3$1!4#HZ2&]S="=] >> > > M([EMAIL PROTECTED]>61O;6%I;FAO<W1S.PHD4V5L9BT^>R=#=7-T;VUE<CHZ075T:$UO >> > > M9'5L93HZ3$1!4#HZ0F%S941.)WT@/2 @)V1C/6UY9&]M86EN+&1C/6-O;2<[ >> > > M"B1396QF+3Y[)T-U<W1O;65R.CI!=71H36]D=6QE.CI,1$%0.CI5240G?2 ] >> > > M(" G<T%-06-C;W5N=$YA;64G.PHD4V5L9BT^>R=#=7-T;VUE<CHZ075T:$UO >> > > M9'5L93HZ3$1!4#HZ4V5A<F-H57-E<D1.)WT@/2 @)V-N/6%D;6EN=7-E<BQO >> > > M=3UM>61O;6%I;BQD8SUM>61O;6%I;BQD8SUC;VTG.PHD4V5L9BT^>R=#=7-T >> > > M;VUE<CHZ075T:$UO9'5L93HZ3$1!4#HZ4V5A<F-H57-E<E!W)WT@/2 @)V%D >> > > M;6EN=7-E<G!A<W-W;W)D)SL*( H@("1396QF+3Y[0W5S=&]M97)5<V5R?2 ] >> > > M('L*(" @($UO9'5L92 ]/B G2V5R;F5L.CI3>7-T96TZ.D-U<W1O;65R57-E >> > > M<CHZ3$1!4"<L"B @("!087)A;7,@/3X@>PH@(" @("!(;W-T(#T^(%Q ;7ED >> > > M;VUA:6YH;W-T<RP*(" @(" @0F%S941.(#T^("=D8SUM>61O;6%I;BQD8SUC >> > > M;VTG+ H@(" @("!34T-/4$4@/3X@)W-U8B<L"B @(" @(%5S97)$3B ]/B G >> > > M8VX]861M:6YU<V5R+&]U/6UY9&]M86EN+&1C/6UY9&]M86EN+&1C/6-O;2<L >> > > M"B @(" @(%5S97)0=R ]/B G861M:6YU<V5R<&%S<W=O<F0G+ H@(" @?2P* >> > > M(" @($-U<W1O;65R2V5Y(#T^("=S04U!8V-O=6YT3F%M92<L"B @("!#=7-T >> > > M;VUE<DE$(#T^("=;8W5S=&]M97)?:61=)RP*(" @($-U<W1O;65R57-E<DQI >> > > M<W1&:65L9',@/[EMAIL PROTECTED]<L("=C;B<L("=M86EL)UTL >> > > M"B @("!#=7-T;VUE<E5S97)396%R8VA&:65L9',@/[EMAIL PROTECTED] >> > > M3F%M92<L("=C;B<L("=M86EL)UTL"B @("!#=7-T;VUE<E5S97)0;W-T36%S >> > > M=&5R4V5A<F-H1FEE;&1S(#T^(%LG;6%I;"==+ H@(" @0W5S=&]M97)5<V5R >> > > M3F%M949I96QD<R ]/B!;)V=I=F5N;F%M92<L("=S;B==+ H@(" @36%P(#T^ >> > > M(%L*(" @(" @(R!N;W1E.B!,;V=I;[EMAIL PROTECTED]:[EMAIL >> > > PROTECTED]($-U<W1O;65R240@ >> > > M;F5E9&5D(0H@(" @(" C('9A<[EMAIL PROTECTED])O;G1E;F0L('-T;W)A9V4L('-H;W=N >> > > M+"!R97%U:7)E9"P@<W1O<F%G92UT>7!E"B,@(" @(" @6R G57-E<E-A;'5T >> > > M871I;VXG+" G5&ET;&4G+" G=&ET;&4G+" Q+" P+" G=F%R)R!=+ H@(" @ >> > > M("!;("=5<V5R1FER<W1N86UE)RP@)T9I<G-T;F%M92<L("=G:79E;FYA;64G >> > > M+" Q+" Q+" G=F%R)R!=+ H@(" @("!;("=5<V5R3&%S=&YA;64G+" G3&%S >> > > M=&YA;64G+" G<VXG+" Q+" Q+" G=F%R)R!=+ H@(" @("!;("=5<V5R3&]G >> > > M:6XG+" G3&]G:6XG+" G<T%-06-C;W5N=$YA;64G+" Q+" Q+" G=F%R)R!= >> > > M+ H)("!;("=4:71L92<L("=4:71L92<L("=T:71L92<L(#$L(# L("=V87(G >> > > M(%TL"@D@(%L@)U5S97)$97!A<G1M96YT)RP@)T1E<&%R=&UE;G0G+" G1&5P >> > > M87)T;65N="<L(#$L(# L("=V87(G(%TL"B @(" @(%L@)U5S97)%;6%I;"<L >> > > M("=%;6%I;"<L("=M86EL)RP@,2P@,2P@)W9A<B<@72P*(" @(" @6R G57-E >> > > M<D-U<W1O;65R240G+" G0W5S=&]M97))1"<L("=M86EL)RP@,"P@,2P@)W9A >> > > M<B<@72P*(" @(" @6R G57-E<E!H;VYE)RP@)U!H;VYE)RP@)W1E;&5P:&]N >> > > M96YU;6)E<B<L(#$L(# L("=V87(G(%TL#0H@(" @("!;("=5<V5R36]B:6QE >> > > M)RP@)TUO8FEL92<L("=M;V)I;&4G+" Q+" P+" G=F%R)R!=+ H@(" @("!; >> > > M("=5<V5R3F5X=&5L)RP@)TYE>'1E;"<L("=)4%!H;VYE)RP@,2P@,"P@)W9A >> > > M<B<@72P*"2 @6R G57-E<D1E<&%R=&UE;G0G+" G1&5P87)T;65N="<L("=$ >> > > M97!A<G1M96YT)RP@,2P@,"P@)W9A<B<@72P*(" @(" @6R G57-E<D-O;7!A >> > > M;GDG+" G0V]M<&%N>2<L("=#;VUP86YY)RP@,2P@,"P@)W9A<B<@72P*(" @ >> > > M(" @6R G0G5I;&1I;F=T)RP@)T)U:6QD:6YG)RP@)W!H>7-I8V%L1&5L:79E >> > > M<GE/9F9I8V5.86UE)RP@,2P@,"P@)W9A<B<@72P*"2 @6R G3&]G:6Y38W)I >> > > M<'0G+" G3&]G:6Y38W)I<'0G+" G<V-R:7!T4&%T:"<L(#$L(# L("=V87(G >> > > M(%TL"@D@(%L@)U5S97)!9&1R97-S)RP@)T%D9')E<W,G+" G<&]S=&%L861D >> > > M<F5S<R<L(#$L(# L("=V87(G(%TL"B,@(" @(" @6R G57-E<E!H;VYE)RP@ >> > > M)U!H;VYE)RP@)W1E;&5P:&]N96YU;6)E<B<L(#$L(# L("=V87(G(%TL"B,@ >> > > M(" @(" @6R G57-E<D%D9')E<W,G+" G061D<F5S<R<L("=P;W-T86QA9&1R >> > > M97-S)RP@,2P@,"P@)W9A<B<@72P*(R @(" @("!;("=5<V5R0V]M;65N="<L >> > > M("=#;VUM96YT)RP@)V1E<V-R:7!T:6]N)RP@,2P@,"P@)W9A<B<@72P*(" @ >> > > )(%TL"B @?3L* >> > > ` >> > > end >> > > >> > > >> > > _______________________________________________ >> > > OTRS mailing list: otrs - Webpage: http://otrs.org/ >> > > Archive: http://lists.otrs.org/pipermail/otrs >> > > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >> > > Support oder Consulting fr Ihr OTRS System? >> > > => http://www.otrs.de/ >> > _______________________________________________ >> > OTRS mailing list: otrs - Webpage: http://otrs.org/ >> > Archive: http://lists.otrs.org/pipermail/otrs >> > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >> > Support oder Consulting fr Ihr OTRS System? >> > => http://www.otrs.de/ >> >> _______________________________________________ >> OTRS mailing list: otrs - Webpage: http://otrs.org/ >> Archive: http://lists.otrs.org/pipermail/otrs >> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >> Support oder Consulting fr Ihr OTRS System? >> => http://www.otrs.de/ > > _______________________________________________ > OTRS mailing list: otrs - Webpage: http://otrs.org/ > Archive: http://lists.otrs.org/pipermail/otrs > To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs > Support oder Consulting für Ihr OTRS System? > => http://www.otrs.de/ > _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting für Ihr OTRS System? => http://www.otrs.de/
