Tim,
How do you have your user's logging in? When I go through and try to log myself into OTRS with; mpietersen [EMAIL PROTECTED] ASFCORP\mpietersen My bind isn't working properly according to my httpd log which is pumping out ERROR: OTRS-CGI-10 Perl: 5.8.6 OS: linux Time: Wed Nov 22 11:50:27 2006 Message: First bind failed! 80090308: LdapErr: DSID-0C09030F, comment: Traceback (24085): Module: Kernel::System::CustomerUser::LDAP::new (v1.29) Line: 71 Module: Kernel::System::CustomerUser::new (v1.28) Line: 91 Module: Kernel::System::Ticket::new (v1.229) Line: 121 Module: Kernel::System::Web::InterfaceAgent::Run (v1.17) Line: 173 Module: ModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_inde Module: (eval) (v1.81) Line: 203 Module: ModPerl::RegistryCooker::run (v1.81) Line: 203 Module: ModPerl::RegistryCooker::default_handler (v1.81) Line: 169 Module: ModPerl::Registry::handler (v1.99) Line: 30 ERROR: OTRS-CGI-10 Perl: 5.8.6 OS: linux Time: Wed Nov 22 11:50:36 2006 Message: First bind failed! 80090308: LdapErr: DSID-0C09030F, comment: Traceback (24086): Module: Kernel::System::CustomerUser::LDAP::new (v1.29) Line: 71 Module: Kernel::System::CustomerUser::new (v1.28) Line: 91 Module: Kernel::System::Ticket::new (v1.229) Line: 121 Module: Kernel::System::Web::InterfaceAgent::Run (v1.17) Line: 173 Module: ModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_inde Module: (eval) (v1.81) Line: 203 Module: ModPerl::RegistryCooker::run (v1.81) Line: 203 Module: ModPerl::RegistryCooker::default_handler (v1.81) Line: 169 Module: ModPerl::Registry::handler (v1.99) Line: 30 Every time I try and log in. Have you experienced any problems when implementing your AD auth? BTW, it's running on FC4 Thanks, Mike Pietersen, A+, MCP IT (586) 498-1388 ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Miller, Tim Sent: Wednesday, November 22, 2006 9:44 AM To: User questions and discussions about OTRS.org Subject: RE: [otrs] LDAP Authentication I am no expert in giving a step by step, but here is a copy of my config.pm file which is working for customer LDAP auth via my Windows AD domain... hope it helps: As always, make a backup copy of the original Config.pm file before you start modifying.... I created a user account in AD called "otrs ldap" and use that account to authenticate the LDAP query from otrs. Windows AD will not allow anonymous lookups so this is a necessary step... # This is an example configuration for an LDAP auth. backend. # (take care that Net::LDAP is installed!) $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = '10.xxx.xxx.xx'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=domain,dc=local'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=otrs ldap,OU=Users,DC=domain,DC=local'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password'; The section below is for the customer lookups via the Phone Ticket/Email Ticket screen to add a new ticket for a customer. It allows the agent type a piece of the customer info and search AD for the user... The system must be able to verify the customer in AD before it will let you enter a ticket. # (customer user ldap backend and settings) $Self->{CustomerUser1} = { Name =>'LDAP Backend', Module => 'Kernel::System::CustomerUser::LDAP', Params => { # ldap host Host => '10.xxx.xxx.xx', # ldap base dn BaseDN => 'dc=domain,dc=local', # search scope (one|sub) SSCOPE => 'sub', # The following is valid but would only be necessary if the # anonymous user does NOT have permission to read from the LDAP tree UserDN => 'CN=otrs ldap,OU=Users,DC=domain,DC=local', UserPw => 'password', AlwaysFilter => '', #SourceCharset => 'utf-8', #DestCharset => 'iso-8859-1', }, # customer uniq id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'mail', CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown, required, storage-type #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], ], }; With Best Regards, Tim Miller Network Administrator DBT America, Inc. Houston, PA ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of VI - Mario Tonin Sent: Wednesday, November 22, 2006 6:30 AM To: [email protected] Subject: [otrs] LDAP Authentication Is there anyone who can give me a step-by-step guide to configure ldap autentiation for costumers? I've added this entry: $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = 'vidc2.battistolligroup.it'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=battistolligroup,dc=it'; . . . . . . . . . . . . . . . . . . . Mario Tonin [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> B.T.V. s.p.a.- Sistemi Informativi Via Luca della Robbia 60 36100 - Vicenza - Italy w http://www.battistolli.it <http://www.battistolli.it/>
_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support orr consulting for your OTRS system? => http://www.otrs.com/
