Re: [otrs] Agent LDAP Lookup

Mon, 11 Dec 2006 09:31:55 -0800 

On Sat, 09 Dec 2006 12:15:34 -0500
Mike Conigliaro <[EMAIL PROTECTED]> wrote:

> the perl ldap module is not installed.  try this:
> 
> perl -MCPAN -e 'install Net::LDAP'
> 

Thanks Mike

Net::LDAP was already installed along with the other required perl
modules.

I ran out of things to try and eventually made the changes to
Defaults.pm instead, it worked right away. I made the same changes in
Config.pm again where it should be, this time it worked fine so I'm not
entirely sure what the problem was but at least it's working now.

My next issue is with active directory group membership. The error
logged is:

OTRS-CGI-10[31020]: [Notice] [Kernel::System::Auth::LDAP::Auth] User:
kobus authentication failed, no LDAP group entry
foundGroupDN='cn=OTRS-Agents,ou=Groups,ou=Unitname,dc=mydomain,dc=co,dc=za',
Filter='(memberUid=CN=Kobus
Barnard,OU=Users,OU=Unitname,DC=mydomain,DC=co,DC=za)'! (REMOTE_ADDR:
192.168.91.146).

Why is the group entry not found? The 'kobus' account is a member of
the specified 'OTRS-Agents' group.

For completeness, here are the relevant parts of my current Config.pm,
I indicated where I think the problem lies but don't know which DN to
specify:

#---------------------#
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'myserver.mydomain.co.za';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=mydomain,dc=co,dc=za';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';

$Self->{'AuthModule::LDAP::GroupDN'} =
'cn=OTRS-Agents,ou=Groups,ou=Unitname,dc=mydomain,dc=co,dc=za';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid';

$Self->{'AuthModule::LDAP::UserAttr'} = 'DN'; # <- I think this is the
cause of the problem but am unsure which DN to use.

$Self->{'AuthModule::LDAP::SearchUserDN'} =
'cn=otrs,ou=Users,ou=Unitname,dc=mydomain,dc=co,dc=za';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'xxxxx';

$Self->{'AuthModule::LDAP::Params'} = {
   port => 389,
   timeout => 120,
   async => 0,
   version => 3,
};

#---------------------#

Thank you
Kobus
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support orr consulting for your OTRS system?
=> http://www.otrs.com/

Reply via email to