Hi Hamood,
If I look at your Config.pm file, I have some remarks:
- For the SearchUserDN, did you specify a DN (CN=..., OU=,...,
DC=ksa,DC=lo)?
- Do you still have the old system? Does it still work with the old one.
- In the Customer data mapping, you map the phonenumber, did you add the
field in the Customer_User database? (supposing that you started with a
fresh install)
>From the error message, I would suppose that there is a problem with the
username and password....
I also see a typo...:
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'ad01ksa.ksa.lo',
BaseDN => 'DC=ksa,DC=lo',
SSCOPE => 'sub',
UserDN =>'username',
UserPw => 'password',
},
# customer unique id
CustomerKey => 'sAMAccountName',
You forgot to close the Params section...
Regards,
C.
PS: I also added your Config.pm file, you sent me previously
On Tue, Jun 10, 2008 at 8:41 PM, hamood Iqbal <[EMAIL PROTECTED]> wrote:
> hi,
> i installed otrs 2.3 beta 2 b/c it has some features like imap/ajax that
> are important to us.
>
> i used the same lines that i put in con fig.pm for otrs 2.2 to
> authenticate against Active directory but this version is giving error that
> your user name or password was entered incorrectly.
>
> my last version was 2.2.6 and it worked with AD.
>
> see my otrs.log file
> [Sun Jun 8 12:39:44 2008][Notice][Kernel::System: :Auth::DB::Auth] User:
> [EMAIL PROTECTED] authentication ok (REMOTE_ADDR: 172.30.72.209).
> [Sun Jun 8 12:40:46 2008][Notice][Kernel::System::User::UserAdd] User:
> 'hiqbal' ID: '2' created successfully (1)!
> [Sun Jun 8 12:40:46 2008][Notice][Kernel::System::User::SetPassword] User:
> 'hiqbal' changed password successfully!
> [Sun Jun 8 12:41:05
> 2008][Notice][Kernel::System::AuthSession::DB::RemoveSessionID] Removed
> SessionID 10b4e7db911938ec94948b318d459a8ef8.
> [Sun Jun 8 12:42:26
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 12:42:26
> 2008][Error][Kernel::System::AuthSession::DB::CheckSessionID][64] Got no
> SessionID!!
> [Sun Jun 8 12:42:39
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 12:42:39 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 12:43:43
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 12:43:43 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 12:49:00
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 12:49:00 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 12:49:51
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 12:49:51 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 12:56:42
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 12:56:47
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 12:56:52
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 12:57:00
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 12:57:08
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 13:00:13
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 13:01:32
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 13:01:32 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 13:16:05
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 13:16:13
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 13:16:13 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 13:16:49 2008][Notice][Kernel::System::Auth::DB::Auth] User:
> [EMAIL PROTECTED] authentication ok (REMOTE_ADDR: 172.30.72.209).
> [Sun Jun 8 13:18:03
> 2008][Notice][Kernel::System::AuthSession::DB::RemoveSessionID] Removed
> SessionID 10efb9b42a35e933717ad53f982af2ac1a.
> [Sun Jun 8 13:18:20
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 13:18:29
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 13:18:29 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 13:25:19 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 13:28:16
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 13:28:16 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 13:28:28
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 13:28:28 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 13:28:44
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 13:28:44 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
> [Sun Jun 8 14:43:33
> 2008][Error][Kernel::System::CustomerUser::LDAP::new][144] First bind
> failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext
> error, data 525, vece
> [Sun Jun 8 14:43:33 2008][Error][Kernel::System::Auth::LDAP::Auth][191]
> First bind failed! 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
>
>
>
> Any idea what is wrong? or i am doing something wrong.
>
> Thanks
>
> _______________________________________________
> OTRS mailing list: otrs - Webpage: http://otrs.org/
> Archive: http://lists.otrs.org/pipermail/otrs
> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
> Support or consulting for your OTRS system?
> => http://www.otrs.com/
>
# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2008 OTRS AG, http://otrs.org/
# --
# $Id: Config.pm.dist,v 1.20 2008/03/07 16:50:44 martin Exp $
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (GPL). If you
# did not receive this file, see http://www.gnu.org/licenses/gpl-2.0.txt.
# --
# Note:
#
# -->> OTRS does have a lot of config settings. For more settings
# (Notifications, Ticket::ViewAccelerator, Ticket::NumberGenerator,
# LDAP, PostMaster, Session, Preferences, ...) see
# Kernel/Config/Defaults.pm and copy your wanted lines into "this"
# config file. This file will not be changed on update!
#
# --
package Kernel::Config;
sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# Start of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'otrs';
# DatabasePw
# (The password of database user. You also can use bin/CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'hot';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} =
"DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
# (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} =
"DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = 'D:/OTRS/otrs';
# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{'CheckMXRecord'} = 1;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #
$Self->{'LogModule'} = 'Kernel::System::Log::File';
$Self->{'LogModule::LogFile'} = 'D:/OTRS/otrs/var/log/otrs.log';
# $DIBI$
$Self->{'SystemID'} = 10;
$Self->{'SecureMode'} = 1;
$Self->{'Organization'} = 'Luksar Saudi Arabia LTD.';
$Self->{'FQDN'} = 'As03ksa.ksa.lo';
$Self->{'DefaultLanguage'} = 'en';
$Self->{'AdminEmail'} = '[EMAIL PROTECTED]';
$Self->{'DefaultCharset'} = 'utf-8';
#Enable LDAP authentication for Customers / Users
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'ad01ksa.ksa.lo';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=ksa,dc=lo';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
#The following is valid but would only be necessary if the
#anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'username';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'password';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};
# UserSyncLDAPMap
# (map if agent should create/synced from LDAP to DB after login)
$Self->{UserSyncLDAPMap} = {
# DB -> LDAP
Firstname => 'givenName',
Lastname => 'sn',
Email => 'mail',
};
# UserSyncLDAPGroups
# (If "LDAP" was selected="selected" for AuthModule, you can specify
# initial user groups for first login.)
$Self->{UserSyncLDAPGroups} = [
'users',
];
# UserTable
$Self->{DatabaseUserTable} = 'system_user';
$Self->{DatabaseUserTableUserID} = 'id';
$Self->{DatabaseUserTableUserPW} = 'pw';
$Self->{DatabaseUserTableUser} = 'login';
#Add the following lines when only users are allowed to login if they reside in
the spicified security group
#Remove these lines if you want to provide login to all users specified in the
User Base DN
# $Self->{'AuthModule::LDAP::GroupDN'}
=''CN=otrs_ldap_allow_A,OU=Groups,OU=it,DC=in,DC=LO';
# $Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
# $Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
#Enable LDAP authentication for Customers / Users
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'ad01ksa.ksa.lo';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=ksa,dc=lo';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#The following is valid but would only be necessary if the
#anonymous user do NOT have permission to read from the LDAP tree
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'username';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';
#CustomerUser
#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'ad01ksa.ksa.lo',
BaseDN => 'DC=ksa,DC=lo',
SSCOPE => 'sub',
UserDN =>'username',
UserPw => 'password',
},
# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
],
};
#Add the following lines when only users are allowed to login if they reside in
the spicified security group
#Remove these lines if you want to provide login to all users specified in the
User Base DN
#example: $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=in, dc=lo';
# $Self->{'Customer::AuthModule::LDAP::GroupDN'} =
'CN=otrs_ldap_allow_C,OU=Groups,DC=in,DC=lo';
# $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
# $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'
# SendmailModule
$Self->{'SendmailModule'} = 'Kernel::System::Email::SMTP';
$Self->{'SendmailModule::Host'} = 'ex01ksa.ksa.lo';
$Self->{'SendmailModule::Port'} = '25';
$Self->{'SendmailModule::AuthUser'} = 'username';
$Self->{'SendmailModule::AuthPassword'} = 'password';
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# End of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
}
# ---------------------------------------------------- #
# needed system stuff (don't edit this) #
# ---------------------------------------------------- #
use strict;
use warnings;
use vars qw(@ISA $VERSION);
use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');
use vars qw(@ISA $VERSION);
$VERSION = qw($Revision: 1.20 $)[1];
# -----------------------------------------------------#
1;
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support or consulting for your OTRS system?
=> http://www.otrs.com/
