Re: [otrs] SSO with Kernel::System::CustomerAuth::HTTPBasicAuth display Panic! No UserData!!! Error

Tue, 06 Apr 2010 07:59:35 -0700 


Hello again, 



I dont think that is possible in OTRS. We have allways added the user manually 
due to group setup and then let AD work as authentication. 

If you do some scripting you can loop trought the AD and then add the users to 
the mySQL user table in OTRS. 

Vennlig hilsen - Best regards - Saludos Cordiales 

Erling Lothe 
IT Consultant 


----- Original Message ----- 
From: "Arnault Tovar" <[email protected]> 
To: [email protected] 
Sent: Tuesday, April 6, 2010 3:15:07 PM 
Subject: [otrs] SSO with 
Kernel::System::CustomerAuth::HTTPBasicAuth        display        Panic! No 
UserData!!! Error 

Thank you Erling, 

How could I insert automatically email and name from AD to OTRS database 
? 



------------------------------------------ 

The user needs to be in the OTRS user database. It is important that the 
username in OTRS match the user in the AD. 



It will then authenticate with the username and password from the AD and 
not the OTRS but use the userinformation from OTRS. ( Email, name, 
groups e.t.c. ) 

----- Original Message ----- 
From: "Arnault Tovar" <arnault.tovar at pronatura.com> 
To: otrs at otrs.org 
Sent: Tuesday, April 6, 2010 1:51:42 PM 
Subject: [otrs] SSO with Kernel::System::CustomerAuth::HTTPBasicAuth 
display        Panic! No UserData!!! Error 

Hi everyone, 

I try to configure my OTRS customer interface with SSO Active Directory 
over Apache. 
My Apache authentification works with the sspi module and it looks 
great. 

My config.pm works fine with LDAP configuration with this configuration: 

$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; 
$Self->{'Customer::AuthModule::LDAP::Host'} = 'svr.xx.yy.com'; 
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=xx,dc=yy,dc=com'; 
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; 
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=Helpdesk, 
OU=yy,DC=xx,DC=yy,DC=com'; 
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'Glpi84@'; 
$Self->{'Customer::AuthModule::LDAP::Params'} = { 
        port => 389, 
        timeout => 120, 
        async => 0, 
        version => 3, 
    }; 
           
$Self->{CustomerUser} = { 
                Module => 'Kernel::System::CustomerUser::LDAP', 
                Params => { 
                Host => 'svr.xx.yy.com', 
                BaseDN => 'OU=yy,DC=xx,DC=yy,DC=com', 
                SSCOPE => 'sub', 
                UserDN =>'CN=Helpdesk,OU=yy,DC=xx,DC=yy,DC=com', 
                UserPw => 'Glpi84@', 
                #SourceCharset => 'iso-8859-1', 
                #DestCharset => 'utf-8', 
                }, 

                # customer unique id 
                CustomerKey => 'sAMAccountName', 
                # customer # 
                CustomerID => 'sAMAccountName', 
                #CustomerValid => 'valid_id', 
                CustomerUserListFields => ['sAMAccountName', 'sn', 
'mail'], 
                CustomerUserSearchFields => ['sAMAccountName', 'sn', 
'mail'], 
                CustomerUserSearchPrefix => '', 
                CustomerUserSearchSuffix => '*', 
                CustomerUserSearchListLimit => 250, 
                CustomerUserPostMasterSearchFields => ['mail'], 
                CustomerUserNameFields => ['givenname', 'sn'], 
                Map => [ 
                        # note: Login, Email and CustomerID needed! 
                        # var, frontend, storage, shown, required, 
storage-type 
                        #[ 'UserSalutation', 'Title', 'title', 1, 0, 
'var' ], 
                        [ 'UserFirstname', 'Firstname', 'givenname', 1, 
1, 'var' ], 
                        [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' 
], 
                        [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 
'var' ], 
                        #['UserPassword', 'Password', 'pw', 0, 1, 
'var'], 
                        [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], 
                        [ 'UserCustomerID', 'CustomerID', 
'sAMAccountName', 0, 1, 'var' ], 
                        [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 

'var' ], 
                        #[ 'UserAddress', 'Address', 'postaladdress', 1, 

0, 'var' ], 
                        #[ 'UserComment', 'Comment', 'description', 1, 
0, 'var' ], 
                ], 
        }; 

But when I want to activate the HTTPBasicAuth because I want that my 
users login automatically with their windows authentication, it doesn't 
work. I have an error message in the login forms "Panic! No 
UserData!!!". I have this on my config.pm for HTTPBasicAuth  : 
    # This is an example configuration for an apache ($ENV{REMOTE_USER}) 

    # auth. backend. Use it if you want to have a singe login through 
    # apache http-basic-auth 
   $Self->{'Customer::AuthModule'} = 
'Kernel::System::CustomerAuth::HTTPBasicAuth'; 

    # In case there is a leading domain in the REMOTE_USER, you can 
    # replace it by the next config option. 
   $Self->{'Customer::AuthModule::HTTPBasicAuth::Replace'} = 
'terreor\\'; 
           
$Self->{CustomerUser} = { 
                Module => 'Kernel::System::CustomerUser::LDAP', 
                Params => { 
                Host => 'svr.xx.yy.com', 
                BaseDN => 'OU=yy,DC=xx,DC=yy,DC=com', 
                SSCOPE => 'sub', 
                UserDN =>'CN=Helpdesk,OU=yy,DC=xx,DC=yy,DC=com', 
                UserPw => 'Glpi84@', 
                #SourceCharset => 'iso-8859-1', 
                #DestCharset => 'utf-8', 
                }, 

                # customer unique id 
                CustomerKey => 'sAMAccountName', 
                # customer # 
                CustomerID => 'sAMAccountName', 
                #CustomerValid => 'valid_id', 
                CustomerUserListFields => ['sAMAccountName', 'sn', 
'mail'], 
                CustomerUserSearchFields => ['sAMAccountName', 'sn', 
'mail'], 
                CustomerUserSearchPrefix => '', 
                CustomerUserSearchSuffix => '*', 
                CustomerUserSearchListLimit => 250, 
                CustomerUserPostMasterSearchFields => ['mail'], 
                CustomerUserNameFields => ['givenname', 'sn'], 
                Map => [ 
                        # note: Login, Email and CustomerID needed! 
                        # var, frontend, storage, shown, required, 
storage-type 
                        #[ 'UserSalutation', 'Title', 'title', 1, 0, 
'var' ], 
                        [ 'UserFirstname', 'Firstname', 'givenname', 1, 
1, 'var' ], 
                        [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' 
], 
                        [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 
'var' ], 
                        #['UserPassword', 'Password', 'pw', 0, 1, 
'var'], 
                        [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ], 
                        [ 'UserCustomerID', 'CustomerID', 
'sAMAccountName', 0, 1, 'var' ], 
                        [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 

'var' ], 
                        #[ 'UserAddress', 'Address', 'postaladdress', 1, 

0, 'var' ], 
                        #[ 'UserComment', 'Comment', 'description', 1, 
0, 'var' ], 
                ], 
        }; 

I tried a lot of different config found on this mailing list but it 
doesn't work. 

Laouache 
--------------------------------------------------------------------- 
OTRS mailing list: otrs - Webpage: http://otrs.org/ 
Archive: http://lists.otrs.org/pipermail/otrs 
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs 

NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! 
http://www.otrs.com/en/support/enterprise-subscription/ 

---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/

Reply via email to