LDAP Prob. [Error][Kernel::System::CustomerUser::LDAP::Custo

[asxo]

Hallo,

bekomme im Log folgende Fehlermeldung:

[Error][Kernel::System::CustomerUser::LDAP::CustomerUserDataGet][614] Bad filter


Somebody any Idea?

[Wolfgangf]

ja, wenn Du uns einen Filter zeigst

[asxo]

Do you mean my config.pm?


Gerne doch

#START LDAP Auth.

# Customer Authentifizirung via LDAP
# ---------------------------------------------------- #
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'w3duibodc01.ger.win.int.kn';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=ger,DC=win,DC=int,DC=kn';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=Dui_BO_All_GG,OU=1Gruppen,OU=West,OU=1Client,DC=ger,DC=win,DC=int,DC=kn';
#$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=dui.rt_account, OU=1ServiceAccounts,OU=West,OU=1Client,DC=ger,DC=win,DC=int,DC=kn';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'xxxxx';

#CustomerUser
# (customer user ldap backend and settings)
$Self->{CustomerUser} = {
Name => 'Datenbank',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
# ldap host
Host => 'w3duibodc01.ger.win.int.kn',
# ldap base dn
BaseDN => 'OU=1Client,DC=ger,DC=win,DC=int,DC=kn',
# search scope (one|sub)
SSCOPE => 'sub',
# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the LDAP tree
UserDN => 'cn=dui.rt_useraccount, OU=1ServiceAccounts,OU=West,OU=1Client,DC=ger,DC=win,DC=int,DC=kn',
UserPw => 'xxxxx',
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
AlwaysFilter => '',
# if your frontend is e. g. iso-8859-1 and the charset of your
# ldap server is utf-8, use this options (if not, ignore it)
SourceCharset => 'utf-8',
DestCharset => 'iso-8859-1',
# die if backend can't work, e. g. can't connect to server
Die => 1,
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
# customer uniq id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'sAMAccountName',
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => ['cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 500,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
# show now own tickets in customer panel, CompanyTickets
CustomerUserExcludePrimaryCustomerID => 0,
# add a ldap filter for valid users (expert setting)
# CustomerUserValidFilter => '(!(description=gesperrt))',
# admin can't change customer preferences
AdminSetPreferences => 0,
# cache time to life in sec. - cache any ldap queris
CacheTTL => 0,
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
# [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
#END LDAP Auth.

[Wolfgangf]

AlwaysFilter => '',

nicht auf blank setzen sondern auskommentieren sollte helfen

[asxo]

Erklärst du mir mal eben die Bedeutung vom Always Filter?

Habe irgendwo im Forum mal gelesen das dort ein Wert eingetragen werden soll/muss und du sagst jetzt, ausklammert^^

[jojo]

das ist ein Filter für LDAP Search, also nur benötigt wenn Du was auf der Ebene als zusätzlichen Suchstring brauchst

[asxo]

Nach dem ausklammern ist der Fehler leider noch immer da^^

System::CustomerUser::LDAP::CustomerUserDataGet][614] Bad filter

[Wolfgangf]

Filter können an mehreren Stellen definiert werden - hast Du alle auskommentiert?

[asxo]

Das ist aktuelle Config.pm mit dem ausgeklammerten Filter

#START LDAP Auth.

# Customer Authentifizirung via LDAP
# ---------------------------------------------------- #
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'w3duibodc01.ger.win.int.kn';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=ger,DC=win,DC=int,DC=kn';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
#$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=Dui_BO_All_GG,OU=1Gruppen,OU=West,OU=1Client,DC=ger,DC=win,DC=int,DC=kn';
#$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=dui.rt_account, OU=1ServiceAccounts,OU=West,OU=1Client,DC=ger,DC=win,DC=int,DC=kn';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'xxxxxx';

#CustomerUser
# (customer user ldap backend and settings)
$Self->{CustomerUser} = {
Name => 'Datenbank',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
# ldap host
Host => 'w3duibodc01.ger.win.int.kn',
# ldap base dn
BaseDN => 'OU=1Client,DC=ger,DC=win,DC=int,DC=kn',
# search scope (one|sub)
SSCOPE => 'sub',
# The following is valid but would only be necessary if the
# anonymous user does NOT have permission to read from the LDAP tree
UserDN => 'cn=dui.rt_useraccount, OU=1ServiceAccounts,OU=West,OU=1Client,DC=ger,DC=win,DC=int,DC=kn',
UserPw => 'xxxxxx',
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
#AlwaysFilter => '',
# if your frontend is e. g. iso-8859-1 and the charset of your
# ldap server is utf-8, use this options (if not, ignore it)
SourceCharset => 'utf-8',
DestCharset => 'iso-8859-1',
# die if backend can't work, e. g. can't connect to server
Die => 1,
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
Params => {
port => 389,
timeout => 120,
async => 0,
version => 3,
},
},
# customer uniq id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'sAMAccountName',
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => ['cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 500,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
# show now own tickets in customer panel, CompanyTickets
CustomerUserExcludePrimaryCustomerID => 0,
# add a ldap filter for valid users (expert setting)
# CustomerUserValidFilter => '(!(description=gesperrt))',
# admin can't change customer preferences
AdminSetPreferences => 0,
# cache time to life in sec. - cache any ldap queris
CacheTTL => 0,
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
# [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
#END LDAP Auth.