Hello, i have configured OTRS to use two different Active Directory for authenticating agents.
It seems that after failing the first auth backend (because agent is present only on second AD), OTRS does not try to access to second one.
Can anybody give me a clue on how to debug such a problem?
Thank you all for any answer.
OTRS not using second auth backend
Moderator: crythias
-
reneeb
- Znuny guru
- Posts: 5018
- Joined: 13 Mar 2011, 09:54
- Znuny Version: 6.0.x
- Real Name: Renée Bäcker
- Company: Perl-Services.de
- Contact:
Re: OTRS not using second auth backend
can you show us how configured it?
Edit: did you check the logs?
Edit: did you check the logs?
Perl / Znuny development: http://perl-services.de
Free Znuny add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de
Free Znuny add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de
Re: OTRS not using second auth backend
Thank you for your quick reply!
I am attaching Config.pm.
We tested the behaviour by creting:
itd_otrs1: on it.ndl.* domain
itd_otrs2: on sl.local domain
itd_otrs2 authenticates normally on first domain and not on second one and that's what was expected. Agent was able to logon:
Dec 17 18:31:06 localhost OTRS-CGI-68[1736]: [Notice][Kernel::System::Auth::LDAP::Auth] User: itd_otrs2 (CN=itd otrs2,OU=Fornitori,DC=sl,DC=local) authentication ok (REMOTE_ADDR: 10.52.16.6).
Dec 17 18:31:06 localhost OTRS-CGI-68[1736]: [Notice][Kernel::System::User::UserUpdate] User: 'itd_otrs2' updated successfully (1)!
Dec 17 18:31:06 localhost OTRS-CGI-68[1736]: [Notice][Kernel::System::User::SetPassword] User: 'itd_otrs2' changed password successfully!
Dec 17 18:31:06 localhost OTRS-CGI-68[1736]: [Notice][Kernel::System::Auth::Sync::LDAP::Sync] User: itd_otrs2 sync failed, no LDAP entry found!BaseDN='OU=Fornitori,DC=it,DC=ndl,DC=norbert-dentressangle,DC=com', Filter='(sAMAccountName=itd_otrs2)', (REMOTE_ADDR: 10.52.16.6).
itd_otrs1 does not authenticate against first backend (this is right because the user is defines in second AD). The problem is that i am not able to see the successfull auth against backend #2:
Dec 18 16:50:55 localhost OTRS-CGI-68[1708]: [Notice][Kernel::System::Auth::LDAP::Auth] User: itd_otrs1 authentication failed, no LDAP entry found!BaseDN='OU=Fornitori,DC=sl,DC=local', Filter='(sAMAccountName=itd_otrs1)', (REMOTE_ADDR: 10.52.16.6).
Dec 18 16:50:55 localhost OTRS-CGI-68[1708]: [Error][Kernel::System::Auth::LDAP::Auth][Line:221]: Search failed! Bad filter
I am attaching Config.pm.
We tested the behaviour by creting:
itd_otrs1: on it.ndl.* domain
itd_otrs2: on sl.local domain
itd_otrs2 authenticates normally on first domain and not on second one and that's what was expected. Agent was able to logon:
Dec 17 18:31:06 localhost OTRS-CGI-68[1736]: [Notice][Kernel::System::Auth::LDAP::Auth] User: itd_otrs2 (CN=itd otrs2,OU=Fornitori,DC=sl,DC=local) authentication ok (REMOTE_ADDR: 10.52.16.6).
Dec 17 18:31:06 localhost OTRS-CGI-68[1736]: [Notice][Kernel::System::User::UserUpdate] User: 'itd_otrs2' updated successfully (1)!
Dec 17 18:31:06 localhost OTRS-CGI-68[1736]: [Notice][Kernel::System::User::SetPassword] User: 'itd_otrs2' changed password successfully!
Dec 17 18:31:06 localhost OTRS-CGI-68[1736]: [Notice][Kernel::System::Auth::Sync::LDAP::Sync] User: itd_otrs2 sync failed, no LDAP entry found!BaseDN='OU=Fornitori,DC=it,DC=ndl,DC=norbert-dentressangle,DC=com', Filter='(sAMAccountName=itd_otrs2)', (REMOTE_ADDR: 10.52.16.6).
itd_otrs1 does not authenticate against first backend (this is right because the user is defines in second AD). The problem is that i am not able to see the successfull auth against backend #2:
Dec 18 16:50:55 localhost OTRS-CGI-68[1708]: [Notice][Kernel::System::Auth::LDAP::Auth] User: itd_otrs1 authentication failed, no LDAP entry found!BaseDN='OU=Fornitori,DC=sl,DC=local', Filter='(sAMAccountName=itd_otrs1)', (REMOTE_ADDR: 10.52.16.6).
Dec 18 16:50:55 localhost OTRS-CGI-68[1708]: [Error][Kernel::System::Auth::LDAP::Auth][Line:221]: Search failed! Bad filter
You do not have the required permissions to view the files attached to this post.