LDAP in 4.0.3 Appliance [SOLVED]

[netjess]

Hello Again,
I am trying to use the 4.03 appliance and configure LDAP for customer auth.
After going through what I understand for setup I get an error similar to what I was getting in v3.3.
When I try to log in a a user it states "Authentication succeeded, but no customer record is found in the customer backend. Please contact your administrator".

In the appliance it appears that you no longer edit the Config.pm. I see that what I edited in the GUI was written to a file named ZZZAuto.pm.
I am not clear on how to proceed at this point.

Here is the content of my ZZZAuto.pm

Code: Select all

root@otrs:~# cat otrs/Kernel/Config/Files/ZZZAuto.pm
# OTRS config file (automatically generated)
# VERSION:1.1
package Kernel::Config::Files::ZZZAuto;
use strict;
use warnings;
no warnings 'redefine';
use utf8;
sub Load {
    my ($File, $Self) = @_;
$Self->{'Frontend::Module'}->{'AgentITSMConfigItemSearch'} =  {
  'Description' => 'Search Config Items',
  'GroupRo' => [
    'itsm-configitem'
  ],
  'Loader' => {
    'CSS' => [
      'ITSM.Agent.Detail.css',
      'ITSM.Table.css',
      'ITSM.Print.css'
    ],
    'JavaScript' => [
      'thirdparty/jquery-tablesorter-2.0.5/jquery.tablesorter.js',
      'Core.UI.Table.Sort.js',
      'ITSM.Agent.Zoom.js'
    ]
  },
  'NavBar' => [
    {
      'AccessKey' => '',
      'Block' => '',
      'Description' => 'Search Config Items',
      'Link' => 'Action=AgentITSMConfigItemSearch',
      'LinkOption' => 'onclick="ITSM.Agent.ConfigItem.Search.OpenSearchDialog(\'AgentITSMConfigItemSearch\'); if (event.stopPropagation) { event.stopPropagation(); } else { window.event.cancelBubble = true; } return false;"',
      'Name' => 'Search',
      'NavBar' => 'Config Item',
      'Prio' => '300',
      'Type' => ''
    }
  ],
  'NavBarName' => 'Config Item',
  'Title' => 'Search'
};
$Self->{'Frontend::Module'}->{'AgentITSMConfigItemZoom'} =  {
  'Description' => 'Config Item Zoom',
  'GroupRo' => [
    'itsm-configitem'
  ],
  'Loader' => {
    'CSS' => [
      'ITSM.Agent.Detail.css',
      'ITSM.Agent.Default.css',
      'ITSM.Print.css'
    ],
    'JavaScript' => [
      'thirdparty/jquery-tablesorter-2.0.5/jquery.tablesorter.js',
      'Core.UI.Table.Sort.js',
      'ITSM.Agent.Zoom.js'
    ]
  },
  'NavBarName' => 'Config Item',
  'Title' => 'Zoom'
};
$Self->{'Frontend::Module'}->{'AdminGenericInterfaceMappingSimple'} =  {
  'Description' => 'Admin',
  'Group' => [
    'admin'
  ],
  'Loader' => {
    'CSS' => [
      'Core.Agent.Admin.GenericInterface.css'
    ],
    'JavaScript' => [
      'Core.Agent.Admin.GenericInterfaceMappingSimple.js'
    ]
  },
  'Title' => 'GenericInterface Webservice Mapping GUI'
};
$Self->{'Frontend::Module'}->{'AdminGenericInterfaceDebugger'} =  {
  'Description' => 'Admin',
  'Group' => [
    'admin'
  ],
  'Loader' => {
    'CSS' => [
      'Core.Agent.Admin.GenericInterface.css'
    ],
    'JavaScript' => [
      'Core.Agent.Admin.GenericInterfaceDebugger.js'
    ]
  },
  'Title' => 'GenericInterface Debugger GUI'
};
$Self->{'PublicFrontend::Module'}->{'PublicFAQExplorer'} =  {
  'Description' => 'Public faq',
  'Loader' => {
    'CSS' => [
      'FAQ.Customer.Detail.css',
      'FAQ.Customer.Default.css',
      'FAQ.Widget.css'
    ]
  },
  'NavBar' => [
    {
      'AccessKey' => 'X',
      'Block' => '',
      'Description' => 'FAQ-Area',
      'Link' => 'Action=PublicFAQExplorer',
      'Name' => 'FAQ',
      'NavBar' => '',
      'Prio' => '400',
      'Type' => ''
    }
  ],
  'NavBarName' => 'FAQ',
  'Title' => ''
};
$Self->{'CustomerFrontend::Module'}->{'CustomerFAQExplorer'} =  {
  'Description' => 'Customer FAQ',
  'Loader' => {
    'CSS' => [
      'FAQ.Customer.Detail.css',
      'FAQ.Customer.Default.css',
      'FAQ.Widget.css'
    ]
  },
  'NavBar' => [
    {
      'AccessKey' => '',
      'Block' => '',
      'Description' => 'FAQ',
      'Link' => 'Action=CustomerFAQExplorer',
      'Name' => 'FAQ',
      'NavBar' => 'FAQ',
      'Prio' => '700',
      'Type' => 'Menu'
    },
    {
      'AccessKey' => 'X',
      'Block' => '',
      'Description' => 'FAQ Explorer',
      'Link' => 'Action=CustomerFAQExplorer',
      'Name' => 'FAQ Explorer',
      'NavBar' => 'FAQ',
      'Prio' => '710',
      'Type' => 'Submenu'
    }
  ],
  'NavBarName' => 'FAQ',
  'Title' => ''
};
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} =  '(objectclass=user)';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} =  'Password!';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} =  'cn=ldapbind,ou=Service,dc=domain,dc=local';
$Self->{'Customer::AuthModule::LDAP::UserAttr'} =  'DN';
$Self->{'Customer::AuthModule::LDAP::UID'} =  'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =  'OU=Employees,dc=domain,dc=local';
$Self->{'Customer::AuthModule::LDAP::Host'} =  'dc2.domain.local';
$Self->{'Customer::AuthModule'} =  'Kernel::System::CustomerAuth::LDAP';
$Self->{'CustomerPanelBodyNewAccount'} =  'Hi <OTRS_USERFIRSTNAME>,

You or someone impersonating you has created a new OTRS account for
you.

Full name: <OTRS_USERFIRSTNAME> <OTRS_USERLASTNAME>
User name: <OTRS_USERLOGIN>
Password : <OTRS_USERPASSWORD>

You can log in via the following URL. We encourage you to change your password
via the Preferences button after logging in.

<OTRS_CONFIG_HttpType>://<OTRS_CONFIG_FQDN>/<OTRS_CONFIG_ScriptAlias>customer.pl';
$Self->{'CustomerPanelBodyLostPassword'} =  'Hi <OTRS_USERFIRSTNAME>,


New password: <OTRS_NEWPW>

<OTRS_CONFIG_HttpType>://<OTRS_CONFIG_FQDN>/<OTRS_CONFIG_ScriptAlias>customer.pl';
$Self->{'CustomerPanelBodyLostPasswordToken'} =  'Hi <OTRS_USERFIRSTNAME>,

You or someone impersonating you has requested to change your OTRS
password.

If you want to do this, click on this link. You will receive another email containing the password.

<OTRS_CONFIG_HttpType>://<OTRS_CONFIG_FQDN>/<OTRS_CONFIG_ScriptAlias>customer.pl?Action=CustomerLostPassword;Token=<OTRS_TOKEN>

If you did not request a new password, please ignore this email.';
delete $Self->{'PreferencesGroups'}->{'SpellDict'};
$Self->{'SendmailModule::Host'} =  'smtp.domain.local';
$Self->{'SendmailModule'} =  'Kernel::System::Email::SMTP';
$Self->{'CheckMXRecord::Nameserver'} =  '10.1.1.22';
$Self->{'CustomerHeadline'} =  'My Company Co. Inc.';
$Self->{'Organization'} =  'My Company Co. Inc.';
$Self->{'AdminEmail'} =  'jcain@domain.net';
$Self->{'FQDN'} =  'help.domain.local';
$Self->{'SystemID'} =  96;
$Self->{'SecureMode'} =  1;
}
1;

Thank you.

[Rooobaaat]

http://otrs.github.io/doc/manual/admin/ ... er-backend

[netjess]

Rooobaaat,
Since my Deutsch Sprechen is limited to a Christmas carol, numbers, casual greetings and a few mechanical terms, I am sure you're correct.
Although there is always Google Translate.

So I guess in the appliance version I would directly edit the /SOURCE/SHARE/var/otrs/Kernel/Config/Files/ZZZAuto.pm like I used to edit the /SOURCE/SHARE/var/otrs/Kernel/Config.pm?

I would like to make sure I don't edit the appliance in an area that will get overwritten in an update.

Danke

[reneeb]

Do not edit the ZZZ* files (except for the utf-8 bug mentioned in several threads). Add the LDAP settings in Kernel/Config.pm

[Rooobaaat]

you can also create a file named (e.g.) ZZZLDAPCustomer.pm in <OTRS_HOME>/Kernel/Config/Files and insert the lines there This file would not be replaced during an update

[netjess]

you can also create a file named (e.g.) ZZZLDAPCustomer.pm in <OTRS_HOME>/Kernel/Config/Files and insert the lines there This file would not be replaced during an update

Rooobaaat, How do I tell OTRS to use the custom file or will it read all files in the "<OTRS_HOME>/Kernel/Config/Files" location?

I have created the file and restarted Apache but it will still not allow me to log in.

[reneeb]

You do not have to register the files. All *.pm files are read (if the user the webserver runs with has read permissions).

Are there any log messages?

[netjess]

You do not have to register the files. All *.pm files are read (if the user the webserver runs with has read permissions).

Are there any log messages?

reneeb,

I see no messages in the ORTS syslog.
I see not errors in /var/log/apache2/error.log either.

Here are permissions on the pm files:
root@otrs:~# ls -l /SOURCE/SHARE/var/otrs/Kernel/Config/Files/
total 1812
-rw-r--r-- 1 www-data www-data 101014 Jan 9 12:42 FAQ.xml
-rw-r--r-- 1 www-data www-data 1628 Jan 9 12:52 FrameworkITSMCore.xml
-rw-r--r-- 1 www-data www-data 731 Jan 9 12:51 FrameworkITSM.xml
-rw-rw---- 1 otrs www-data 331916 Dec 11 17:33 Framework.xml
-rw-r--r-- 1 www-data www-data 3167 Jan 9 12:52 GeneralCatalog.xml
-rw-rw---- 1 otrs www-data 25669 Dec 11 17:32 GenericInterface.xml
-rw-r--r-- 1 www-data www-data 1663 Jan 9 12:52 ImportExport.xml
-rw-r--r-- 1 www-data www-data 47766 Jan 9 12:43 iPhoneHandle.xml
-rw-r--r-- 1 www-data www-data 240761 Jan 9 12:52 ITSMChangeManagement.xml
-rw-r--r-- 1 www-data www-data 4595 Jan 9 12:52 ITSMConfigItemGenericInterface.xml
-rw-r--r-- 1 www-data www-data 46222 Jan 9 12:52 ITSMConfigItem.xml
-rw-r--r-- 1 www-data www-data 21552 Jan 9 12:52 ITSMCore.xml
-rw-r--r-- 1 www-data www-data 8840 Jan 9 12:52 ITSMService.xml
-rw-r--r-- 1 www-data www-data 34199 Jan 9 12:52 ITSMTicket.xml
-rw-r--r-- 1 otrs www-data 3213 Jan 9 09:51 OTRSApplianceManagement.xml
-rw-rw---- 1 otrs www-data 24331 Dec 11 17:32 ProcessManagement.xml
-rw-rw---- 1 otrs www-data 4546 Dec 11 17:32 Scheduler.xml
-rw-r--r-- 1 www-data www-data 641 Jan 9 12:52 TicketITSMService.xml
-rw-r--r-- 1 www-data www-data 6757 Jan 9 12:52 TicketITSMTicket.xml
-rw-rw---- 1 otrs www-data 560378 Dec 11 17:33 Ticket.xml
-rw-rw---- 1 www-data www-data 326357 Jan 13 10:06 ZZZAAuto.pm
-rw-rw---- 1 www-data www-data 5456 Jan 13 10:06 ZZZAuto.pm
-rw-rw-r-- 1 www-data www-data 3309 Jan 13 09:39 ZZZLDAPCustomer.pm


Thank you.

[reneeb]

Does Kernel/Config.pm override settings from ZZZLDAPCustomer.pm?

[netjess]

OK, So I got it to work.
I used a config sample from https://gist.github.com/ianworkshere/5507290
I then pasted it into /SOURCE/SHARE/var/otrs/Kernel/Config/Config.pm

I guess I will just have to make sure that I take a copy of the Config.pm before I perform and update.


Thanks to all that gave me suggestions.