after migrating OTRS 5 Update 10 to another Server and joint to our Active Directory
Server we have got after successfully login with valid AD Credentials the message:
Search failed! (DC=eew,DC=de) filter='(sAMAccountName=pb)' 000004DC: LdapErr:
DSID-0C090748, comment: In order to perform this operation a successful bind must be
completed on the connection., data 0, v2580
Unfortunately we have got the exact same configuration using a different stack in use.
Maybe someone got a solution to this issue yet. Help would be recommended.
cat /opt/otrs/Kernel/Config.pm
...
Code: Select all
# ---------------------------------------------------- #
# auth agents via AD #
# ---------------------------------------------------- #
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'coresrv1.eew.de';
$Self->{'AuthModule::LDAP::BaseDN'} = 'DC=eew,DC=de';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'ldapbind@eew.de';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'secret';
# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group xyz to use otrs)
#$Self->{'AuthModule::LDAP::GroupDN'} = 'CN=tcktadm,CN=groups,DC=eew,DC=de';
#$Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid';
# ---------------------------------------------------- #
# sync agents data from AD #
# ---------------------------------------------------- #
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'coresrv1.eew.de';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'DC=eew,DC=de';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'ldapbind@eew.de';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'secret';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};
# Attributes needed for group syncs
# (attribute name for group value key)
$Self->{'AuthSyncModule::LDAP::AccessAttr'} = 'member';
$Self->{'AuthSyncModule::LDAP::UserAttr'} = 'DN';
$Self->{'AuthSyncModule::LDAP::UserSyncGroupsDefinition'} = {
# ldap group
'CN=tcktadm,OU=Groups,DC=eew,DC=de' => {
# otrs group
'admin' => {
rw => 1,
},
'stats' => {
rw => 1,
},
},
'CN=helpdeskeew,OU=Groups,DC=eew,DC=de' => {
'helpdeskeew' => {
rw => 1,
},
},
'CN=helpdeskbgk,OU=Groups,DC=eew,DC=de' => {
'helpdeskmcd' => {
rw => 1,
},
},
};
}
Regards