OTRS sync openldap: anic, user authenticated but no user dat

remcohage · Post by **remcohage** » 17 Nov 2010, 12:54

Hello,
I try to connect OTRS (OTRS v.3) to openldap server on a test server.
Ldap authentication succeeds, but i cannot log into OTRS with ldap users (employees).
I think that the problem have to be somewhere in the synchronisation to OTRS database, but cannot find out what..
While trying to login i get "Panic, user authenticated but no user data can be found in OTRS DB!! Perhaps the user is invalid." in Firefox.

I've tried multiple configurations from the documentations, but it didn't work for me.
Perhaps anyone got an idea?

Regards,
Remco

# /var/log/messages
Nov 16 17:30:03 ubuntu OTRS-CGI-10[20401]: [Notice][Kernel::System::User::GetUserData] Panic! No UserData for user: 'john'!!!
Nov 16 17:36:52 ubuntu OTRS-CGI-10[20491]: [Notice][Kernel::System::Auth::LDAP::Auth] User: john(uid=john,ou=people,dc=example,dc=com) authentication ok (REMOTE_ADDR: 192.168.2.173).

# /var/log/apache/error.log
Message: No UserID found for 'john'!
Module: ModPerl::ROOT::ModPerl::Registry::var_www_otrs::handler (unknown version) Line: 48

# Config.pm

# First backend, a LDAP tree
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'localhost';
$Self->{'AuthModule::LDAP::BaseDN'} = 'ou=people,dc=example,dc=com';
$Self->{'AuthModule::LDAP::UID'} = 'uid';
$Self->{'AuthModule::LDAP::GroupDN'} = 'cn=example,ou=groups,dc=example,dc=com';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid';
$Self->{'AuthModule::LDAP::UserAttr'} = 'uid';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=admin,dc=example,dc=com';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'secret';
$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};

# agent data sync against ldap
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'ldap://localhost/';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'ou=people,dc=example, dc=com';
$Self->{'AuthModule::LDAP::GroupDN'} = 'cn=example,ou=groups,dc=example,dc=com';
$Self->{'AuthSyncModule::LDAP::UID'} = 'uid';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'cn=admin, dc=example, dc=com';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'secret';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
# DB -> LDAP
UserFirstname => 'uid',
UserLastname => 'sn',
UserEmail => 'Email',
};

# AuthSyncModule::LDAP::UserSyncInitialGroups
# (sync following group with rw permission after initial create of first agent
# login)
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
'users',
];

# Second backend, internal OTRS DB
$Self->{'AuthModule2'} = 'Kernel::System::Auth::DB';
$Self->{'AuthModule::DB::CryptType2'} = 'crypt';
$Self->{'AuthModule::LDAP::Die1'} = 1;