NTLM Authentication in OTRS 3 3.04

[comport3]

Hi All,

I'd like to Authenticate Customers (and Agents, if possible) via SSO, using the NTLM/Apache, BasicAuth method described here:
http://wiki.otrs.org/index.php?title=Im ... ith_Apache

However, in the current version 3.04 I can't seem to get it to work correctly.

Does anyone have any suggestions for adapting this guide for the new version?

[comport3]

Scratch that, I changed the Apache .conf from using IP address to using hostname.

Now it is working for some users, but not for others.

Users it's not working for, I receive this msg in /var/log/apache2/error.log -
[error] Bad/Missing NTLM/Basic Authorization Header for /otrs/customer.pl

Any ideas?

[jojo]

well this ssems to be an apache and browser issue (not an OTRS one)

Please note that NTLM is very old and buggy. Using Kerberos will be much better

[comport3]

Hi jojo,

Thank you for your reply.

I've tried implementing mod_auth_kerb as per these instructions -
http://blog.scottlowe.org/2006/08/10/ke ... th-apache/

But no success. The Apache error.log has the following -

ERROR: OTRS-CGI-10 Perl: 5.10.0 OS: linux Time: Fri Jan 7 15:08:22 2011

Message: Need User!

Traceback (9944):
Module: Kernel::System::CustomerUser::DB::CustomerUserDataGet (v1.86) Line: 448
Module: Kernel::System::CustomerUser::CustomerUserDataGet (v1.61) Line: 283
Module: Kernel::System::CustomerAuth::Auth (v1.34) Line: 166
Module: Kernel::System::Web::InterfaceCustomer::Run (v1.56) Line: 203
Module: ModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_customer_2epl::handler (unknown version) Line: 48
Module: (eval) (v1.42) Line: 204
Module: ModPerl::RegistryCooker::run (v1.42) Line: 204
Module: ModPerl::RegistryCooker::default_handler (v1.42) Line: 170
Module: ModPerl::Registry::handler (v1.99) Line: 31

Any ideas?

[jojo]

what is the OTRS log telling?

[comport3]

Don't know - I reverted to LDAP instead, but Kerberos would be preferable. Does anyone have experience implementing it?