Problem connecting with Active Directory

Cyber Ultra · Post by **Cyber Ultra** » 05 Jan 2007, 13:28

I'm trying to connect my Customers via the Active Directory and I get this error:

[Error][Kernel::System::CustomerAuth::LDAP::Auth][193] Search failed! base='CN=Person,ou=it,ou=company,dc=mycompany,dc=com', filter='(memberUid=CN=Name\, Surname,OU=IT,OU=company,DC=mycompany,DC=com)', Success

But when I connect to OTRS as an Admin (via the DB) and I'm looking for a user in the AD it's working fine.

Here is my config.pm

Code: Select all

    # Customer user authentification against a LDAP backend
    # (take care that Net::LDAP is installed!)


     $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
     $Self->{'Customer::AuthModule::LDAP::Host'} = 'domaincontroler.mycompany.com';
     $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=mycompany,DC=com';
     $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';


    # The following is valid but would only be necessary if the
    # anonymous user do NOT have permission to read from the LDAP tree
    $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=a username,OU=IT,OU=company,DC=mycompany,DC=com';
    $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'passsword';


    # CustomerUser
    # (customer user ldap backend and settings)
    $Self->{CustomerUser} = {
        Name => 'LDAP Datenquelle',
        Module => 'Kernel::System::CustomerUser::LDAP',
        Params => {
            # ldap host
            Host => 'domaincontroler.mycompany.com',
            # ldap base dn
            BaseDN => 'dc=mycompany,dc=com',
            # search scope (one|sub)
            SSCOPE => 'sub',
            # The following is valid but would only be necessary if the
            # anonymous user does NOT have permission to read from the LDAP tree
            UserDN => 'CN=a username,OU=IT,OU=company,DC=mycompany,DC=com',
            UserPw => 'password',
            # in case you want to add always one filter to each ldap query, use
            # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
            AlwaysFilter => '',
        },
        # customer uniq id
        CustomerKey => 'mail',
        # customer #
        CustomerID => 'sAMAccountName',
        CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
        CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
        CustomerUserSearchPrefix => '',
        CustomerUserSearchSuffix => '*',
        CustomerUserSearchListLimit => 250,
        CustomerUserPostMasterSearchFields => ['mail'],
        CustomerUserNameFields => ['givenname', 'sn'],
        # show now own tickets in customer panel, CompanyTickets
        CustomerUserExcludePrimaryCustomerID => 0,
        # add a ldap filter for valid users (expert setting)
        CustomerUserValidFilter => '(!(description=gesperrt))',
        # admin can't change customer preferences
        AdminSetPreferences => 0,
        Map => [
            # note: Login, Email and CustomerID needed!
            # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
            #[ 'UserSalutation', 'Title',      'title',           1, 0, 'var', '', 0 ],
            [ 'UserFirstname',  'Firstname',  'givenname',       1, 1, 'var', '', 0 ],
            [ 'UserLastname',   'Lastname',   'sn',              1, 1, 'var', '', 0 ],
            [ 'UserLogin',      'Username',   'sAMAccountName',             1, 1, 'var', '', 0 ],
            [ 'UserEmail',      'Email',      'mail',            1, 1, 'var', '', 0 ],
            [ 'UserCustomerID', 'CustomerID', 'mail',            0, 1, 'var', '', 0 ],
            #[ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
            [ 'UserPhone',      'Phone',      'telephonenumber', 1, 0, 'var', '', 0 ],
            #[ 'UserAddress',    'Address',    'postaladdress',   1, 0, 'var', '', 0 ],
            #[ 'UserComment',    'Comment',    'description',     1, 0, 'var', '', 0 ],
        ],
    };

Cyber Ultra · Post by **Cyber Ultra** » 19 Jan 2007, 17:03

51 views and no answer ?

Nobody can hlep me ?

jn · Post by jn » 22 Jan 2007, 09:29

I doubt that the BaseDN is set correct

Cyber Ultra · Post by **Cyber Ultra** » 07 Feb 2007, 17:22

jn wrote:I doubt that the BaseDN is set correct

Thx but the same BaseDN is working when I search for a customer and not for authentication ?

jn · Post by jn » 07 Feb 2007, 17:25

BaseDN => 'dc=mycompany,dc=com' ?

Cyber Ultra · Post by **Cyber Ultra** » 08 Feb 2007, 10:02