Authentication succeeded, but no customer record is found

[spiderpig]

Hi,


i'm not sure what i'm doing wrong here, i get this error when i try to log in a customer..
"Authentication succeeded, but no customer record is found in the customer backend. Please contact your administrator"
any ideas ?

my config.pm is below
thanx
(Otrs 3.011 on with iis7 and mysql with ldap (a.d.) and httpauth)

# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2010 xxx, http://otrs.org/
# --
# $Id: Config.pm.dist,v 1.23 2010/01/13 22:25:00 martin Exp $
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --
# Note:
#
# -->> OTRS does have a lot of config settings. For more settings
# (Notifications, Ticket::ViewAccelerator, Ticket::NumberGenerator,
# LDAP, PostMaster, Session, Preferences, ...) see
# Kernel/Config/Defaults.pm and copy your wanted lines into "this"
# config file. This file will not be changed on update!
#
# --

package Kernel::Config;

sub Load {
my $Self = shift;
# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# Start of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #

# ---------------------------------------------------- #
# database settings #
# ---------------------------------------------------- #
# DatabaseHost
# (The database host.)
$Self->{'DatabaseHost'} = 'localhost';
# Database
# (The database name.)
$Self->{'Database'} = 'otrs';
# DatabaseUser
# (The database user.)
$Self->{'DatabaseUser'} = 'otrs';
# DatabasePw
# (The password of database user. You also can use bin/otrs.CryptPassword.pl
# for crypted passwords.)
$Self->{'DatabasePw'} = 'pass';
# DatabaseDSN
# (The database DSN for MySQL ==> more: "man DBD::mysql")
$Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";

# (The database DSN for PostgreSQL ==> more: "man DBD::Pg")
# if you want to use a local socket connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
# if you want to use a tcpip connection
# $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";

# ---------------------------------------------------- #
# fs root directory
# ---------------------------------------------------- #
$Self->{Home} = 'C:/OTRS';

# ---------------------------------------------------- #
# insert your own config settings "here" #
# config settings taken from Kernel/Config/Defaults.pm #
# ---------------------------------------------------- #
# $Self->{SessionUseCookie} = 0;
# $Self->{CheckMXRecord} = 0;

# ---------------------------------------------------- #

# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #

$Self->{LogModule} = 'Kernel::System::Log::File';
$Self->{LogModule::LogFile} = 'C:/OTRS/var/log/otrs.log';
# $DIBI$
$Self->{'DefaultCharset'} = 'utf-8';

$Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host1'} = 'dc';
$Self->{'Customer::AuthModule::LDAP::BaseDN1'} = 'OU=Location, dc=domain, dc=local';
$Self->{'Customer::AuthModule::LDAP::UID1'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN1'} = 'otrssearch';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw1'} = 'pass';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter1'} = '(mail=*)';
$Self->{'Customer::AuthModule::LDAP::Params1'} = { async => 0, port => 389, timeout => 120, version =>3, };
$Self->{'AuthModule::LDAP::Charset'} = 'utf-8';
## The above is the LDAP Customer Authentication module.

$Self->{CustomerUser2} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'dc',
BaseDN => 'OU=Location, dc=domain, dc=local',
SSCOPE => 'sub',
UserDN => 'otrssearch',
UserPw => 'pass',
AlwaysFilter => '(mail=*)',
SourceCharset => 'utf-8',
DestCharset => 'utf-8',
},

CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['cn', 'mail'],
CustomerUserSearchFields => ['uid', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CacheTTL => 120,
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
],
};
## The above is the LDAP Customer Sync module

# This is an example configuration for an apache ($ENV{REMOTE_USER})
# auth. backend. Use it if you want to have a singe login through
# apache http-basic-auth
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::HTTPBasicAuth';

# Note:
# If you use this module, you should use the following
# config settings as fallback, if user isn't login through
# apache ($ENV{REMOTE_USER})
#$Self->{CustomerPanelLoginURL} = 'somepage';
#$Self->{CustomerPanelLogoutURL} = 'somepage';




# ---------------------------------------------------- #
# ---------------------------------------------------- #
# #
# End of your own config options!!! #
# #
# ---------------------------------------------------- #
# ---------------------------------------------------- #
}

# ---------------------------------------------------- #
# needed system stuff (don't edit this) #
# ---------------------------------------------------- #
use strict;
use warnings;

use vars qw(@ISA $VERSION);
$VERSION = qw($Revision: 1.23 $)[1];

use Kernel::Config::Defaults;
push (@ISA, 'Kernel::Config::Defaults');

# -----------------------------------------------------#

1;

[spiderpig]

i get this error in the log.
[Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: DOMAIN\user Authentication ok (REMOTE_ADDR: 172.x.x.x).
[Error][Kernel::System::CustomerUser::SetPreferences][493] No such user ´domain\user !'

when otrs sync the users from a.d. the "domain\" dosent follow. do you have a idea how i can the domain\ before it syncs ?

thanx

[artjoms15]

Uhmm...
Look for file /etc/httpd/zzz_otrs.conf Or in Windows system the same file in your Apache conf directory and look at this block

<Location /otrs>
PerlAuthenHandler Apache2::AuthenNTLM
AuthType ntlm,basic
AuthName Basic
require valid-user
PerlAddVar ntdomain "full.base.dn.adress main_controller backupcontroller"
PerlSetVar defaultdomain full.base.dn.adress
PerlSetVar splitdomainprefix 1
PerlSetVar ntlmdebug 1
</Location>

Check if you have option splitdomainprefix enabled... it should help the problem...

Cheers,
A.

[spiderpig]

thanx for the reply, i am using iis7.

[crythias]

Your index for authorization is 1.
Your index for customer data is 2.
$Self->{CustomerUser2}

[spiderpig]

hi crythias,

i changed $Self->{CustomerUser2} to 1, and it didnt work