[SOLVED] Customer LDAP Issue

[navdhanjal]

Hi All,

Tearing my hair out to get this working. I'm trying to configure Customer LDAP, but get the error 'Authentication Succeeded but no customer record...'

Looking at the log file, I'm getting error:

[Kernel::System::CustomerUser::SetPreferences][506] No such user 'xxxxxxx'!

Here is my config.pm:

Code: Select all

  $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
  $Self->{'Customer::AuthModule::LDAP::Host'} = 'xxxxxx';
  $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'xxxxxx';
  $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
  $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'xxxxxxx';
  $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'xxxxxxx';

#CustomerUser for LDAP

  
  $Self->{CustomerUser} = {
    Module => 'Kernel::System::CustomerUser::LDAP',
    Params => {
      Host => 'xxxxxx',
      BaseDN => 'xxxxxx',
      SSCOPE => 'sub',
      UserDN => 'xxxxxx',
      UserPw => 'xxxxxx',
    },
    CustomerKey => 'sAMAccountName',
    CustomerID => 'mail',
    CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserPostMasterSearchFields => ['mail'],
    CustomerUserNameFields => ['givenname', 'sn'],
    Map => [
      # note: Login, Email and CustomerID needed!
      # var, frontend, storage, shown, required, storage-type
#       [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
      [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
      [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
      [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
      [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
      [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
#       [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#       [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#       [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
    ],
  };

All help really appreciated.

[crythias]

viewtopic.php?f=60&t=16543

[navdhanjal]

Thanks for the link, but it still doesn't help me.

I've followed what you've sent on the link and am still getting exactly the same error for customer ldap login. I've stripped my customer ldap code down to the basics and still can't see what i'm missing...

Code: Select all

$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = $Host;
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = $BaseDN;
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = $SearchUserDN;
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = $SearchUserPw;

$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '';

$Self->{'Customer::AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
    sscope => 'sub',
};

Still getting the following error in my log:


[Wed Sep 26 00:01:40 2012][Notice][Kernel::System::CustomerAuth::LDAP::Auth] CustomerUser: xxxxxx.xxxxx(CN=xxxxxx, xxxx, xx,OU=xxxxxx,OU=xxx,OU=xxxx,DC=xx,DC=xxx,DC=xxx) authentication ok (REMOTE_ADDR: 10.3.156.44).
[Wed Sep 26 00:01:40 2012][Error][Kernel::System::CustomerUser::SetPreferences][506] No such user 'xxxxx.xxxxxx'!

[crythias]

No such user 'xxxxx.xxxxxx'! means what it says.
Auth is auth, user is data (preferences).
Your auth says that it completes successfully. No need to spend much more time on that.
this now means that the value of the login entry is not found in a search of CustomerUser.

Given that everything you've provided is xxxx, troubleshooting is a bit difficult. I don't need to know *your* information, but then again, I can't help you too much if I can't know something about your config, .. even if it's not *your* info, you could at least tweak it so it has a feel of your data, just change the names to contoso or fabrikam or some such as long as it's consistent.


http://doc.otrs.org/3.1/en/html/custome ... ckend-ldap

One param you're missing in CustomerUser is "Name" (an arbitrary description string).

But further than that, change xxxxx to yyyyy. Maybe that will help.

[navdhanjal]

Ok, I will try to do better when posting code to make sure its got enough information.

Going to go away and try adding the CustomerUserName param to see if this helps...

[navdhanjal]

Still no joy I'm afraid...same error...

What everything now looks like after your last posted link help:

Code: Select all

$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'test.testdomain.local';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=test,dc=testdomain,dc=local';

$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'sAMAccountName';

$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = cn=otrsuser,cn=Users,dc=test,dc=testdomain,dc=local';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'otrsuserpw';

$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '';

$Self->{'Customer::AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
    sscope => 'sub',
},

$Self->{'Kernel::System::CustomerUser::LDAP',

 CustomerKey => 'sAMAccountName',

    CustomerID => 'mail',
    CustomerUserListFields => ['cn', 'mail'],
    CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
    CustomerUserSearchListLimit => 250,
    CustomerUserPostMasterSearchFields => ['mail'],
    CustomerUserNameFields => ['givenname', 'sn'],

    CustomerUserExcludePrimaryCustomerID => 0,

    AdminSetPreferences => 0,

    Map => [
        # note: Login, Email and CustomerID are mandatory!
        # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
        [ 'UserTitle',      'Title',      'title',           1, 0, 'var', '', 0 ],
        [ 'UserFirstname',  'Firstname',  'givenname',       1, 1, 'var', '', 0 ],
        [ 'UserLastname',   'Lastname',   'sn',              1, 1, 'var', '', 0 ],
        [ 'UserLogin',      'Username',   'sAMAccountName',             1, 1, 'var', '', 0 ],
        [ 'UserEmail',      'Email',      'mail',            1, 1, 'var', '', 0 ],
        [ 'UserCustomerID', 'CustomerID', 'mail',            0, 1, 'var', '', 0 ],
#        [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
        [ 'UserPhone',      'Phone',      'telephonenumber', 1, 0, 'var', '', 0 ],
        [ 'UserAddress',    'Address',    'postaladdress',   1, 0, 'var', '', 0 ],
        [ 'UserComment',    'Comment',    'description',     1, 0, 'var', '', 0 ],
    ],
    };

[navdhanjal]

Solved using the following code:

Code: Select all

    $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
    $Self->{'Customer::AuthModule::LDAP::Host'} = $Host;
    $Self->{'Customer::AuthModule::LDAP::BaseDN'} = $BaseDN;
    $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
    $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = $SearchUserDN;
    $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = $SearchUserPw;

    $Self->{CustomerUser} = {
        Name => 'LDAP',
        Module => 'Kernel::System::CustomerUser::LDAP',
        Params => {
            Host => $Host,
            BaseDN => $BaseDN,
            SSCOPE => 'sub',
            UserDN => $SearchUserDN,
            UserPw => $SearchUserPw,
        },
        CustomerKey => 'sAMAccountName',
        CustomerID => 'mail',
        CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
        CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
        CustomerUserPostMasterSearchFields => ['mail'],
        CustomerUserNameFields => ['givenname', 'sn'],
        Map => [
      [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
      [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
      [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
      [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
      [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],

],
    };