No auth record *HELP*

Hilfe zu Znuny Problemen aller Art
Forum rules
Locked
achilles
Znuny newbie
Posts: 9
Joined: 29 Jan 2008, 14:42

No auth record *HELP*

Post by achilles »

Hallo,

ich bin am verzweifeln. Mein LDAP-Backend will nicht funktionieren.

Folgende Fehlermeldung erscheint:

Code: Select all

Mar 17 11:44:59 and-otrs OTRS-CGI-10[31335]: [Notice][Kernel::System::CustomerAuth::DB::Auth] CustomerUser: No auth record in 'customer_user' for 'ja87th' (REMOTE_ADDR: 10.1.3.54)
Auszug aus meiner Config.pm:

Code: Select all

# ---------------------------------------------------- #
    # Backend Customer
    # ---------------------------------------------------- #

    # CustomerUser
    # (customer user ldap backend and settings)
    $Self->{CustomerUser} = {
        Name => 'LDAP Datenquelle',
        Module => 'Kernel::System::CustomerUser::LDAP',
        Params => {
            # ldap host
            Host => 'and-lkh.lkh.lan',
            # ldap base dn
            BaseDN => 'ou=lkh,o=lan',
            # search scope (one|sub)
            SSCOPE => 'sub',
#            # The following is valid but would only be necessary if the
#            # anonymous user does NOT have permission to read from the LDAP tree
            UserDN => 'otrs',
            UserPw => 'otrs',
            # in case you want to add always one filter to each ldap query, use
            # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
            AlwaysFilter => '',
            # if your frontend is e. g. iso-8859-1 and the charset of your
            # ldap server is utf-8, use this options (if not, ignore it)
#            SourceCharset => 'utf-8',
#            DestCharset => 'iso-8859-1',
            # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
            Params => {
                port => 389,
                timeout => 120,
                async => 0,
                version => 3,
            },
        },
        # customer uniq id
        CustomerKey => 'samAccountName',
        # customer #
        CustomerID => 'mail',
        CustomerUserListFields => ['cn', 'mail'],
        CustomerUserSearchFields => ['samAccountName', 'cn', 'mail'],
        CustomerUserSearchPrefix => '',
        CustomerUserSearchSuffix => '*',
        CustomerUserSearchListLimit => 250,
        CustomerUserPostMasterSearchFields => ['mail'],
        CustomerUserNameFields => ['givenname', 'sn'],
        # show now own tickets in customer panel, CompanyTickets
        CustomerUserExcludePrimaryCustomerID => 0,
        # add a ldap filter for valid users (expert setting)
#       CustomerUserValidFilter => '(!(description=gesperrt))',
        # admin can't change customer preferences
        AdminSetPreferences => 1,
        Map => [
            # note: Login, Email and CustomerID needed!
            # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
            [ 'UserSalutation', 'Title',      'title',           1, 0, 'var', '', 0 ],
            [ 'UserFirstname',  'Firstname',  'givenname',       1, 1, 'var', '', 0 ],
            [ 'UserLastname',   'Lastname',   'sn',              1, 1, 'var', '', 0 ],
            [ 'UserLogin',      'Username',   'uid',             1, 1, 'var', '', 0 ],
            [ 'UserEmail',      'Email',      'mail',            1, 1, 'var', '', 0 ],
            [ 'UserCustomerID', 'CustomerID', 'mail',            0, 1, 'var', '', 0 ],
#            [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
            [ 'UserPhone',      'Phone',      'telephonenumber', 1, 0, 'var', '', 0 ],
            [ 'UserAddress',    'Address',    'postaladdress',   1, 0, 'var', '', 0 ],
            [ 'UserComment',    'Comment',    'description',     1, 0, 'var', '', 0 ],
        ],
    };
Kann mir jemand weiterhelfen?

Grüße
achilles 8)
Top
diginin
Znuny expert
Posts: 213
Joined: 11 Feb 2008, 12:04
Znuny Version: CVS

No auth record *HELP*

Post by diginin »

Versuche erst per LDAP Browser deine Creds zu benutzen und die Struktur anzuschauen. Es klingt als ob was nicht vollständig ist.
Shawn Beasley
Contact me per XING
Contact me per LinkedIN

OTRS CVS on Ubuntu Stable.

Image
signature by diginin74, on Flickr

Computers are like air conditioners, when you open windows they are useless.



P.S. (für Leser meiner Deutschtexte) Rechtschreibfehler bitte mit s/.*/$KORREKTUR/ ersetzen.
Top
achilles
Znuny newbie
Posts: 9
Joined: 29 Jan 2008, 14:42

No auth record *HELP*

Post by achilles »

ok, werde ich tun.

Noch etwas:
Über das Admin-Interface kann ich auf diese Datenquelle zugreifen und auch Benutzer suchen...
Top
achilles
Znuny newbie
Posts: 9
Joined: 29 Jan 2008, 14:42

No auth record *HELP*

Post by achilles »

Habe mir die Struktur von meinem Account angesehen und es scheint so, das alle Parameter vorhanden sind die ich in der Config.pm anfrage.

Weitere Ideen?
Top
jojo
Znuny guru
Posts: 15020
Joined: 26 Jan 2007, 14:50
Znuny Version: Git Master
Contact:
Contact jojo

No auth record *HELP*

Post by jojo »

ich kann in Deiner Config.pm kein CustomerAuth entdecken....
"Production": OTRS™ 8, OTRS™ 7, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) and git Master

Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
Top
achilles
Znuny newbie
Posts: 9
Joined: 29 Jan 2008, 14:42

No auth record *HELP*

Post by achilles »

danke für den tip, manchmal sieht man den wald vor lauter bäumen nicht mehr...

habe jetzt folgendes hinzugefügt und es funktioniert:

Code: Select all

# ---------------------------------------------------- #
    # Authentifizierung Customer
    # ---------------------------------------------------- #


    # This is an example configuration for an LDAP auth. backend.
    # (take care that Net::LDAP is installed!)
     $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
     $Self->{'Customer::AuthModule::LDAP::Host'} = 'and-lkh.lkh.lan';
     $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=lkh,dc=lan';
     $Self->{'Customer::AuthModule::LDAP::UID'} = 'samaccountname';

    # Check if the user is allowed to auth in a posixGroup
    # (e. g. user needs to be in a group xyz to use otrs)
    #$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=otrsallow,ou=posixGroups,dc=example,dc=com';
    #$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'memberUid';
    # for ldap posixGroups objectclass (just uid)
    $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'samaccountname';
    # for non ldap posixGroups objectclass (full user dn)
#    $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';

    # The following is valid but would only be necessary if the
    # anonymous user do NOT have permission to read from the LDAP tree
    $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrs';
    $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'otrs';

    # in case you want to add always one filter to each ldap query, use
    # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
    $Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '';

    # in case you want to add a suffix to each customer login name, then
    # you can use this option. e. g. user just want to use user but
    # in your ldap directory exists user@domain.
#    $Self->{'Customer::AuthModule::LDAP::UserSuffix'} = '@domain.com';

    # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
    $Self->{'Customer::AuthModule::LDAP::Params'} = {
        port => 389,
        timeout => 120,
        async => 0,
        version => 3,
    };

Vielen DANK!
achilles :D
Top
Locked

Return to “Hilfe”