AD integration not working

Moderator: crythias

Locked
advchris
Znuny newbie
Posts: 16
Joined: 04 Nov 2013, 18:19
Znuny Version: 3.2.5
Real Name: Chris Smith

AD integration not working

Post by advchris »

I know this has been posted before in several threads but I have read these and can't get it to work still. Quick system rundown; Server 2008 R2, OTRS 3.2.12, MSSQL, Apache WS.

Problem: Cannot login to OTRS using an AD account - 'Login failed! Your username or password was entered incorrectly'

I have followed several KB's and still can't seem to get this to work, here is the snippet from my config.pm file;

Code: Select all

# This is an example configuration for using an MS AD backend
    $Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
    $Self->{'AuthModule::LDAP::Host1'} = 'localhost';
    $Self->{'AuthModule::LDAP::BaseDN1'} = 'dc=companyname,dc=local';
    $Self->{'AuthModule::LDAP::UID1'} = 'sAMAccountName';
 
    # Check if the user is allowed to auth in a posixGroup
    # (e. g. user needs to be in a group OTRSAgents to use otrs)
    $Self->{'AuthModule::LDAP::GroupDN1'} = 'CN=OTRSAgents,OU=Security,OU=Groups,OU=Users,OU=Head Office,DC=companyname,DC=local';
    $Self->{'AuthModule::LDAP::AccessAttr1'} = 'member';
    $Self->{'AuthModule::LDAP::UserAttr1'} = 'DN';
 
    # Bind credentials to log into AD
    $Self->{'AuthModule::LDAP::SearchUserDN1'} = 'CN=OTRS,OU=System Accounts,OU=IT,OU=Users,OU=Head Office,DC=companyname,DC=local';
    $Self->{'AuthModule::LDAP::SearchUserPw1'} = 'Welcome1234!';
 
    # in case you want to add always one filter to each ldap query, use
    # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
    $Self->{'AuthModule::LDAP::AlwaysFilter'} = '';
 
    # in case you want to add a suffix to each login name,  then
    # you can use this option. e. g. user just want to use user but
    # in your ldap directory exists user@domain.
    #$Self->{'AuthModule::LDAP::UserSuffix'} = '';
 
    # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
    $Self->{'AuthModule::LDAP::Params'} = {
        port => 389,
        timeout => 120,
        async => 0,
        version => 3,
    };
 
   # Now sync data with OTRS DB
    $Self->{'AuthSyncModule1'} = 'Kernel::System::Auth::Sync::LDAP';
    $Self->{'AuthSyncModule::LDAP::Host1'} = 'localhost';
    $Self->{'AuthSyncModule::LDAP::BaseDN1'} = 'dc=companyname, dc=local';
    $Self->{'AuthSyncModule::LDAP::UID1'} = 'sAMAccountName';
    $Self->{'AuthSyncModule::LDAP::SearchUserDN1'} = 'CN=OTRS,OU=System Accounts,OU=IT,OU=Users,OU=Head Office,DC=companyname,DC=local';
    $Self->{'AuthSyncModule::LDAP::SearchUserPw1'} = 'Welcome1234!';
 
    $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
        # DB -> LDAP
        UserFirstname => 'givenName',
        UserLastname  => 'sn',
        UserEmail     => 'mail',
    };
 
    # AuthSyncModule::LDAP::UserSyncInitialGroups
    # (sync following group with rw permission after initial create of first agent
    # login)
    $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
        'users',
    ];
My code is literally the same as above in my config.pm the only variance being that companyname is replaced with my actual company name.
Top
jojo
Znuny guru
Posts: 15020
Joined: 26 Jan 2007, 14:50
Znuny Version: Git Master
Contact:
Contact jojo

Re: AD integration not working

Post by jojo »

check the log!
"Production": OTRS™ 8, OTRS™ 7, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) and git Master

Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
Top
crythias
Moderator
Posts: 10170
Joined: 04 May 2010, 18:38
Znuny Version: 5.0.x
Location: SouthWest Florida, USA
Contact:
Contact crythias

Re: AD integration not working

Post by crythias »

in otrs.log it will tell you more information.

In theory, it's because you need or don't need domain\username, or used or didn't need full upn.

In general, only the username is important.
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Top
advchris
Znuny newbie
Posts: 16
Joined: 04 Nov 2013, 18:19
Znuny Version: 3.2.5
Real Name: Chris Smith

Re: AD integration not working

Post by advchris »

In my otrs.log I only have the following the work with...

Code: Select all

[Sat Nov  9 10:11:56 2013][Notice][main::_AutoRestart] Scheduler service is stopping due a restart.
[Sat Nov  9 10:26:26 2013][Notice][main::_Start] Scheduler Service is starting...!
[Sat Nov  9 10:26:27 2013][Notice][main::_Start] Scheduler Service start! PID 1944
[Sat Nov  9 10:31:21 2013][Notice][main::_AutoRestart] Config.pm changed, unsafe to continue! 
Scheduler is restarting...!

[Sat Nov  9 10:31:22 2013][Notice][main::_AutoRestart] Scheduler service is stopping due a restart.
[Sat Nov  9 10:31:23 2013][Error][main::_AutoRestart][669] Could not start-up new Scheduler instance.
[Sat Nov  9 10:31:24 2013][Notice][main::_Start] Scheduler Service is starting...!
[Sat Nov  9 10:31:25 2013][Notice][main::_Start] Scheduler Service start! PID 3296
[Sat Nov  9 10:33:06 2013][Notice][Kernel::System::PID::PIDCreate] Can't create PID otrs.Scheduler, because it's already running (ADVDC01.advantiscredit.local/3296)!
[Sat Nov  9 10:33:08 2013][Notice][main::_Start] Scheduler Service is starting...!
[Sat Nov  9 10:33:09 2013][Notice][main::_Start] Scheduler Service start! PID 3296
[Sat Nov  9 10:41:57 2013][Notice][main::_AutoRestart] Config.pm changed, unsafe to continue! 
Scheduler is restarting...!

[Sat Nov  9 10:41:58 2013][Notice][main::_AutoRestart] Scheduler service is stopping due a restart.
[Sat Nov  9 10:41:59 2013][Error][main::_AutoRestart][669] Could not start-up new Scheduler instance.
[Sat Nov  9 10:42:00 2013][Notice][main::_Start] Scheduler Service is starting...!
[Sat Nov  9 10:42:01 2013][Notice][main::_Start] Scheduler Service start! PID 3968
[Sat Nov  9 10:53:24 2013][Notice][main::_AutoRestart] Config.pm changed, unsafe to continue! 
Scheduler is restarting...!

[Sat Nov  9 10:53:26 2013][Notice][main::_AutoRestart] Scheduler service is stopping due a restart.
[Sat Nov  9 10:53:26 2013][Error][main::_AutoRestart][669] Could not start-up new Scheduler instance.
[Sat Nov  9 10:53:27 2013][Notice][main::_Start] Scheduler Service is starting...!
[Sat Nov  9 10:53:28 2013][Notice][main::_Start] Scheduler Service start! PID 1272
[Sat Nov  9 10:54:58 2013][Notice][Kernel::System::PID::PIDCreate] Can't create PID otrs.Scheduler, because it's already running (ADVDC01.advantiscredit.local/1272)!
[Sat Nov  9 10:54:59 2013][Notice][main::_Start] Scheduler Service is starting...!
[Sat Nov  9 10:55:00 2013][Notice][main::_Start] Scheduler Service start! PID 1272
[Sun Nov 10 10:55:00 2013][Notice][main::_AutoRestart] Scheduler Service restarts itself (PID 1272).
[Sun Nov 10 10:55:01 2013][Notice][main::_AutoRestart] Scheduler service is stopping due a restart.
[Sun Nov 10 10:55:01 2013][Error][main::_AutoRestart][669] Could not start-up new Scheduler instance.
[Sun Nov 10 10:55:02 2013][Notice][main::_Start] Scheduler Service is starting...!
[Sun Nov 10 10:55:03 2013][Notice][main::_Start] Scheduler Service start! PID 3672
This doesn't seem much help to me but I don't know if you guys know anything different?

I also did post another thread about restarting OTRS services as I can't seem to find how to do this in the version I am using? Every time I make a change I am having to restart the server!
Top
Locked

Return to “Help”