[SOLVED] Error

[Garik]

Hello,

Please help, what does the following error means?

{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:24 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:24 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:25 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:25 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:25 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:26 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:26 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:26 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:27 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:27 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:27 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:27 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).
[Tue Nov 26 17:11:28 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 192.168.0.100).

[crythias]

It means you're attempting Single Sign On/HTTP Auth and the Customer's web browser attempting to access your site is not properly providing the credentials (username) for that purpose.

How to fix? Well, first the customer attempting to access your site probably needs to be on a computer on your domain. Next, possibly, your otrs site may need to be a local site in IE.

[Garik]

Thank you for your soon reply.

All customers in domain. Authentication through LDAP succeed but when i turn on "Single Sign On/HTTP Auth" i get these messages. What is the reason?

[Garik]

Now i get the following errors:
[Wed Nov 27 09:44:27 2013][Error][Kernel::System::CustomerUser::SetPreferences][587] No such user 'domain\user'!
[Wed Nov 27 09:44:27 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: 'domain\user'! Authentication ok (REMOTE_ADDR: 192.168.0.100).
[Wed Nov 27 09:44:27 2013][Error][Kernel::System::CustomerUser::SetPreferences][587] No such user 'domain\user'!
[Wed Nov 27 09:44:27 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: 'domain\user'! Authentication ok (REMOTE_ADDR: 192.168.0.100).
[Wed Nov 27 09:44:27 2013][Error][Kernel::System::CustomerUser::SetPreferences][587] No such user ''domain\user'!
[Wed Nov 27 09:44:28 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: 'domain\user'! Authentication ok (REMOTE_ADDR: 192.168.0.100).
[Wed Nov 27 09:44:28 2013][Error][Kernel::System::CustomerUser::SetPreferences][587] No such user 'domain\user'!

[crythias]

$Self->{'AuthModule::HTTPBasicAuth::Replace'} = 'domain\\'; (or its equivalent for Customer)

[Garik]

The same error. Very strange. Is there any idea?

[Garik]

Please help. What is the problem?
My system installed in Windows 2008 Server 32bit, MSSQL2008R2 Express Edition, IIS7, OTRS 3.3.2

[crythias]

What did you try? If you didn't use the CustomerAuth version, it won't affect CustomerAuth.
What's your current Config.pm?

[Garik]

Here is my Config.pm

LDAP agents authentication work perfect.
LDAP customers authentication work perfect.
Customers HTTPBasicAuth does not work?

Code: Select all

#Enable LDAP Authentication for Agent sAMAccountName
	$Self->{AuthModule} = 'Kernel::System::Auth::LDAP';
	$Self->{'AuthModule::LDAP::Host'} = 'Domain IP address';
	$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=abtj,dc=local';
	$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';  
	$Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=OTRS SEARCH,OU=IT_Users,OU=ABTJ_Users,DC=ABTJ,DC=local';
	$Self->{'AuthModule::LDAP::SearchUserPw'} = '**********';
	$Self->{'AuthSyncModule::LDAP::AlwaysFilter'} = '(mail=*)';
        $Self->{'AuthModule::LDAP::GroupDN'} ='CN=OTRS_AGENTS,OU=ABTJ_Groups,OU=ABTJ_Users,DC=ABTJ,DC=Local';
        $Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
        $Self->{'AuthModule::LDAP::UserAttr'} = 'DN';    

#Enable LDAP Authentication and sync for Agent(objectclass=user)
	$Self->{AuthSyncModule} = 'Kernel::System::Auth::Sync::LDAP';
	$Self->{'AuthSyncModule::LDAP::Host'} = 'Domain IP Address';
	$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=abtj,dc=local';
	$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';  
	$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=OTRS SEARCH,OU=IT_Users,OU=ABTJ_Users,DC=ABTJ,DC=local';
	$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = '**********';
	$Self->{'AuthSyncModule::LDAP::AlwaysFilter'} = '(mail=*)';
        $Self->{'AuthSyncModule::LDAP::GroupDN'} ='CN=OTRS_AGENTS,OU=ABTJ_Groups,OU=ABTJ_Users,DC=ABTJ,DC=Local';
        $Self->{'AuthSyncModule::LDAP::AccessAttr'} = 'member';
        $Self->{'AuthSyncModule::LDAP::UserAttr'} = 'DN';
	$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {UserFirstname => 'givenName',UserLastname  => 'sn',UserEmail     => 'mail',};
	$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = ['users', ];
	$Self->{'AuthSyncModule::LDAP::Params'} = {port    => 389, timeout => 120, async   => 0, version => 3,};

#Enable LDAP Authentication for Customer
    $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
    $Self->{'Customer::AuthModule::LDAP::Host'} = 'Domain IP Address';
    $Self->{'Customer::AuthModule::LDAP::BaseDN'} ='dc=abtj,dc=local';
    $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
    $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} ='CN=OTRS SEARCH,OU=IT_Users,OU=ABTJ_Users,DC=ABTJ,DC=local';
    $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} ='*********';
   #$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(&(objectcategory=person)(objectclass=user)(mail=*)(!(description=built-In))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))';
    $Self->{CustomerUser} = {
      Module => 'Kernel::System::CustomerUser::LDAP',
      Params => {
      Host => 'Domain IP Address',
      BaseDN => 'dc=abtj,dc=local',
      SSCOPE => 'sub',
      UserDN =>'CN=OTRS SEARCH,OU=IT_Users,OU=ABTJ_Users,DC=ABTJ,DC=local',
      UserPw => '*********',
      AlwaysFilter => '(&(objectcategory=person)(objectclass=user)(mail=*)(!(description=built-In))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))',
 },
     CustomerKey => 'sAMAccountName',
     CustomerID => 'mail',
     CustomerUserListFields => ['givenname', 'sn', 'mail'],
     CustomerUserSearchFields => ['displayName','sAMAccountName','givenName', 'sn', 'mail','description'],
     CustomerUserSearchPrefix => '',
     CustomerUserSearchSuffix => '*',
     CustomerUserPostMasterSearchFields => ['displayName','sAMAccountName','givenName','sn','mail','description'],
     CustomerUserNameFields => ['givenname', 'sn'],
     CustomerUserExcludePrimaryCustomerID => 0,
     AdminSetPreferences => 0, 
     CacheTTL => 120,
     Map => [
         [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
         [ 'UserFirstname', 'Firstname', 'givenName', 1, 1, 'var' ],
         [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
         [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
         [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
         [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
         [ 'UserPhone', 'Phone', 'telephoneNumber', 1, 0, 'var' ],
         [ 'UserAddress', 'Address', 'postalAddress', 1, 0, 'var' ],
         [ 'UserStreet', 'Street', 'streetAddress', 1, 0, 'var' ],
         [ 'UserCity', 'City', 'l', 1, 0, 'var' ],
         [ 'UserZip', 'ZIP', 'postalCode', 1, 0, 'var' ],
         [ 'UserCountry', 'Country', 'co', 1, 0, 'var' ],
         [ 'UserComment', 'Comment', 'wWWHomePage', 1, 0, 'var' ],
         ],
   };
        $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::HTTPBasicAuth';
        $Self->{'Customer::AuthModule::HTTPBasicAuth::Replace'} = 'abtj\\';
        $Self->{CustomerPanelLoginURL} = 'http://Server/otrs/customer.pl';
        $Self->{CustomerPanelLogoutURL} = 'http://Server/otrs/customer.pl';

[Garik]

Сrythias, do you have any idea how to solve this problem?

[crythias]

First, you're re-using Customer::AuthModule

If you want it as a different AuthModule, you should append a number to the other ... AuthModule1, AuthModule::LDAP::Host1, etc.

Code: Select all

        $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::HTTPBasicAuth';
        $Self->{'Customer::AuthModule::HTTPBasicAuth::Replace'} = 'domain\\';

[Wed Nov 27 09:44:27 2013][Error][Kernel::System::CustomerUser::SetPreferences][587] No such user 'domain\user'!
[Wed Nov 27 09:44:27 2013][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: 'domain\user'! Authentication ok (REMOTE_ADDR: 192.168.0.100).

Basically, this should work, though it APPEARS the replace isn't taking place... check for case sensitivity.
http://wiki.otterhub.org/index.php?titl ... ith_Apache

[Garik]

Thank you very much.
The problem with SSO was in case sensitive, just replaced "domain\\" to "DOMAIN\\"