No UserObject in customer.pl

ceastman · Post by **ceastman** » 12 Feb 2014, 18:05

I have setup a new OTRS 3.3.3 upgraded to 3.3.4 installation. Agents can connect to index.pl via ldap authentication. When I point my browser at customer.pl I get an internal server error and the logs have the following:

[Wed Feb 12 10:03:31 2014] [error] [Wed Feb 12 10:03:31 2014] -e: No UserObject! at /opt/otrs//Kernel/System/Auth/LDAP.pm line 25.\n

I do not get a prompt to enter a username / password.

I had the same customer ldap configuratoin working on a different machine with an older version of OTRS, 3.1.13 I believe.

Post by **crythias** » 12 Feb 2014, 18:19

please post config.pm

ceastman · Post by **ceastman** » 12 Feb 2014, 19:12

here is a sanitized version of our Config.pm

Code: Select all

# --
# Kernel/Config.pm - Config file for OTRS kernel
# Copyright (C) 2001-2013 xxx, http://otrs.org/
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --
#  Note:
#
#  -->> Most OTRS configuration should be done via the OTRS web interface
#       and the SysConfig. Only for some configuration, such as database
#       credentials and customer data source changes, you should edit this
#       file. For changes do customer data sources you can copy the definitions
#       from Kernel/Config/Defaults.pm and paste them in this file.
#       Config.pm will not be overwritten when updating OTRS.
# --

package Kernel::Config;

use strict;
use warnings;
use utf8;

sub Load {
    my $Self = shift;

    # ---------------------------------------------------- #
    # database settings                                    #
    # ---------------------------------------------------- #



#$Self->{'AuthModule'} = 'Kernel::System::Auth::DB';
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'ldaphost';
$Self->{'AuthModule::LDAP::BaseDN'} = 'basedn';
$Self->{'AuthModule::LDAP::UID'} = 'mail';

$Self->{'AuthModule::LDAP::GroupDN'} = 'groupdn';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'uniquemember';

$Self->{'AuthModule::LDAP::SearchUserDN'} = '';
$Self->{'AuthModule::LDAP::SearchUserPw'} = '';

$Self->{'AuthModule::LDAP::AlwaysFilter'} = '';

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
};

#$Self->{'Customer::AuthModule'} = 'Kernel::System::Auth::DB';

$Self->{'Customer::AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'ldaphost';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'basedn';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'mail';
$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'groupdn';
$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'uniquemember';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = '';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'Customer::AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
};


# CustomerUser
# (customer ldap backend and settings)
$Self->{CustomerUser} = {
    Name => 'LDAP Data Source',
    Module => 'Kernel::System::CustomerUser::LDAP',
    Params => {
        # ldap host
        Host => 'ldaphost',
        # ldap base dn
        BaseDN => 'basedn',
        # search scope (one|sub)
        SSCOPE => 'sub',
        # The following is valid but would only be necessary if the
        # anonymous user does NOT have permission to read from the LDAP tree
        UserDN => '',
        UserPw => '',
        # in case you want to add always one filter to each ldap query, use
        # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
        AlwaysFilter => '(objectclass= correct class)',

            # if both your frontend and your LDAP are unicode, use this:
            SourceCharset => 'utf-8',
            DestCharset   => 'utf-8',
            # if your frontend is unicode and the charset of your
            # ldap server is iso-8859-1, use these options.
            # SourceCharset => 'iso-8859-1',
            # DestCharset => 'utf-8',
            # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
            Params => {
                port => 389,
                timeout => 120,
                async => 0,
                version => 3,
            },
    },
    # customer unique id
    CustomerKey => 'mail',
    # customer #
    CustomerID => 'o',
    CustomerUserListFields => ['cn', 'mail'],
    CustomerUserSearchFields => ['mail'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
    CustomerUserSearchListLimit => 50,
    CustomerUserPostMasterSearchFields => ['mail'],
    CustomerUserNameFields => ['mail'],
    # show not own tickets in customer panel, CompanyTickets
    CustomerUserExcludePrimaryCustomerID => 0,
    # add an ldap filter for valid users (expert setting)
    CustomerUserValidFilter => '(!(description=locked))',
    # administrator can't change customer preferences
    AdminSetPreferences => 0,
    # cache time to live in sec. - cache any database queries
    CacheTTL => 0,
    Map => [
        # note: Login, Email and CustomerID are mandatory!
        # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly
        [ 'UserTitle',      'Title',      'title',           1, 0, 'var', '', 0 ],
        [ 'UserFirstname',  'Firstname',  'givenname',       1, 1, 'var', '', 0 ],
        [ 'UserLastname',   'Lastname',   'sn',              1, 1, 'var', '', 0 ],
        [ 'UserLogin',      'Username',   'mail',             1, 1, 'var', '', 0 ],
        [ 'UserEmail',      'Email',      'mail',            1, 1, 'var', '', 0 ],
        [ 'UserCustomerID', 'CustomerID', 'o',            0, 1, 'var', '', 0 ],
#        [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ],
        [ 'UserPhone',      'Phone',      'telephonenumber', 1, 0, 'var', '', 0 ],
        [ 'UserAddress',    'Address',    'postaladdress',   1, 0, 'var', '', 0 ],
        [ 'UserComment',    'Comment',    'description',     1, 0, 'var', '', 0 ],
    ],
};


    # The database host
    $Self->{'DatabaseHost'} = '127.0.0.1';

    # The database name
    $Self->{'Database'} = "otrs";

    # The database user
    $Self->{'DatabaseUser'} = "otrs";

    # The password of database user. You also can use bin/otrs.CryptPassword.pl
    # for crypted passwords
    $Self->{'DatabasePw'} = ' correct password ';

    # The database DSN for MySQL ==> more: "perldoc DBD::mysql"
    $Self->{'DatabaseDSN'} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost}";

    # The database DSN for PostgreSQL ==> more: "perldoc DBD::Pg"
    # if you want to use a local socket connection
#    $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
    # if you want to use a TCP/IP connection
#    $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
    # if you have PostgresSQL 8.1 or earlier, activate the legacy driver with this line:
#    $Self->{DatabasePostgresqlBefore82} = 1;

    # The database DSN for Microsoft SQL Server - only supported if OTRS is
    # installed on Windows as well
#    $Self->{DatabaseDSN} = "DBI:ODBC:driver={SQL Server};Database=$Self->{Database};Server=$Self->{DatabaseHost},1433";

    # The database DSN for Oracle ==> more: "perldoc DBD::oracle"
#    $ENV{ORACLE_HOME} = '/u01/app/oracle/product/10.2.0/client_1';
#    $ENV{NLS_DATE_FORMAT} = 'YYYY-MM-DD HH24:MI:SS';
#    $ENV{NLS_LANG} = "american_america.utf8";

#    $Self->{DatabaseDSN} = "DBI:Oracle:sid=OTRS;host=$Self->{DatabaseHost};port=1522;";

    # ---------------------------------------------------- #
    # fs root directory
    # ---------------------------------------------------- #
    $Self->{Home} = '/opt/otrs';

    # ---------------------------------------------------- #
    # insert your own config settings "here"               #
    # config settings taken from Kernel/Config/Defaults.pm #
    # ---------------------------------------------------- #
    # $Self->{SessionUseCookie} = 0;
    # $Self->{CheckMXRecord} = 0;

    # ---------------------------------------------------- #

    # ---------------------------------------------------- #
    # data inserted by installer                           #
    # ---------------------------------------------------- #
    # $DIBI$

    # ---------------------------------------------------- #
    # ---------------------------------------------------- #
    #                                                      #
    # end of your own config options!!!                    #
    #                                                      #
    # ---------------------------------------------------- #
    # ---------------------------------------------------- #
}

# ---------------------------------------------------- #
# needed system stuff (don't edit this)                #
# ---------------------------------------------------- #

use base qw(Kernel::Config::Defaults);

# -----------------------------------------------------#

1;

Post by **crythias** » 12 Feb 2014, 19:32

ceastman wrote:When I point my browser at customer.pl I get an internal server error

what do apache error logs say?

ceastman wrote:he logs have the following:

[Wed Feb 12 10:03:31 2014] [error] [Wed Feb 12 10:03:31 2014] -e: No UserObject! at /opt/otrs//Kernel/System/Auth/LDAP.pm line 25.\n

This, generally, shouldn't happen as /customer.pl shouldn't be calling Auth.

Expected suspects: custom Customer Login URL. Otherwise ... Not sure at the moment.

ceastman · Post by **ceastman** » 12 Feb 2014, 21:12

In my browser I am just going to http://ticketsystem/otrs/customer.pl I do not get the dialog to enter a username/password i just get the following:

"
Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.
"
and just the following entry in /var/log/httpd/error_log

[Wed Feb 12 13:10:14 2014] [error] [Wed Feb 12 13:10:14 2014] -e: No UserObject! at /opt/otrs//Kernel/System/Auth/LDAP.pm line 25.\n

http://ticketsystem/otrs/index.pl works fine, i get a dialog to login using my ldap creditentials and that works fine.

shouldn't customer.pl call Auth to authenticate the "customer"? which in my case is internal employees.

Post by **crythias** » 12 Feb 2014, 21:44

customer.pl should call CustomerAuth.

Post by **crythias** » 12 Feb 2014, 21:46

bad: $Self->{'Customer::AuthModule'} = 'Kernel::System::Auth::LDAP';
good: $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';

ceastman · Post by **ceastman** » 12 Feb 2014, 21:56

That was it. Thank you much. Have a good day.

Znuny Open Source Ticketsystem

No UserObject in customer.pl

No UserObject in customer.pl

Re: No UserObject in customer.pl

Re: No UserObject in customer.pl

Re: No UserObject in customer.pl

Re: No UserObject in customer.pl

Re: No UserObject in customer.pl

Re: No UserObject in customer.pl

Re: No UserObject in customer.pl