Error LDAP Single Sign On on Windows

Moderator: crythias

Locked
kemping123
Znuny newbie
Posts: 1
Joined: 15 May 2012, 17:16
Znuny Version: 3.1.4

Error LDAP Single Sign On on Windows

Post by kemping123 »

Hi.
I have domen on win 2008R2
I configured authentication domain and everything works.
does not work Implementing Single Sign On.
Error
[Tue May 15 18:16:41 2012][Notice][Kernel::System::CustomerAuth::HTTPBasicAuth::Auth] User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 127.0.0.1).
[Tue May 15 18:16:41 2012][Error][Kernel::System::CustomerUser::LDAP::CustomerUserDataGet][576] Need User!

where the error?
thank you!

config httpd

Code: Select all

<IfModule mod_auth_sspi.c> 
 <Directory "D:/OTRS/OTRS/bin/cgi-bin/">

    AuthType SSPI
    SSPIAuth On
    SSPIAuthoritative Off
    SSPIDomain test.ru
    SSPIUsernameCase lower
    SSPIOfferBasic On
    SSPIOmitDomain on
    Require valid-user 
    AllowOverride None
    Options +ExecCGI -Includes
    Order allow,deny
    Allow from all

 </Directory>
  </IfModule>
config.pm

Code: Select all

# Enable LDAP Authentication Sync for Agent #
    $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
    $Self->{'AuthSyncModule::LDAP::Host'} = 'test.ru';
    $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'cn=Users,dc=test,dc=ru';
    $Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
    $Self->{'AuthSyncModule::LDAP::AccessAttr'} = 'member';
    $Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=otrs_sys,CN=Users,DC=test,DC=ru';
    $Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'sam';
    $Self->{'AuthSyncModule::LDAP::Charset'} = 'utf-8';

    # Enable Agent Mapping from LDAP to DB #
    $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
    UserFirstname => 'givenName',
    UserLastname => 'sn',
    UserEmail => 'mail',
    };
    $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
        'users',
    ];
    $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
    $Self->{'AuthModule::LDAP::Host'} = 'test.ru';
    $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=test, dc=ru';
    $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
    $Self->{'AuthModule::LDAP::GroupDN'} = 'CN=Users,DC=test,DC=ru';
    $Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
    $Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
    $Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=otrs_sys,CN=Users,DC=test,DC=ru';
    $Self->{'AuthModule::LDAP::SearchUserPw'} = 'sam';
# Authenticate customer users against an LDAP backend  #
   $Self->{CustomerUser} = {
  Name => 'Active Directory',
      Module => 'Kernel::System::CustomerUser::LDAP',
      Params => {
         Host => 'test.ru',
         BaseDN => 'dc=test,dc=ru',
         SSCOPE => 'sub',
         UserDN => 'cn=otrs_sys,cn=Users,dc=test,dc=ru',
         UserPw => 'samsung',
       AlwaysFilter => '(&(objectcategory=person)(objectclass=user)(mail=*)(!(description=built-In))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))',
      SourceCharset => 'utf-8',
      DestCharset   => 'utf-8',
        },
ReadOnly => 1,
      CustomerKey => 'sAMAccountName',
      CustomerID => 'mail',
      CustomerUserListFields => ['givenname', 'sn', 'mail'],
      CustomerUserSearchFields => ['displayName','sAMAccountName','givenName', 'sn', 'mail','description'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
   CustomerUserPostMasterSearchFields => ['displayName','sAMAccountName','givenName','sn','mail','description'],
      CustomerUserNameFields => ['givenname', 'sn'],
                CustomerUserExcludePrimaryCustomerID => 0,
             CacheTTL => 120,
      Map => [
         [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
         [ 'UserFirstname', 'Firstname', 'givenName', 1, 1, 'var' ],
         [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
         [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
         [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
         [ 'UserPhone', 'Phone', 'telephoneNumber', 1, 0, 'var' ],
         [ 'UserAddress', 'Address', 'postalAddress', 1, 0, 'var' ],
           ],
   };

    $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
    $Self->{'Customer::AuthModule::LDAP::Host'} = 'test.ru';
    $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=test,dc=ru';
    $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
    $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=otrs_sys,cn=users,dc=test,dc=ru';
    $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'sam';

# $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
# $Self->{'AuthModule::LDAP::Replace'} = 'TEST\\';
# $Self->{AgentPanelLoginURL} = 'http://test/otrs/index.pl';
# $Self->{AgentPanelLogoutURL} = 'http://test/otrs/index.pl';

   $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::HTTPBasicAuth';
   $Self->{'Customer::AuthModule::HTTPBasicAuth::Replace'} = 'test.ru\\';
   $Self->{CustomerPanelLoginURL} = 'http://test.ru/otrs/custome.pl';
   $Self->{CustomerPanelLogoutURL} = 'http://test.ru/otrs/customer.pl';
Top
Locked

Return to “Help”