otrs 5 migration from 4 ldap not working

Moderator: crythias

Post Reply
happysmile
Znuny newbie
Posts: 8
Joined: 24 Apr 2017, 21:05
Znuny Version: five5

otrs 5 migration from 4 ldap not working

Post by happysmile »

Hi!

I have copied the settings from a OTRS 4 into a new OTRS 5 (latest) install of OTRS and I cannot get it to change backends for the customer database, no option presents itself. I have confirmed that ldap auth is working on the new server with command line utilities but I was hoping someone could point me in the right direction? These values all match on both servers:

Code: Select all

$Self->{'Customer::AuthModule::LDAP::UserAttr'} =  'UID';
$Self->{'Customer::AuthModule::LDAP::GroupDN'} =  'cn=me,ou=groups,dc=me,dc=com';
$Self->{'Customer::AuthModule::LDAP::UID'} =  'uid';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =  'dc=me,dc=com';
$Self->{'Customer::AuthModule::LDAP::Host'} =  'ldap.me.local';
$Self->{'Customer::AuthModule'} =  'Kernel::System::CustomerAuth::LDAP';
Top
root
Administrator
Posts: 3968
Joined: 18 Dec 2007, 12:23
Znuny Version: Znuny and Znuny LTS
Real Name: Roy Kaldung
Company: Znuny
Contact:
Contact root

Re: otrs 5 migration from 4 ldap not working

Post by root »

That's only the authentication, search for sth like $Self->{CustomerUser}
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO

Use a test system - always.

Do you need professional services? Check out https://www.znuny.com/

Do you want to contribute or want to know where it goes ?
Top
happysmile
Znuny newbie
Posts: 8
Joined: 24 Apr 2017, 21:05
Znuny Version: five5

Re: otrs 5 migration from 4 ldap not working

Post by happysmile »

root wrote:That's only the authentication, search for sth like $Self->{CustomerUser}
Okay, looking deeper CustomerUser is relevant in a lot of sections namely:

Frontend::Admin::ModuleRegistration
Frontend::Agent::Dashboard
Frontend::Agent::ModuleRegistration
Frontend::Agent::Stats
Frontend::Customer
Frontend::Customer::Preferences
Core::CustomerUser
Core::CustomerCompany
Core::PostMaster
Core::Ticket
Core::TicketACL
Frontend::Agent::Ticket::ViewEscalation
Frontend::Agent::Ticket::ViewLocked
Frontend::Agent::Ticket::ViewQueue
Frontend::Agent::Ticket::ViewResponsible
Frontend::Agent::Ticket::ViewSearch
Frontend::Agent::Ticket::ViewService
Frontend::Agent::Ticket::ViewStatus
Frontend::Agent::Ticket::ViewWatch
Frontend::Agent::ToolBarModule
Frontend::Customer

is there an existing guide on completing this? I am struggling to understand why I do not get an option for LDAP in the Customer User Management in the drop down menu.
Top
root
Administrator
Posts: 3968
Joined: 18 Dec 2007, 12:23
Znuny Version: Znuny and Znuny LTS
Real Name: Roy Kaldung
Company: Znuny
Contact:
Contact root

Re: otrs 5 migration from 4 ldap not working

Post by root »

Usually the configuraton is in Kernel/Config.pm or a custom file in Kernel/Config/Files/ w/ .pm as a suffix.
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO

Use a test system - always.

Do you need professional services? Check out https://www.znuny.com/

Do you want to contribute or want to know where it goes ?
Top
happysmile
Znuny newbie
Posts: 8
Joined: 24 Apr 2017, 21:05
Znuny Version: five5

Re: otrs 5 migration from 4 ldap not working

Post by happysmile »

Okay I am much closer thanks to your hints! :D

When adding the lines below it breaks Kernel/Config.pm do you see anything that is incorrect? This has been copied from my working version 4 OTRS. At first this worked for one or two page loads and then it just breaks whenever I add it back:

Code: Select all

## LDAP Config
####################################################
##
## LDAP configuration for the agent backend
##
####################################################

$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'ldap.me.local';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=me,dc=com';
$Self->{'AuthModule::LDAP::UID'} = 'uid';
# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group xyz to use otrs)
$Self->{'AuthModule::LDAP::GroupDN'} = 'cn=otrs-agent,ou=Groups,dc=cyc,dc=com';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid';
# for ldap posixGroups objectclass (just uid)
$Self->{'AuthModule::LDAP::UserAttr'} = 'UID';

# This is where we sync the agent info with the OTRS backend
$Self->{'AuthModule::UseSyncBackend'} = 'AuthSyncBackend';
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'}='ldap.me.local';
$Self->{'Customer::AuthModule::LDAP:BaseDN'}='ou=People,dc=me,dc=com';
$Self->{'Customer::AuthModule::LDAP:UID'}='uid';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
        UserFirstname => 'givenName',
        UserLastname  => 'sn',
#       UserEmail     => 'mail',
        };

$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
        'users',
];

$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'}='ldap.me.local';
$Self->{'Customer::AuthModule::LDAP:BaseDN'}='ou=People,dc=me,dc=com';
$Self->{'Customer::AuthModule::LDAP:UID'}='uid';

    # ldap database connection
        $Self->{'CustomerUser'} = {
		        Name => 'LDAP Customer Data',
		        Module => 'Kernel::System::CustomerUser::LDAP',
		        Params => {
		                Host => 'ldap.me.local',
		                BaseDN => 'ou=People,dc=me,dc=com',
		                SSCOPE => 'sub',
		                AlwaysFilter => '',
		        },
		        CustomerKey => 'uid',
		        CustomerID => 'uid',
		        CustomerUserListFields => ['cn', 'mail'],
		        CustomerUserSearchFields => ['cn', 'mail'],
		        CustomerUserSearchListLimit => 250,
		        CustomerUserPostMasterSearchFields => ['mail'],
		        CustomerUserNameFields => ['givenname', 'sn'],
		        CustomerUserExcludePrimaryCustomerID => 0,
		        AdminSetPreferences => 0,
		        Map => [
		                ['UserFirstname','Firstname','givenname',1,1,'var','',0],
		                ['UserLastname','Lastname','sn',1,1,'var','',0],
		                ['UserLogin','Username','uid',1,1,'var','',0],
		                ['UserEmail','Email','mail',1,1,'var','',0],
		                ['UserCustomerID','CustomerID','mail',0,1,'var','',0],
		        ],
		};
My apache error log is:

Code: Select all

[Tue Apr 25 14:48:49.534100 2017] [perl:error] [pid 1773:tid 139982639392512] [client 10.1.3.105:63072] Attempt to reload /opt/otrs/Kernel/Config.pm aborted.\nCompilation failed in require at /opt/otrs/Kernel/cpan-lib/Apache2/Reload.pm line 179.\n, referer: http://otrs2.cyc.local/otrs/index.pl
[Tue Apr 25 14:48:50 2017] -e: Kernel::Config could not be loaded: Attempt to reload Kernel/Config.pm aborted.
[Tue Apr 25 14:48:50 2017] -e: Compilation failed in require at /opt/otrs/Kernel/System/ObjectManager.pm line 191.
[Tue Apr 25 14:48:50 2017] -e:  at /opt/otrs/Kernel/System/Web/InterfaceAgent.pm line 80.
[Tue Apr 25 14:48:50.794797 2017] [:error] [pid 1772:tid 139982723319552] Kernel::Config could not be loaded: Attempt to reload Kernel/Config.pm aborted.\nCompilation failed in require at /opt/otrs/Kernel/System/ObjectManager.pm line 191.\n at /opt/otrs/Kernel/System/ObjectManager.pm line 541.\n\tKernel::System::ObjectManager::_DieWithError(Kernel::System::ObjectManager=HASH(0x7f503818c080), "Error", "Kernel::Config could not be loaded: Attempt to reload Kernel/"...) called at /opt/otrs/Kernel/System/ObjectManager.pm line 200\n\tKernel::System::ObjectManager::_ObjectBuild(Kernel::System::ObjectManager=HASH(0x7f503818c080), "Package", "Kernel::Config") called at /opt/otrs/Kernel/System/ObjectManager.pm line 180\n\tKernel::System::ObjectManager::Get(Kernel::System::ObjectManager=HASH(0x7f503818c080), "Kernel::Config") called at /opt/otrs/Kernel/System/Web/InterfaceAgent.pm line 80\n\tKernel::System::Web::InterfaceAgent::new("Kernel::System::Web::InterfaceAgent", "Debug", 0) called at /opt/otrs/bin/cgi-bin/index.pl line 39\n\tModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_index_2epl::handler(Apache2::RequestRec=SCALAR(0x7f502d698e10)) called at /usr/lib/x86_64-linux-gnu/perl5/5.22/ModPerl/RegistryCooker.pm line 207\n\teval {...} called at /usr/lib/x86_64-linux-gnu/perl5/5.22/ModPerl/RegistryCooker.pm line 207\n\tModPerl::RegistryCooker::run(ModPerl::Registry=HASH(0x7f503929a568)) called at /usr/lib/x86_64-linux-gnu/perl5/5.22/ModPerl/RegistryCooker.pm line 173\n\tModPerl::RegistryCooker::default_handler(ModPerl::Registry=HASH(0x7f503929a568)) called at /usr/lib/x86_64-linux-gnu/perl5/5.22/ModPerl/Registry.pm line 32\n\tModPerl::Registry::handler("ModPerl::Registry", Apache2::RequestRec=SCALAR(0x7f502d698e10)) called at -e line 0\n\teval {...} called at -e line 0\n
I can remove the LDAP snippet and the server will work correctly.
Top
happysmile
Znuny newbie
Posts: 8
Joined: 24 Apr 2017, 21:05
Znuny Version: five5

Re: otrs 5 migration from 4 ldap not working

Post by happysmile »

Now it randomly decides to work but most of the time does not. Strange!

Updating: confirming it breaks at random maybe 10-20% of page loads on any pages clicked on.
Top
happysmile
Znuny newbie
Posts: 8
Joined: 24 Apr 2017, 21:05
Znuny Version: five5

Re: otrs 5 migration from 4 ldap not working

Post by happysmile »

I think I partially resolved this issue by removing the lines:

Code: Select all

#$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
#        'users',
#];
I noticed the keyword Sync in the error logs. But the issue persists:

Code: Select all

[Tue Apr 25 15:39:21 2017] -e: Kernel::Config could not be loaded: Attempt to reload Kernel/Config.pm aborted.
[Tue Apr 25 15:39:21 2017] -e: Compilation failed in require at /opt/otrs/Kernel/System/ObjectManager.pm line 191.
[Tue Apr 25 15:39:21 2017] -e:  at /opt/otrs/Kernel/System/Web/InterfaceAgent.pm line 80.
[Tue Apr 25 15:39:21.036720 2017] [:error] [pid 1772:tid 139982896490240] Kernel::Config could not be loaded: Attempt to reload Kernel/Config.pm aborted.\nCompilation failed in require at /opt/otrs/Kernel/System/ObjectManager.pm line 191.\n at /opt/otrs/Kernel/System/ObjectManager.pm line 541.\n\tKernel::System::ObjectManager::_DieWithError(Kernel::System::ObjectManager=HASH(0x7f50381a9b50), "Error", "Kernel::Config could not be loaded: Attempt to reload Kernel/"...) called at /opt/otrs/Kernel/System/ObjectManager.pm line 200\n\tKernel::System::ObjectManager::_ObjectBuild(Kernel::System::ObjectManager=HASH(0x7f50381a9b50), "Package", "Kernel::Config") called at /opt/otrs/Kernel/System/ObjectManager.pm line 180\n\tKernel::System::ObjectManager::Get(Kernel::System::ObjectManager=HASH(0x7f50381a9b50), "Kernel::Config") called at /opt/otrs/Kernel/System/Web/InterfaceAgent.pm line 80\n\tKernel::System::Web::InterfaceAgent::new("Kernel::System::Web::InterfaceAgent", "Debug", 0) called at /opt/otrs/bin/cgi-bin/index.pl line 39\n\tModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_index_2epl::handler(Apache2::RequestRec=SCALAR(0x7f5024f50238)) called at /usr/lib/x86_64-linux-gnu/perl5/5.22/ModPerl/RegistryCooker.pm line 207\n\teval {...} called at /usr/lib/x86_64-linux-gnu/perl5/5.22/ModPerl/RegistryCooker.pm line 207\n\tModPerl::RegistryCooker::run(ModPerl::Registry=HASH(0x7f503818c128)) called at /usr/lib/x86_64-linux-gnu/perl5/5.22/ModPerl/RegistryCooker.pm line 173\n\tModPerl::RegistryCooker::default_handler(ModPerl::Registry=HASH(0x7f503818c128)) called at /usr/lib/x86_64-linux-gnu/perl5/5.22/ModPerl/Registry.pm line 32\n\tModPerl::Registry::handler("ModPerl::Registry", Apache2::RequestRec=SCALAR(0x7f5024f50238)) called at -e line 0\n\teval {...} called at -e line 0\n
Update: never mind removing those lines made the issue worse.
Top
happysmile
Znuny newbie
Posts: 8
Joined: 24 Apr 2017, 21:05
Znuny Version: five5

Re: otrs 5 migration from 4 ldap not working

Post by happysmile »

I removed some duplicate configuration lines for ldap and it is behaving a lot better.
Top
Post Reply

Return to “Help”