Zero-byte response opening Admin menus, LDAP backend

Moderator: crythias

mjavahery
OTRS newbie
Posts: 4
Joined: 21 Jan 2017, 07:04
OTRS Version?: 5.0.23
Real Name: Mohammad Javahery
Company: GIG

Zero-byte response opening Admin menus, LDAP backend

Postby mjavahery » 31 Oct 2017, 15:36

I have configured LDAP backend for both agent and customer auth (Clean 5.0.23 installation). When I try to open customer-related menu items in Admin panel or try to open Customer User Administration from top menu, my browser asks me where to save downloaded index.pl file:

menu.png


This is my whole Config.pm (comment lines removed)

Code: Select all

package Kernel::Config;

use strict;
use warnings;
use utf8;

sub Load {
    my $Self = shift;

    $Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
    $Self->{'AuthModule::LDAP:Host1'} = 'eedc.ee.local';
    $Self->{'AuthModule::LDAP::BaseDN1'} = 'dc=ee,dc=local';
    $Self->{'AuthModule::LDAP::UID1'} = 'userPrincipalName';
    $Self->{'AuthModule::LDAP::GroupDN1'} = 'cn=OTRS Agents,ou=Groups,dc=ee,dc=local';
    $Self->{'AuthModule::LDAP::AccessAttr1'} = 'member';
    $Self->{'AuthModule::LDAP::UserAttr1'} = 'DN';
    $Self->{'AuthModule::LDAP::SearchUserDN1'} = 'cn=OTRS Authenticator,ou=Special Access,dc=ee,dc=local';
    $Self->{'AuthModule::LDAP::SearchUserPw1'} = 'Oa))3456!@##';
    $Self->{'AuthModule::LDAP::Params1'} = {
        port    => 389,
        timeout => 120,
        async   => 0,
        version => 3,
    };

    $Self->{'AuthModule::LDAP::Die'} = 1;

    $Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::LDAP';
    $Self->{'Customer::AuthModule::LDAP::Host1'} = 'eedc.ee.local';
    $Self->{'Customer::AuthModule::LDAP::BaseDN1'} = 'dc=ee,dc=local';
    $Self->{'Customer::AuthModule::LDAP::UID1'} = 'sAMAccountName';
    $Self->{'Customer::AuthModule::LDAP::SearchUserDN1'} = 'cn=OTRS Authenticator,ou=Special Access,dc=ee,dc=local';
    $Self->{'Customer::AuthModule::LDAP::SearchUserPw1'} = 'Oa))3456!@##';
    $Self->{'Customer::AuthModule::LDAP::Params1'} = {
        port    => 389,
        timeout => 120,
        async   => 0,
        version => 3,
    };

    $Self->{'Customer::AuthModule::LDAP::Die'} = 1;

    $Self->{'AuthSyncModule1'} = 'Kernel::System::Auth::Sync::LDAP';
    $Self->{'AuthSyncModule::LDAP::Host1'} = 'eedc.ee.local';
    $Self->{'AuthSyncModule::LDAP::BaseDN1'} = 'dc=ee,dc=local';
    $Self->{'AuthSyncModule::LDAP::UID1'} = 'userPrincipalName';
    $Self->{'AuthSyncModule::LDAP::SearchUserDN1'} = 'cn=OTRS Authenticator,ou=Special Access,dc=ee,dc=local';
    $Self->{'AuthSyncModule::LDAP::SearchUserPw1'} = 'Oa))3456!@##';
    $Self->{'AuthSyncModule::LDAP::UserSyncMap1'} = {
        UserFirstname   => 'givenName',
        UserLatname     => 'sn',
        UserEmal        => 'mail',
    };
    $Self->{'AuthSyncModule::LDAP::Charset1'} = 'iso-8859-1';
    $Self->{'AuthSyncModule::LDAP::Params1'} = {
        port    => 389,
        timeout => 120,
        async   => 0,
        version => 3,
    };

    $Self->{'AuthSyncModule::LDAP::Die'} = 1;

    $Self->{'CustomerUser1'} = {
        Name => 'Electrical Engineering',
        Module => 'Kernel::System:CustomerUser::LDAP',
        Params => {
                Host => 'eedc.ee.local',
                BaseDN => 'dc=ee,dc=local',
                SSCOPE => 'sub',
                UserDN => 'cn=OTRS Authenticator,ou=Special Access,dc=ee,dc=local',
                UserPw => 'Oa))3456!@##',
                AlwasFilter => '(userPrincipalName=*@ee.local}',
                SourceCharset => 'utf-8',
                DestCharset => 'utf-8',
                Die => 0,
                Params => {
                        port    => 389,
                        timeout => 120,
                        async   => 0,
                        version => 3,
                },
        },
        CustomerKey => 'sAMAccountName',
        CustomerID => 'sAMAccountName',
        CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
        CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
        CustomerUserSearchListLimit => 1000,
        CustomerUserPostMasterSearchFields => ['mail'],
        CustomerUserNameFieds => ['givenName', 'sn'],
        CustomerUserExcludePrimaryCustomerID => 0,
        CustomerUserCalidFilter => '(!(description=locked))',
        AdminSetPreferences => 1,
        CacheTTL => 0,
        Map => [
                [ 'UserTitle',          'Title',        'title',          1, 0, 'var', '', 0 ],
                [ 'UserFirstname',      'Firstname',    'givenName',      1, 1, 'var', '', 0 ],
                [ 'UserLastname',       'Lastname',     'sn',             1, 1, 'var', '', 0 ],
                [ 'UserLogin',          'Username',     'sAMAccountName', 1, 1, 'var', '', 0 ],
                [ 'UserEmail',          'Email',        'mail',           1, 1, 'var', '', 0 ],
                [ 'UserCustomerID',     'CustomerID',   'sAMAccountName', 0, 1, 'var', '', 0 ],
        ],
    };
    $Self->{'PostmasterDefaultState'} = 'new';
    $Self->{'CustomerDefaultState'} = 'new';

    $Self->{'DatabaseHost'} = '127.0.0.1';
    $Self->{'Database'} = "otrs";
    $Self->{'DatabaseUser'} = "otrs";
    $Self->{'DatabasePw'} = 'TaBT2lZikYiu44TK';
    $Self->{'DatabaseDSN'} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};";
    $Self->{Home} = '/opt/otrs';
}

use Kernel::Config::Defaults; # import Translatable()
use base qw(Kernel::Config::Defaults);

1;


In addition, none of agents can login (I haven't had tried customers yet). What's happening?!
You do not have the required permissions to view the files attached to this post.
1. If you want to have something you have never had, you have to do something you have never done.
2. If you want to do something you have never done, you have to become someone you have never been.
Result:
If you want to have something you have never had, you have to become someone you have never been!

reneeb
OTRS guru
Posts: 4363
Joined: 13 Mar 2011, 09:54
OTRS Version?: 3.3.x
Company: Perl-Services.de
Contact:

Re: Zero-byte response opening Admin menus, LDAP backend

Postby reneeb » 31 Oct 2017, 18:33

Code: Select all

AlwasFilter => '(userPrincipalName=*@ee.local}',

This is wrong. It should be

Code: Select all

AlwaysFilter => '(userPrincipalName=*@ee.local)',


But the rest looks ok. What's the error message in the Apache log? Can you run

Code: Select all

perl bin/cgi-bin/index.pl
on the command line?
Perl / OTRS development: http://perl-services.de
Free OTRS add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de

mjavahery
OTRS newbie
Posts: 4
Joined: 21 Jan 2017, 07:04
OTRS Version?: 5.0.23
Real Name: Mohammad Javahery
Company: GIG

Re: Zero-byte response opening Admin menus, LDAP backend

Postby mjavahery » 01 Nov 2017, 06:54

Thanks a lot for your response.

reneeb wrote:

Code: Select all

AlwasFilter => '(userPrincipalName=*@ee.local}',

This is wrong. It should be

Code: Select all

AlwaysFilter => '(userPrincipalName=*@ee.local)',


I fixed this, and when I first ran this:

Code: Select all

perl bin/cgi-bin/index.pl

it said:

Code: Select all

ERROR: OTRS-CGI-87 Perl: 5.16.3 OS: linux Time: Wed Nov  1 07:51:31 2017

 Message: Need AuthModule::LDAP::Host1 in Kernel/Config.pm

 Traceback (8808):
   Module: Kernel::System::Auth::LDAP::new Line: 43
   Module: Kernel::System::Auth::new Line: 74
   Module: Kernel::System::ObjectManager::_ObjectBuild Line: 227
   Module: Kernel::System::ObjectManager::Get Line: 181
   Module: Kernel::System::Web::InterfaceAgent::Run Line: 777
   Module: /opt/otrs/bin/cgi-bin/indexl. pl Line: 40

I found that I have missed a colon in corresponding line. When fixed it, these errors disappeared and no more error(s) found. But this didn't fix the problem as I have had missed another colon too! After fixing all of these, now I can access customer-related menus, but there are nothing displayed (I have 958 customers in LDAP backend) and still no agents can login. Where can I find corresponding log files to find where the problem lies? According to Defaults.pm, there should be a /tmp/otrs.log file, but isn't. I also receive random internal server errors (code 500).
1. If you want to have something you have never had, you have to do something you have never done.
2. If you want to do something you have never done, you have to become someone you have never been.
Result:
If you want to have something you have never had, you have to become someone you have never been!

mjavahery
OTRS newbie
Posts: 4
Joined: 21 Jan 2017, 07:04
OTRS Version?: 5.0.23
Real Name: Mohammad Javahery
Company: GIG

Re: Zero-byte response opening Admin menus, LDAP backend

Postby mjavahery » 01 Nov 2017, 07:18

Finally solved the problem. Tailed /var/log/messages and found out that OTRS can't resolve FQDN of LDAP server. Replaced it with IP and both agents and customers are now able to login and all customer user data is now fetched. The only remaining problem is now random HTTP 500 errors, which I can't find where it lies.
1. If you want to have something you have never had, you have to do something you have never done.
2. If you want to do something you have never done, you have to become someone you have never been.
Result:
If you want to have something you have never had, you have to become someone you have never been!


Return to “Help”

Who is online

Users browsing this forum: No registered users and 7 guests