Three ldap backends
Moderator: crythias
Three ldap backends
Hi guys,
I'm using a two ldap and one mysql backend and I want to add another ldap backend.
But I cant get the third ldap one to work, are there any limitation on how many backends I can use?
I'm using a two ldap and one mysql backend and I want to add another ldap backend.
But I cant get the third ldap one to work, are there any limitation on how many backends I can use?
-
- Znuny guru
- Posts: 5018
- Joined: 13 Mar 2011, 09:54
- Znuny Version: 6.0.x
- Real Name: Renée Bäcker
- Company: Perl-Services.de
- Contact:
Re: Three ldap backends
Currently OTRS supports 11 backends, but that can be extended as well... Did you check the LDAP settings, are there any messages in the log files?
Perl / Znuny development: http://perl-services.de
Free Znuny add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de
Free Znuny add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de
Re: Three ldap backends
[Sun Mar 13 11:55:58 2016][Error][Kernel::System::CustomerUser::LDAP::_Connect][197] First bind failed! 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1
[Sun Mar 13 11:55:58 2016][Error][Kernel::System::CustomerUser::LDAP::CustomerName][251] Search failed! No such file or directory
[Sun Mar 13 11:55:58 2016][Error][Kernel::System::CustomerUser::LDAP::CustomerName][251] Search failed! No such file or directory
Re: Three ldap backends
Here is my code for the three ldap auth and lookup backends, only the first one works.
am I doing it wrong?
am I doing it wrong?
Code: Select all
#Customer domain 1.
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '10.0.0.1';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=domain1, dc=local';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=OTRSUSER,OU=Service Accounts,OU=Servers,DC=domain1,DC=local';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(mail=*)';
$Self->{'Customer::AuthModule::LDAP::Params'} = { async => 0, port => 389, timeout => 120, version =>3, };
## The above is the LDAP Customer Authentication module.
$Self->{CustomerUser} = {
Name => 'Active Directory - Domain 1',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '10.0.0.1',
BaseDN => 'dc=domain1, dc=local',
SSCOPE => 'sub',
UserDN => 'CN=OTRSSEARCH,OU=Service Accounts,OU=Servers,DC=domain1,DC=local',
UserPw => 'password',
AlwaysFilter => '(mail=*)',
SourceCharset => 'utf-8',
DestCharset => 'utf-8',
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'uid', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 900,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CacheTTL => 120,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 1, 'var', '', 1 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
#Customer Domain 2
$Self->{'Customer::AuthModule2'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host2'} = '10.1.0.1';
$Self->{'Customer::AuthModule::LDAP::BaseDN2'} = 'dc=domain2, dc=local';
$Self->{'Customer::AuthModule::LDAP::UID2'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN2'} = 'CN=OTRSUSER,OU=Service Accounts,DC=domain2,DC=local';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw2'} = 'password';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter2'} = '(mail=*)';
$Self->{'Customer::AuthModule::LDAP::Params2'} = { async => 0, port => 389, timeout => 120, version =>3, };
## The above is the LDAP Customer Authentication module.
$Self->{CustomerUser1} = {
Name => 'Active Directory - Domain2',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '10.1.0.1',
BaseDN => 'dc=domain2, dc=local',
SSCOPE => 'sub',
UserDN => 'CN=LDAP OTRS,OU=Service Accounts,DC=domain2,DC=local',
UserPw => 'password',
AlwaysFilter => '(mail=*)',
SourceCharset => 'utf-8',
DestCharset => 'utf-8',
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'uid', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 900,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CacheTTL => 120,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 1, 'var', '', 1 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
#Customer domain 3.
$Self->{'Customer::AuthModule3'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host3'} = '10.3.0.1';
$Self->{'Customer::AuthModule::LDAP::BaseDN3'} = 'dc=domain3, dc=local';
$Self->{'Customer::AuthModule::LDAP::UID3'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN3'} = 'CN=OTRSUSER,OU=Service Accounts,OU=Servers,DC=domain3,DC=local';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw3'} = 'password';
$Self->{'Customer::AuthModule::LDAP::AlwaysFilter3'} = '(mail=*)';
$Self->{'Customer::AuthModule::LDAP::Params3'} = { async => 0, port => 389, timeout => 120, version =>3, };
## The above is the LDAP Customer Authentication module.
$Self->{CustomerUser3} = {
Name => 'Active Directory - Domain 3',
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '10.3.0.1',
BaseDN => 'dc=domain3, dc=local',
SSCOPE => 'sub',
UserDN => 'CN=OTRSUSER,OU=Service Accounts,OU=Servers,DC=domain3,DC=local',
UserPw => 'password',
AlwaysFilter => '(mail=*)',
SourceCharset => 'utf-8',
DestCharset => 'utf-8',
},
CustomerKey => 'sAMAccountName',
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'uid', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 900,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
CacheTTL => 120,
Map => [
[ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ],
[ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ],
[ 'UserPhone', 'Phone', 'telephonenumber', 1, 1, 'var', '', 1 ],
[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ],
[ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ],
],
};
-
- Znuny guru
- Posts: 5018
- Joined: 13 Mar 2011, 09:54
- Znuny Version: 6.0.x
- Real Name: Renée Bäcker
- Company: Perl-Services.de
- Contact:
Re: Three ldap backends
Check your credentials...spiderpig wrote:[Sun Mar 13 11:55:58 2016][Error][Kernel::System::CustomerUser::LDAP::_Connect][197] First bind failed! 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1
Perl / Znuny development: http://perl-services.de
Free Znuny add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de
Free Znuny add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de
Re: Three ldap backends
I already double checked that
I restarted the password couple of time just to be sure.
that doesn't be the case here.
I restarted the password couple of time just to be sure.
that doesn't be the case here.
-
- Znuny guru
- Posts: 5018
- Joined: 13 Mar 2011, 09:54
- Znuny Version: 6.0.x
- Real Name: Renée Bäcker
- Company: Perl-Services.de
- Contact:
Re: Three ldap backends
Did you check that the basedn is correct, too? Error code 52e is "invalid credentials". Did you check that the user isn't locked?
Perl / Znuny development: http://perl-services.de
Free Znuny add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de
Free Znuny add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de
Re: Three ldap backends
yes i double check that also, is it possible I have enter "domainname\" somewhere in the config?
Re: Three ldap backends
Now I'm testing with only one Ldap backend, and I'm randomly getting this error.
"First bind failed! 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1"
even everything seems to work. Any ideas whats going on?
"First bind failed! 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1"
even everything seems to work. Any ideas whats going on?