LDAP for Agents and compilation aborted

Moderator: crythias

Post Reply
gibit
OTRS newbie
Posts: 6
Joined: 29 Oct 2017, 21:07
OTRS Version?: OTRS5
Real Name: Gibit

LDAP for Agents and compilation aborted

Post by gibit » 02 Jun 2018, 16:10

Hi all
i'm trying to setup a new installation of OTRS 6 (6.0.7-01) on centos 7 , and i'm stuck at the LDAP configuration.
I need to set up only agents authentication
I'm tryin to follow all the advices from manuals and forums , but no way to have it working.
My config is basically the same i used to run with no problems on a previous OTRS 5 installation

When i try to start OTRS is complains about all the lines of code i have added for LDAP authentication

Global symbol "$Self" requires explicit package name at /opt/otrs/Kernel/Config.pm line 123.
Global symbol "$Self" requires explicit package name at /opt/otrs/Kernel/Config.pm line 124.
Global symbol "$Self" requires explicit package name at /opt/otrs/Kernel/Config.pm line 126.
Global symbol "$Self" requires explicit package name at /opt/otrs/Kernel/Config.pm line 127
BEGIN not safe after errors--compilation aborted at /opt/otrs/Kernel/Config.pm line 141
Compilation failed in require at /opt/otrs/Kernel/System/ObjectManager.pm line 24.
BEGIN failed--compilation aborted at /opt/otrs/Kernel/System/ObjectManager.pm line 24.
Compilation failed in require at /opt/otrs/bin/otrs.Daemon.pl line 35.
BEGIN failed--compilation aborted at /opt/otrs/bin/otrs.Daemon.pl line 35


This is what i have added to the config.pm


# AUTH LDAP AGENTS


$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'dc.dom.priv';
$Self->{'AuthModule::LDAP::BaseDN'} = 'ou=staff,dc=domain,dc=priv';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';

$Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=support_otrs,ou=ServiceAccounts,dc=domain,dc=priv';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'password';

$Self->{'AuthModule::LDAP::Params'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};

$Self->{'AuthModule::LDAP::AlwaysFilter'} = '';


# SYNC LDAP AGENTS


$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'dc.dom.priv';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'ou=staff,dc=domain,dc=priv';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'cn=support_otrs,ou=ServiceAccounts,dc=domain,dc=priv';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'password';

$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};

$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
'users',
];


What is wrong with this? Values are correct, and formatting seems ok to me
Maybe this part has to be added in a specific point inside config.pm ?
Any help will be really really appreciated!

gb

gibit
OTRS newbie
Posts: 6
Joined: 29 Oct 2017, 21:07
OTRS Version?: OTRS5
Real Name: Gibit

Re: LDAP for Agents and compilation aborted

Post by gibit » 03 Jun 2018, 12:44

I have added a single parameter (sscope = 'sub' ) , and nothing else.
This time i have edited the config.pm file using vi , instead of the Winscp graphical editor
And i have placed the code right after this lines

# ---------------------------------------------------- #
# data inserted by installer #
# ---------------------------------------------------- #
# $DIBI$

Actually i dont know what of the above fixed , if anybody can explain i would be grateful :-)

Code: Select all

$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'dc.dom.priv';
$Self->{'AuthModule::LDAP::BaseDN'} = 'ou=staff,dc=domain,dc=priv';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';

$Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=support_otrs,ou=ServiceAccounts,dc=domain,dc=priv';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'password';

$Self->{'AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
   sscope => 'sub'  ## ADDED THIS
};

$Self->{'AuthModule::LDAP::AlwaysFilter'} = '';

$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'dc.dom.priv';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'ou=staff,dc=domain,dc=priv';
$Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'cn=support_otrs,ou=ServiceAccounts,dc=domain,dc=priv';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'password';


$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
    # DB -> LDAP
    UserFirstname => 'givenName',
    UserLastname  => 'sn',
    UserEmail     => 'mail',
};

$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
'users',
];

wurzel
OTRS guru
Posts: 2424
Joined: 08 Jul 2010, 22:25
OTRS Version?: 6.0.x

Re: LDAP for Agents and compilation aborted

Post by wurzel » 03 Jun 2018, 13:00

Hi,

Did you migrate? Did you use a old Config.pm from previous installations?
can you share your full Config.pm please?


Flo
    ((OTRS)) Community Edition 6.0.x, LAMP LIVE auf Debian 9
    OTRS 6 Managed Silver

    -- Ich beantworte keine Forums-Fragen PN - No PN please

    I won't answer to unfriendly users any more. A greeting and regards are just polite.

    gibit
    OTRS newbie
    Posts: 6
    Joined: 29 Oct 2017, 21:07
    OTRS Version?: OTRS5
    Real Name: Gibit

    Re: LDAP for Agents and compilation aborted

    Post by gibit » 03 Jun 2018, 13:58

    No i did not migrate, this is a fresh install, but i tried to add to config.pm the same code which was previously working on another OTRS 5s install

    This is the full config.pm running now.
    I don't have a copy of the config.pm with the non working version

    Code: Select all

    package Kernel::Config;
    
    use strict;
    use warnings;
    use utf8;
    
    sub Load {
        my $Self = shift;
    
        # ---------------------------------------------------- #
        # database settings                                    #
        # ---------------------------------------------------- #
    
        # The database host
        $Self->{'DatabaseHost'} = '127.0.0.1';
    
        # The database name
        $Self->{'Database'} = "otrs";
    
        # The database user
        $Self->{'DatabaseUser'} = "otrs";
    
        # The password of database user. You also can use bin/otrs.Console.pl Maint::Database::PasswordCrypt
        # for crypted passwords
        $Self->{'DatabasePw'} = 'uFdRnbwx117VYczG';
    
        # The database DSN for MySQL ==> more: "perldoc DBD::mysql"
        $Self->{'DatabaseDSN'} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost}";
    
        # The database DSN for PostgreSQL ==> more: "perldoc DBD::Pg"
        # if you want to use a local socket connection
    #    $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};";
        # if you want to use a TCP/IP connection
    #    $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};";
    
        # The database DSN for Microsoft SQL Server - only supported if OTRS is
        # installed on Windows as well
    #    $Self->{DatabaseDSN} = "DBI:ODBC:driver={SQL Server};Database=$Self->{Database};Server=$Self->{DatabaseHost},1433";
    
        # The database DSN for Oracle ==> more: "perldoc DBD::oracle"
    #    $Self->{DatabaseDSN} = "DBI:Oracle://$Self->{DatabaseHost}:1521/$Self->{Database}";
    #
    #    $ENV{ORACLE_HOME}     = '/path/to/your/oracle';
    #    $ENV{NLS_DATE_FORMAT} = 'YYYY-MM-DD HH24:MI:SS';
    #    $ENV{NLS_LANG}        = 'AMERICAN_AMERICA.AL32UTF8';
    
        # ---------------------------------------------------- #
        # fs root directory
        # ---------------------------------------------------- #
        $Self->{Home} = '/opt/otrs';
    
        # ---------------------------------------------------- #
        # insert your own config settings "here"               #
        # config settings taken from Kernel/Config/Defaults.pm #
        # ---------------------------------------------------- #
        # $Self->{SessionUseCookie} = 0;
        # $Self->{CheckMXRecord} = 0;
    
        # ---------------------------------------------------- #
    
        # ---------------------------------------------------- #
        # data inserted by installer                           #
        # ---------------------------------------------------- #
        # $DIBI$
    
    #
    # Configuration for agent ldap backend auth
    #
    $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
    $Self->{'AuthModule::LDAP::Host'} = 'ddd.ddd.ddd';
    $Self->{'AuthModule::LDAP::BaseDN'} = 'ou=ddddd,dc=dddddd,dc=dddddd';
    $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
    # Check if the user is allowed to auth in a posixGroup
    # (e. g. user needs to be in a group OTRS_Agents to use otrs)
    #$Self->{'AuthModule::LDAP::GroupDN'} = 'cn=Agents,ou=Groups,dc=domain,dc=tld';
    #$Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
    #$Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
    # Bind credentials to log into AD
    $Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=dddd,ou=dddd,dc=ddd,dc=ddd';
    $Self->{'AuthModule::LDAP::SearchUserPw'} = 'dddddd';
    $Self->{'AuthModule::LDAP::AlwaysFilter'} = '';
    # in case you want to add a suffix to each login name,  then
    # you can use this option. e. g. user just want to use user but
    # in your ldap directory exists user@domain.
    #$Self->{'AuthModule::LDAP::UserSuffix'} = '';
    # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
    $Self->{'AuthModule::LDAP::Params'} = {
        port => 389,
        timeout => 120,
        async => 0,
        version => 3,
        sscope => 'sub'
    };
    # Now sync data with OTRS DB
    $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
    $Self->{'AuthSyncModule::LDAP::Host'} = 'ddddd.dddd.ddd';
    $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'ou=dddd,dc=ddddd,dc=ddd';
    $Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
    $Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'cn=dddddddd,ou=dddddddd,dc=ddddd,dc=dddd';
    $Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'ddddddd';
    $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
        # DB -> LDAP
        UserFirstname => 'givenName',
        UserLastname  => 'sn',
        UserEmail     => 'mail',
    };
    # AuthSyncModule::LDAP::UserSyncInitialGroups
    # (sync following group with rw permission after initial create of first agent
    # login)
    $Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
        'users',
    ];
    
        # ---------------------------------------------------- #
        # ---------------------------------------------------- #
        #                                                      #
        # end of your own config options!!!                    #
        #                                                      #
        # ---------------------------------------------------- #
        # ---------------------------------------------------- #
    
        return 1;
    }
    
    # ---------------------------------------------------- #
    # needed system stuff (don't edit this)                #
    # ---------------------------------------------------- #
    
    use Kernel::Config::Defaults; # import Translatable()
    use parent qw(Kernel::Config::Defaults);
    
    # -----------------------------------------------------#
    
    1;
    
    Last edited by gibit on 03 Jun 2018, 16:15, edited 1 time in total.

    wurzel
    OTRS guru
    Posts: 2424
    Joined: 08 Jul 2010, 22:25
    OTRS Version?: 6.0.x

    Re: LDAP for Agents and compilation aborted

    Post by wurzel » 03 Jun 2018, 15:16

    Hi,

    if you don't have the non-running version, no one can find the error.

    You should not have published your database password.


    regards
    Florian
      ((OTRS)) Community Edition 6.0.x, LAMP LIVE auf Debian 9
      OTRS 6 Managed Silver

      -- Ich beantworte keine Forums-Fragen PN - No PN please

      I won't answer to unfriendly users any more. A greeting and regards are just polite.

      gibit
      OTRS newbie
      Posts: 6
      Joined: 29 Oct 2017, 21:07
      OTRS Version?: OTRS5
      Real Name: Gibit

      Re: LDAP for Agents and compilation aborted

      Post by gibit » 03 Jun 2018, 16:03

      thanks anyway for your help
      i'll change the password..

      Post Reply