Login Failure with active directory

Moderator: crythias

Post Reply
talfeldman
OTRS newbie
Posts: 10
Joined: 30 Mar 2019, 17:31
OTRS Version?: otrs-latest-6.0

Login Failure with active directory

Post by talfeldman » 30 Mar 2019, 18:43

Hello folks,

I'm having issues login my OTRS 6 (installed on ubuntu 16.04) using ActiveDirectory users (Windows server 2019)
-
as I try to login with a test user I've created I get the following error:
OTRS-CGI-53[1349]: [Error][Kernel::System::User::UserLookup][Line:969]: No UserID found for 'taltest'!

in the OTRS webpage I get: "Authentication succeeded, but no user data record is found in the database. Please contact the administrator."

I'm adding a file with the modification I've made in the Config.pm file.

I've tried to play with the settings but nothing works for me

Thanks in advance,

TaL
You do not have the required permissions to view the files attached to this post.
Last edited by talfeldman on 30 Mar 2019, 19:21, edited 3 times in total.

reneeb
OTRS guru
Posts: 4795
Joined: 13 Mar 2011, 09:54
OTRS Version?: 3.3.x
Company: Perl-Services.de
Contact:

Re: Login Failure with active directory

Post by reneeb » 30 Mar 2019, 18:50

You need to sync the user to the OTRS DB. https://doc.otrs.com/doc/manual/admin/6 ... h-backends
Perl / OTRS development: http://perl-services.de
Free OTRS add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de

talfeldman
OTRS newbie
Posts: 10
Joined: 30 Mar 2019, 17:31
OTRS Version?: otrs-latest-6.0

Re: Login Failure with active directory

Post by talfeldman » 30 Mar 2019, 18:59

have you seen my config file?

-
I tried doing modifications I get now after login in
Internal Server Error

Edit:
after sitting on this for a few hours I got to the point that I get this

Mar 30 20:05:25 localhost OTRS-CGI-53[1476]: [Error][Kernel::System::User::UserAdd][Line:376]: Need UserEmail!
Mar 30 20:05:25 localhost OTRS-CGI-53[1476]: [Error][Kernel::System::Auth::Sync::LDAP::Sync][Line:277]: Can't create user 'talm' (CN=tal moshe,OU=users,OU=Israel,OU=domain,DC=domain,DC=corp) in RDBMS!
Mar 30 20:05:25 localhost OTRS-CGI-53[1476]: [Error][Kernel::System::User::UserLookup][Line:969]: No UserID found for 'talm'!
Mar 30 20:05:25 localhost OTRS-CGI-53[1476]: [Error][Kernel::System::User::UserLookup][Line:969]: No UserID found for 'talm'!
Mar 30 20:05:30 localhost OTRS-CGI-53[1476]: [Error][Kernel::System::User::UserAdd][Line:376]: Need UserEmail!
Mar 30 20:05:30 localhost OTRS-CGI-53[1476]: [Error][Kernel::System::Auth::Sync::LDAP::Sync][Line:277]: Can't create user 'talm' (CN=tal moshe,OU=users,OU=Israel,OU=domain,DC=domain,DC=corp) in RDBMS!
Mar 30 20:05:30 localhost OTRS-CGI-53[1476]: [Error][Kernel::System::User::UserLookup][Line:969]: No UserID found for 'talm'!

any idea what is missing or wrong ?

crythias
Moderator
Posts: 10108
Joined: 04 May 2010, 18:38
OTRS Version?: 5.0.x
Location: SouthWest Florida, USA
Contact:

Re: Login Failure with active directory

Post by crythias » 30 Mar 2019, 23:02

Mar 30 20:05:25 localhost OTRS-CGI-53[1476]: [Error][Kernel::System::User::UserAdd][Line:376]: Need UserEmail! <-- talm doesn't have an email in the "mail" attribute.
Can't create user 'talm' (CN=tal moshe,OU=users,OU=Israel,OU=domain,DC=domain,DC=corp) in RDBMS!

Code: Select all

    # AuthSyncModule::LDAP::UserSyncMap
    # (map if agent should create/synced from LDAP to DB after successful login)
    $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
        # DB -> LDAP
        UserFirstname => 'givenName',
        UserLastname  => 'sn',
        UserEmail     => 'mail', <-- this field should have relevant data.
    };
OTRS 5.0.x (private/testing/public) on Linux with MySQL database. Also on github.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask

talfeldman
OTRS newbie
Posts: 10
Joined: 30 Mar 2019, 17:31
OTRS Version?: otrs-latest-6.0

Re: Login Failure with active directory

Post by talfeldman » 30 Mar 2019, 23:22

Nice, thank you!, I've managed to login from a user located in AD but it looks like it's an agent and not a user
any references maybe regarding this ?

crythias
Moderator
Posts: 10108
Joined: 04 May 2010, 18:38
OTRS Version?: 5.0.x
Location: SouthWest Florida, USA
Contact:

Re: Login Failure with active directory

Post by crythias » 31 Mar 2019, 03:20

otrs/index.pl <-- agent login
otrs/customer.pl <-- customer login
OTRS 5.0.x (private/testing/public) on Linux with MySQL database. Also on github.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask

talfeldman
OTRS newbie
Posts: 10
Joined: 30 Mar 2019, 17:31
OTRS Version?: otrs-latest-6.0

Re: Login Failure with active directory

Post by talfeldman » 31 Mar 2019, 10:43

crythias wrote:
31 Mar 2019, 03:20
otrs/index.pl <-- agent login
otrs/customer.pl <-- customer login
First, thanks. that is the right link
though, the login works for localdb and agents from AD but users still can't log on.. I'm using the same settings for costumer,

$Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host1'} = 'dc01.domain.corp';
$Self->{'Customer::AuthModule::LDAP::BaseDN1'} = 'dc=domain,dc=corp';
$Self->{'Customer::AuthModule::LDAP::UID1'} = 'sAMAccountName';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN1'} = 'CN=ldap bind,CN=Users,DC=domain,DC=corp';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw1'} = 'passwd';
$Self->{'Customer::AuthModule::LDAP::Params1'} = {
port => 389,
timeout => 120,
async => 0,
version => 3,
};

EDIT:
and yes, I did restart the service.
its just for agents it works and for users it doesn't even when using the right link
OTRS-CGI-53[7153]: [Error][Kernel::System::CustomerUser::SetPreferences][Line:1139]: No such user
this is the error I get.. no way the user doesn't exists, could you point me to where the problem might come from

thank you for bearing with me

TaL

crythias
Moderator
Posts: 10108
Joined: 04 May 2010, 18:38
OTRS Version?: 5.0.x
Location: SouthWest Florida, USA
Contact:

Re: Login Failure with active directory

Post by crythias » 31 Mar 2019, 22:45

what do you have for your Customer Map?

https://github.com/OTRS/otrs/blob/3cf48 ... s.pm#L1609
OTRS 5.0.x (private/testing/public) on Linux with MySQL database. Also on github.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask

talfeldman
OTRS newbie
Posts: 10
Joined: 30 Mar 2019, 17:31
OTRS Version?: otrs-latest-6.0

Re: Login Failure with active directory

Post by talfeldman » 01 Apr 2019, 10:47

it's now working. I'm not sure if at the time being I need extra configuration for the logins
but I found this online

Code: Select all

# customer unique id
    CustomerKey => 'sAMAccountName',
    # customer #
    CustomerID => 'mail',
    CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
    CustomerUserSearchPrefix => '',
    CustomerUserSearchSuffix => '*',
    CustomerUserSearchListLimit => 250,
    CustomerUserPostMasterSearchFields => ['mail'],
    CustomerUserNameFields => ['givenname', 'sn'],
    Map => [
      # note: Login, Email and CustomerID needed!
      # var, frontend, storage, shown, required, storage-type
      #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
      [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
      [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
      [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
      [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
      [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
      [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
      #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
      #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],
    ],
  };

Post Reply