[Rslv]Error: Need UserLastname! al intentar loguear con LDAP

dummy64 · Post by **dummy64** » 28 May 2012, 10:30

EDIT:Ya conseguí eliminar el check del Userlastname.

Se encontraba en la línea 343 de \Kernel\System\User.pm

    for (qw(UserFirstname UserLastname UserEmail UserLogin  ValidID ChangeUserID)) {
        if ( !$Param{$_} ) {
            $Self->{LogObject}->Log( Priority => 'error', Message => "Need $_!" );
            return;

Aun así sigo liado con el problema de la sincronización de usuarios en el panel de customer, me tira el mensaje Authentication succeeded, but no customer record is found in the customer backend. Please contact your administrator.

-------------------------------------
Buenos dias.

Resulta que hace poco instale OTRS 3.1.3 con ITSM y lo tengo integrado con LDAP, solo tengo un problema, que no me sincroniza los usuarios en el panel de agente si no tiene apellido el usuario. el log de errores de OTRS muestra esto:

[Mon May 28 10:14:20 2012][Error][Kernel::System::User::UserLookup][797] No UserID found for 'bec03'!
[Mon May 28 10:14:29 2012][Notice][Kernel::System::Auth::LDAP::Auth] User: bec03 (CN=BEC03,OU=Sistemas,OU=...,DC=...,DC=es) authentication ok (REMOTE_ADDR: 192.168.1.XX).
[Mon May 28 10:14:29 2012][Notice][Kernel::System::User::GetUserData] Panic! No UserData for user: 'bec03'!!!
[Mon May 28 10:14:29 2012][Error][Kernel::System::User::UserAdd][345] Need UserLastname!
[Mon May 28 10:14:29 2012][Error][Kernel::System::Auth::Sync::LDAP::Sync][262] Can't create user 'bec03' (CN=BEC03,OU=Sistemas,OU=...DC=es) in RDBMS!
[Mon May 28 10:14:29 2012][Error][Kernel::System::User::UserLookup][797] No UserID found for 'bec03'!
[Mon May 28 10:14:29 2012][Error][Kernel::System::User::UserLookup][797] No UserID found for 'bec03'!
[Mon May 28 10:14:29 2012][Notice][Kernel::System::User::GetUserData] Panic! No UserData for user: 'bec03'!!!

Estas son las lineas del Config.pm

Code: Select all

	
# This is an example configuration for an LDAP auth. backend.
# (Make sure Net::LDAP is installed!)
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'YYY.es';
$Self->{'AuthModule::LDAP::BaseDN'} = 'dc=YYY,dc=es';
$Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';

# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group xyz to use otrs)
#$Self->{'AuthModule::LDAP::GroupDN'} = 'cn=otrs otrs,ou=,dc=example,dc=com';
#$Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid';
# for ldap posixGroups objectclass (just uid)
$Self->{'AuthModule::LDAP::UserAttr'} = 'UID';
# for non ldap posixGroups objectclass (with full user dn)
#  $Self->{'AuthModule::LDAP::UserAttr'} = 'DN';

# The following is valid but would only be necessary if the
# anonymous user do NOT have permission to read from the LDAP tree
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'cn=otrs otrs,ou=XXX,dc=YYY,dc=es';
$Self->{'AuthModule::LDAP::SearchUserPw'} = '*********'
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
#$Self->{'AuthModule::LDAP::AlwaysFilter'} = '';

# in case you want to add a suffix to each login name, then
# you can use this option. e. g. user just want to use user but
# in your ldap directory exists user@domain.
#    $Self->{'AuthModule::LDAP::UserSuffix'} = '@domain.com';

# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
    port => 389,
    timeout => 120,
    async => 0,
    version => 3,
};

	
	### FIN LDAP AGENT ###
	
 
   # --------------------------------------------------- #
   # authentication sync settings                        #
   # (enable agent data sync. after succsessful          #
   # authentication)                                     #
   # --------------------------------------------------- #
   # This is an example configuration for an LDAP auth sync. backend.
   # (take care that Net::LDAP is installed!)
    $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
    $Self->{'AuthSyncModule::LDAP::Host'} = 'YYY.es';
    $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'dc=YYY,dc=es';
    $Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName';
 
   # The following is valid but would only be necessary if the
   # anonymous user do NOT have permission to read from the LDAP tree
    $Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'cn=otrs otrs,ou=XXX,dc=YYY,dc=es';
    $Self->{'AuthSyncModule::LDAP::SearchUserPw'} = '*******';
   # in case you want to add always one filter to each ldap query, use
   # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)'
   #$Self->{'AuthSyncModule::LDAP::AlwaysFilter'} = '';
	
   # AuthSyncModule::LDAP::UserSyncMap
   # (map if agent should create/synced from LDAP to DB after successful login)
	    # UserTable

	$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {
		# DB -> LDAP
		UserFirstname => 'givenName',
		UserLastname => "sn",
		UserEmail => 'mail',
	};
# AuthSyncModule::LDAP::UserSyncInitialGroups
# (sync following group with rw permission after initial create of first agent
# login)
$Self->{'AuthSyncModule::LDAP::UserSyncInitialGroups'} = [
'users',
];
	$Self->{DatabaseUserTable} = 'users';
    $Self->{DatabaseUserTableUserID} = 'id';
    $Self->{DatabaseUserTableUserPW} = 'pw';
    $Self->{DatabaseUserTableUser} = 'login';

Gracias de antemano.