Hi Stanford,
I followed that steps by updating the DC name to support SSL and changed the LDAP port but still reciving the same error

Nov 13 22:52:22 localhost OTRS-CGI-62[3409]: [Notice][Kernel::System::Auth::DB::Auth] User: mahmoud.ramadan authentication with wrong Pw!!! (Method: sha256, REMOTE_ADDR: 192.168.1.4)
Nov 13 22:52:22 localhost OTRS-CGI-62[3409]: [Error][Kernel::System::Auth::LDAP::Auth][Line:167]: Can't connect to ldaps://dc.hotciscolabs.com: IO::Socket::SSL: connect: Connection refused

I'm using OTRS ITSM 3.3.10 and didn't explicitly configured SSL with LDAP...i'm afraid that the issue because of I've upgraded OTRS:ITSM
because everything was working fine...if u have any ideas please share !

On Wed, Nov 12, 2014 at 6:50 PM, Stanford, Philip N. <pns@noc.ac.uk> wrote:

Hi Mahmoud

Have you checked using other tools on your OTRS system (eg something like ‘ldapsearch’) that you do have access to the AD LDAP server still?

‘Connection refused’ does sound as if the basic network socket isn’t being established, so could it be that someone has changed a firewall setting between your OTRS system and the AD LDAP server,  or decided to enforce SSL access? Other basic tools like ping or traceroute could be useful too just in case something is preventing access to your DC now.

 

You might try using SSL – I have found that to get this to work I need to specify the host using a URL format rather than just a hostname – eg in line 98 of your Config.pm file you could change

 

Host => 'dc.hotciscolabs.com',

 

to

 

Host => 'ldaps://dc.hotciscolabs.com',

 

and in line 121 change

 

port    => 389

 

to

 

port    => 636

 

That should make OTRS use SSL for the lookup (in version 3.3 anyway).

Regards

Phil

 

From: Mahmoud Ramadan Ali [mailto:cisco.and.more.blog@gmail.com]
Sent: 12 November 2014 15:46
To: OTRS::ITSM User questions and discussions
Subject: Re: [itsm] OTRS and LDAP Integration get broken

 

any updates dears ! i'm stuck now

 

On Tue, Nov 11, 2014 at 9:37 PM, Mahmoud Ramadan Ali <cisco.and.more.blog@gmail.com> wrote:

Hii Dears,

Thanks for the reply but i checked the user and it is not locked or disabled also i'm using Microsoft active directory and do not have ssl configured ...i added the user to the administators and domain admins group without success...i have attached my Config.pm file so u can check it. Please this is urgent so any assistance will be appreciated.

 

On Tue, Nov 11, 2014 at 11:25 AM, Patrick Bloem <P.Bloem@call-teleteam.de> wrote:

Hi Mahmoud,

 

do you check the Active Directory User for the connection?

Maybe is the user is disable or banned from the inactivity policy.

 

With best regards

Patrick Bloem

System Administrator

 

Von: itsm-bounces@otrs.org [mailto:itsm-bounces@otrs.org] Im Auftrag von Mahmoud Ramadan Ali
Gesendet: Dienstag, 11. November 2014 10:18
An: OTRS::ITSM User questions and discussions
Betreff: Re: [itsm] OTRS and LDAP Integration get broken

 

Hiii Marcel,

Thanks for the reply but no i'm not using SSL...i'm integrating this with MS Active directory and the integration worked fine for sometime then get broken...i have uploaded my config file so you can check it ..and thanks in advance...

 

On Tue, Nov 11, 2014 at 6:56 AM, Marcel Schulte <schulte.marcel@gmail.com> wrote:

Hi Mahmoud,

do you connect to LDAP or LDAPS (with SSL)? In case of LDAPS it could have happened the SSL certificate of your LDAP server has changed and your OTRS does not know how to verify this new cert...

 

HTH,

Marcel

 

Mahmoud Ramadan Ali <cisco.and.more.blog@gmail.com> schrieb am Mon Nov 10 2014 at 20:09:21:

Hi everyone
I've integrated OTRS and LDAP and it worked for a sometime but the integration get broken and i'm reciving this error message...any help please how to solve this ?!
Nov 10 20:00:38 localhost OTRS-CGI-62[3438]: [Error][Kernel::System::Auth::LDAP::Auth][Line:167]: Can't connect to dc.hotciscolabs.com:\

---------------------------------------------------------------------
OTRS mailing list: itsm - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/itsm
To unsubscribe: http://lists.otrs.org/mailman/listinfo/itsm


---------------------------------------------------------------------
OTRS mailing list: itsm - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/itsm
To unsubscribe: http://lists.otrs.org/mailman/listinfo/itsm

 


---------------------------------------------------------------------
OTRS mailing list: itsm - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/itsm
To unsubscribe: http://lists.otrs.org/mailman/listinfo/itsm

 

 

This message (and any attachments) is for the recipient only. NERC is subject to the Freedom of Information Act 2000 and the contents of this email and any reply you make may be disclosed by NERC unless it is exempt from release under the Act. Any material supplied to NERC may be stored in an electronic records management system.

---------------------------------------------------------------------
OTRS mailing list: itsm - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/itsm
To unsubscribe: http://lists.otrs.org/mailman/listinfo/itsm