Hi, Maurer, thank you for your valuable reply :). I've solved my problem by following your suggest. I'm using Windows 2003 server. I faced another problem. By enabling LDAP authentication for agents, I could not log in as admin user he he. To solve this problem, I've decided to use LDAP authentication only for customer users. My configuration is: #Enable LDAP authentication for customers $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = 'domain.xxx.com'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=xxx,DC=com'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'CN'; # The following is valid but would only be necessary if the # anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=otrs_ldap, DC=xxx, DC=com'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password'; # in case you want to add always one filter to each ldap query, use # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)' $Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = ''; # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) $Self->{'Customer::AuthModule::LDAP::Params'} = { port => 389, timeout => 120, async => 0, version => 3, }; When the customers are trying to log in error message appeared. *Panic! No user data!!!!! *But in the log file everything is ok "authentication ok". What is wrong? Maurer, Hermann wrote:
Hi,
I assume, you've read this: http://doc.otrs.org/2.4/en/html/x1835.html#configuration-agent-auth-back end-ldap. Which server are you using as LDAP Backend? For MS ADS you do need the following: $Self->{'AuthModule::LDAP::UID'} = 'cn'; Please make sure, that you really can search in your LDAP (with ldapsearch for example) in the context of the user 'CN=otrs_ldap, OU=otrs_group, DC=xxx, DC=com' with the given password.
Regards, Hermann Maurer