Re: [otrs] R: [UPGRADE 2.2.6 to 2.3.1] No MainObject! at /var/www/otrs-231/bin/cgi-bin/../../Kernel/System/AuthSession.pm line 83.

Hello folks, well, it still doesn't work for me although I wrote the whole ldap stuff from Default.pm from scratch. Which options do you have configured in Config.pm for ldap? Here is what I got: Customer-Backend: # CustomerUser # (customer user database backend and settings) # frisch aus der Defaults.pm kopiert und angepasst $Self->{CustomerUser} = { Name => 'Database Backend', Module => 'Kernel::System::CustomerUser::DB', Params => { # if you want to use an external database, add the # required settings # DSN => 'DBI:odbc:yourdsn', # DSN => 'DBI:mysql:database=customerdb;host=customerdbhost', # User => '', # Password => '', Table => 'customer_user', }, # customer uniq id CustomerKey => 'login', # customer # CustomerID => 'customer_id', CustomerValid => 'valid_id', CustomerUserListFields => [ 'first_name', 'last_name', 'email' ], # CustomerUserListFields => ['login', 'first_name', 'last_name', 'customer_id', 'email'], CustomerUserSearchFields => [ 'login', 'first_name', 'last_name', 'customer_id' , 'firma' ], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['email'], CustomerUserNameFields => [ 'salutation', 'first_name', 'last_name' ], CustomerUserEmailUniqCheck => 1, # # show now own tickets in customer panel, CompanyTickets # CustomerUserExcludePrimaryCustomerID => 0, # # generate auto logins # AutoLoginCreation => 0, # # generate auto login prefix # AutoLoginCreationPrefix => 'auto', # # admin can change customer preferences # AdminSetPreferences => 1, # # use customer company support (reference to company, See CustomerCompany settings) # CustomerCompanySupport => 1, # # cache time to life in sec. - cache any database queris # CacheTTL => 0, # # just a read only source # ReadOnly => 1, Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly, http-link-target [ 'UserSalutation', 'Salutation', 'salutation', 1, 0, 'var', '', 0 ], [ 'UserFirstname', 'Firstname', 'first_name', 1, 1, 'var', '', 0 ], [ 'UserLastname', 'Lastname', 'last_name', 1, 1, 'var', '', 0 ], # our new option [ 'UserPhone', 'Phone', 'phone', 1, 0, 'var', '', 0 ], [ 'UserPhoneTwo', 'Phone 2', 'phonetwo', 1, 0, 'var', '', 0 ], [ 'UserMobile', 'Mobil', 'mobil', 1, 0, 'var', '', 0 ], [ 'UserFax', 'Fax', 'fax', 1, 0, 'var', '', 0 ], [ 'UserAddress', 'Address', 'address', 1, 0, 'var', '', 0 ], [ 'UserPLZ', 'PLZ', 'plz', 1, 0, 'var', '', 0 ], [ 'UserOrt', 'Ort', 'ort', 1, 0, 'var', '', 0 ], [ 'UserFirma', 'Firma', 'firma', 1, 0, 'var', '', 0 ], [ 'UserLogin', 'Username', 'login', 1, 1, 'var', '', 0 ], [ 'UserPassword', 'Password', 'pw', 0, 0, 'var', '', 0 ], [ 'UserEmail', 'Email', 'email', 1, 1, 'var', '', 0 ], # [ 'UserEmail', 'Email', 'email', 1, 1, 'var', '$Env{"CGIHandle"}?Action=AgentTicketCompose&ResponseID=1&TicketID=$Data{"TicketID"}&ArticleID=$Data{"ArticleID"}', 0 ], [ 'UserCustomerID', 'CustomerID', 'customer_id', 0, 1, 'var', '', 0 ], # [ 'UserCustomerIDs', 'CustomerIDs', 'customer_ids', 1, 0, 'var', '', 0 ], [ 'UserComment', 'Comment', 'comments', 1, 0, 'var', '', 0 ], [ 'ValidID', 'Valid', 'valid_id', 0, 1, 'int', '', 0 ], ], # default selections Selections => { # UserSalutation => { # 'Mr.' => 'Mr.', # 'Mrs.' => 'Mrs.', # }, }, }; # CustomerUser # (customer user ldap backend and settings) $Self->{CustomerUser1} = { Name => 'LDAP Backend', Module => 'Kernel::System::CustomerUser::LDAP', Params => { # ldap host Host => 'contra.tekomedia.local', # ldap base dn BaseDN => 'ou=someou,dc=domain,dc=tld', # search scope (one|sub) SSCOPE => 'sub', # The following is valid but would only be necessary if the # anonymous user does NOT have permission to read from the LDAP tree UserDN => 'cn=somecn,cn=Users,dc=domain,dc=tld', UserPw => 'somepass', # in case you want to add always one filter to each ldap query, use # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)' AlwaysFilter => '(mail=*)', # if your frontend is e. g. iso-8859-1 and the charset of your # ldap server is utf-8, use this options (if not, ignore it) # SourceCharset => 'utf-8', # DestCharset => 'iso-8859-1', # die if backend can't work, e. g. can't connect to server Die => 1, # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) Params => { port => 389, timeout => 120, async => 0, version => 3, }, }, # customer uniq id CustomerKey => 'sAMAccountName', # customer # CustomerID => 'otherPager', CustomerUserListFields => ['cn', 'mail'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail', 'sn', 'givenName', 'company', 'otherPager', 'othermailbox'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], # show now own tickets in customer panel, CompanyTickets CustomerUserExcludePrimaryCustomerID => 0, # add a ldap filter for valid users (expert setting) # CustomerUserValidFilter => '(!(description=gesperrt))', CustomerUserValidFilter => '(!(userAccountControl:1.2.840.113556.1.4.803:=2))', # admin can't change customer preferences AdminSetPreferences => 0, # cache time to life in sec. - cache any ldap queris CacheTTL => 0, Map => [ # note: Login, Email and CustomerID needed! # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly [ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ], [ 'UserLogin', 'Username', 'sAMAccountName', 1, 1, 'var', '', 0 ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ], [ 'UserEmail2', 'Email 2', 'othermailbox', 1, 0, 'var', '', 1 ], [ 'UserCustomerID', 'CustomerID', 'otherPager', 0, 1, 'var', '', 0 ], # [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ], [ 'UserPhoneTwo', 'Phone 2', 'homephone', 1, 0, 'var', '', 0 ], [ 'UserMobile', 'Mobil', 'mobile', 1, 0, 'var', '', 0 ], [ 'UserFax', 'Fax', 'facsimileTelephoneNumber', 1, 0, 'var', '', 0 ], [ 'UserAddress', 'Address', 'streetAddress', 1, 0, 'var', '', 0 ], [ 'UserPLZ', 'PLZ', 'postalCode', 1, 0, 'var', '', 0 ], [ 'UserOrt', 'Ort', 'l', 1, 0, 'var', '', 0 ], [ 'UserFirma', 'Firma', 'company', 1, 0, 'var', '', 0 ], [ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ], ], }; ------------------------------------------------------------------------------------- And for customer authentication: $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::Multiple'; $Self->{'Customer::AuthModule::Multiple::Modules'}='Kernel::System::CustomerAuth::DB Kernel::System::CustomerAuth::LDAP'; # This is an example configuration for an LDAP auth. backend. # (take care that Net::LDAP is installed!) # $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = 'contra.tekomedia.local'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=castroper,dc=tekomedia,dc=local'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; # Check if the user is allowed to auth in a posixGroup # (e. g. user needs to be in a group xyz to use otrs) # $Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=Benutzer,cn=Builtin,dc=domain,dc=tld'; # $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member'; # for ldap posixGroups objectclass (just uid) # $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID'; # for non ldap posixGroups objectclass (full user dn) # $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'; # The following is valid but would only be necessary if the # anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=somecn,cn=Users,dc=domain,dc=tld'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'somepass'; # in case you want to add always one filter to each ldap query, use # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)' $Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(objectclass=user)'; # in case you want to add a suffix to each customer login name, then # you can use this option. e. g. user just want to use user but # in your ldap directory exists user@domain. # $Self->{'Customer::AuthModule::LDAP::UserSuffix'} = '@domain.com'; # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) $Self->{'Customer::AuthModule::LDAP::Params'} = { port => 389, timeout => 120, async => 0, version => 3, }; # Die if backend can't work, e. g. can't connect to server. $Self->{'Customer::AuthModule::LDAP::Die'} = 1; # --------------------------------------------------------- # # Versuch, ein weiteres Kundenauthentifizierungssystem via # # normaler Datenbank einzurichten # # --------------------------------------------------------- # # This is the auth. module againt the otrs db # $Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::DB'; $Self->{'Customer::AuthModule::DB::Table'} = 'customer_user'; $Self->{'Customer::AuthModule::DB::CustomerKey'} = 'login'; $Self->{'Customer::AuthModule::DB::CustomerPassword'} = 'pw'; As already mentioned, all cratched form Defaults.pm, still don't know where to start. Ah - the corresponding Multople.pm is attached and stored in $OTRS_HOME/Kernel/System/CustomerAuth, but even when I try to authenticate in an usual way through ldap OR DB, I still get the same error. As already mentioned, I don't think that it got sth. to do with authentication, as the SystemLog say that the user has authenticated successfully and as I switched on the display of logged in users, I also get the messageon the Agent-Frontend, that the corresponding user is online. Any ideas? Thanks in advance Markus Nagel Serge schrieb:

Hello,

CARNINO Daniele (FIAT SERVICES) a écrit :

...

Check out the new Defaults.pm of 2.3.x: you can notice that LDAP configuration has slightly changed. I had my LDAP backed broken too after upgrade, so I rewrote from scratch Config.pm using 2.3.2 Defaults.pm as base. Now everything work flawlessly at my site.

On my test machine, I rewrote Config.pm as you said (ldap part) and everything work now !!!

Thank you very much !

# -- # Kernel/System/CustomerAuth/Multiple.pm - provides multiple # authentification module support # Copyright (C) 2006 Ralf Becker # -- # $Id$ # -- # This software comes with ABSOLUTELY NO WARRANTY. For details, see # the enclosed file COPYING for license information (GPL). If you # did not receive this file, see http://www.gnu.org/licenses/gpl.txt. # -- # Usage: # $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::Multiple'; # $Self->{'Customer::AuthModule::Multiple::Modules'}='Kernel::System::CustomerAuth::DB Kernel::System::CustomerAuth::LDAP'; # and configure # Customer::AuthModule::LDAP::* # Customer::AuthModule::DB::* # as needed # -- package Kernel::System::CustomerAuth::Multiple; use strict; use vars qw($VERSION); $VERSION = '$Revision: 1.0 $'; $VERSION =~ s/^\$.*:\W(.*)\W.+?$/$1/; # -- sub new { my $Type = shift; my %Param = @_; # allocate new hash for object my $Self = {}; bless ($Self, $Type); # check needed objects foreach (qw(LogObject ConfigObject DBObject)) { $Self->{$_} = $Param{$_} || die "No $_!"; } # Debug 0=off 1=on $Self->{Debug} = 1; # get preferences $Self->{Modules} = $Self->{ConfigObject}->Get('Customer::AuthModule::Multiple::Modules') || 'Kernel::System::CustomerAuth::DB'; foreach my $GeneratorModule (split /\s+/,$Self->{Modules}) { eval "require $GeneratorModule"; push @{$Self->{Backends}}, $GeneratorModule->new(%Param); } return $Self; } # -- sub GetOption { my $Self = shift; my %Param = @_; foreach my $GeneratorModule (@{$Self->{Backends}}) { my $result = $GeneratorModule->GetOption(%Param); return $result if $result; } } # -- sub Auth { my $Self = shift; my %Param = @_; # get params foreach my $GeneratorModule (@{$Self->{Backends}}) { my $user = $GeneratorModule->Auth(%Param); return $user if $user; } } # -- 1;