I've put more time
into this than I can afford - but I'm trying hard to keep opensource alive in
our workplace, so I'll ask here.
We
have:
A WIN2K Domain
controller at 192.168.1.10
A Debian (Lenny) box
with a clean install of OTRS 2.3.3 (installed from source, not a prepacked deb
file)
The debian box is
joined to the domain, which we'll call "company.com.au"
Nothing I do will
permit me to get customers authenticating via the AD.
The relevant parts
of the Config.pm:
$Self->{'Customer::AuthModule'} =
'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '192.168.1.10';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =
'dc=company,dc=com,dc=au';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'uid';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} =
'ldap.lookup';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'}
= 'password';
$Self->{CustomerUser} =
{
Module =>
'Kernel::System::CustomerUser::LDAP',
Params
=> {
Host =>
'192.168.1.10',
BaseDN =>
'DC=company,DC=com,DC=au',
SSCOPE =>
'sub',
UserDN
=>'ldap.lookup',
UserPw =>
'password',
},
CustomerKey =>
'uid',
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn',
'mail'],
CustomerUserSearchFields => ['sAMAccountName',
'cn', 'mail'],
CustomerUserSearchPrefix =>
'',
CustomerUserSearchSuffix =>
'*',
CustomerUserSearchListLimit =>
250,
CustomerUserPostMasterSearchFields =>
['mail'],
CustomerUserNameFields => ['givenname',
'sn'],
Map => [
[
'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var'
],
[ 'UserLastname', 'Lastname', 'sn', 1, 1,
'var' ],
[ 'UserLogin', 'Login',
'sAMAccountName', 1, 1, 'var' ],
[
'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[
'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
],
};
The error I'm
currently getting:
Jan
19 16:20:03 ithlp OTRS-GenericAgent-03[7967]:
[Error][Kernel::System::CustomerUser::LDAP::new][Line:144]: First bind failed!
80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data
525, v893
Any
ideas?
This e-mail message has been scanned for Viruses and Content and cleared by
MailMarshal