Hi all,

 

I’m trying to setup OTRS to authenticate agent logins with AD.  Here is a clip from my Config.pm:

 

    # -----------------------------------------------------#

    # ldap settings                                        #

    # -----------------------------------------------------#

 

    $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';

    $Self->{'AuthModule::LDAP::Host'} = '10.67.100.5’;

    $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=towtradtal,dc=com';

    $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';

    $Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=otrsLDAP,OU=Service Accounts,OU=Users,OU=Chicago,DC=towtradtal,DC=com';

    $Self->{'AuthModule::LDAP::SearchUserPW'} = '*********';

    $Self->{'AuthModule::LDAP::GroupDN'} = 'CN=Domain Users,CN=Builtin,DC=towtradtal,DC=com';

    $Self->{'AuthModule::LDAP::UserAttr'} = 'DN';

    $Self->{'AuthModule::LDAP::AccessAttr'} = 'member';

 

    $Self->{'AuthModule::LDAP::Params'} = {

       port => 389,

       timeout => 120,

       async => 0,

       version => 3,

    };

 

In following the OTRS documentation as well as cross-referencing other posts on this subject, I’m pretty sure the config file is setup correctly and does not include any syntax errors.  However, my problem is that when logging in to OTRS, I get “Login Failed! Your username and password was entered incorrectly.”  I then checked the apache logs and found the following entry:

 

ERROR: OTRS-CGI-10 Perl: 5.10.0 OS: linux Time: Fri Feb 13 12:36:59 2009

 

 Message: Search failed! 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece

 

 Traceback (4362):

   Module: Kernel::System::Auth::LDAP::Auth (v1.47.2.3) Line: 218

   Module: Kernel::System::Auth::Auth (v1.29) Line: 121

   Module: Kernel::System::Web::InterfaceAgent::Run (v1.35) Line: 192

   Module: /opt/otrs/bin/cgi-bin/index.pl (v1.87) Line: 47

 

I’ve verified that the credentials I have specified for the user otrsLDAP are correct by binding to AD through LDP.exe.  I’d really appreciate if someone could let me know if they’d run into this or know what might be causing the bind to fail.

This electronic mail message and any attached files contain information intended for the exclusive use of the individual or entity to whom it is addressed and may contain information that is proprietary, privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information may be subject to legal restriction or sanction. Please notify the sender, by electronic mail or telephone, of any unintended recipients and delete the original message without making any copies.