Hey all,

I’m trying to finish off a configuration of OTRS however I’m having trouble finishing a few things, the process was started by someone who has now left and so I’m trying to fill in the blanks.

Anyway every time I access OTRS even bring up the login screen I get an error message:

otrs OTRS-CGI-10[778]: [Error ][Kernel::System::CustomerUser::LDAP::new][Line:144]: First bind failed! 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece

Here is the current Config.pm LDAP:

87.     # ----------------------------------------------------- #

88.     # LDAP Confiiguration allowing customers to authenitcate back to

89.     # active directory

90.     # ----------------------------------------------------- #

91.    

92.     $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';

93.     $Self->{'Customer::AuthModule::LDAP::Host'} = 'hostname.company.org.au';

94.     $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=company,dc=org,dc=au';

95.     $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

96.     $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=useraccount,ou=Groupname1,ou=Groupname2,ou=MyBusiness,dc=company,dc=org,dc=au';

97.     $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'userpassword';

98.    

99.     #CustomerUser

100.    #(customer user database backend and settings)

101.    $Self->{CustomerUser} = {

102.    Module => 'Kernel::System::CustomerUser::LDAP',

103.    Params => {

104.    Host => 'hostname.company.org.au',

105.    BaseDN => 'DC=company,DC=org,DC=au',

106.    SSCOPE => 'sub',

107.    UserDN => 'cn=useraccount,ou=Groupname1,ou=Groupname2,ou=MyBusiness,dc=companyname,dc=org,dc=au',

108.    UserPw => 'userpassword',

109.    AlwaysFilter => '',

110.    SourceCharset => 'utf-8',

111.    DestCharset => 'iso-8859-1',

112.    Params => {

113.    port => 389,

114.    timeout => 120,

115.    async => 0,

116.    version => 3,

117.    debug => 8,

118.    },

119.    },

120.    # Customer unique id

121.    CustomerKey => 'sAMAccountName',

122.    # customer #

123.    CustomerID => 'mail',

124.    CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],

125.    CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],

126.    CustomerUserSearchPrefix => '',

127.    CustomerUserSearchSuffix => '*',

128.    CustomerUserSearchListLimit => 250,

129.    CustomerUserPostMasterSearchFields => ['mail'],

130.    CustomerUserNameFields => ['givenname', 'sn'],

131.    Map => [

132.    # note: Login, Email and CustomerID needed!

133.    # var, frontend, storage, shown, required, storage-type

134.    #[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],

135.    [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],

136.    [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],

137.    [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],

138.    [ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],

139.    [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],

140.    #[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],

141.    #[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],

142.    #[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],

143.    ],

144.    };

145.   

146.    # ----------------------------------------------------- #

147.    # End of LDAP Configuration

148.    # ----------------------------------------------------- #

NOTE: I have replaced certain values with hostname, company, useraccount, userpassword, Groupname1, Groupname2 but I hope you can get the jist of the config. I have included line numbers as they are in the config so hopefully it won’t screw up with the sending of the email.

Can anyone point out any errors in the config?

Thanks.


_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Confidentiality: This e-mail is from the Adelaide Festival Centre.
The contents are intended only for the named recipient of this e-mail.
If the reader of this e-mail is not the intended recipient you are hereby
notified that any use, reproduction, disclosure or distribution of the
information contained in the e-mail is prohibited. If you have received
this e-mail in error, please reply to us immediately and delete the document
from your system. Any personal views expressed in this communication are those of
the individual sender unless the sender expressly states them to be the views
of the Adelaide Festival Centre. No liability will be accepted for any loss
or damage whatsoever (whether direct or consequential) resulting from the
use of the email or any attached files.