I finally went to make the jump to 2.4.3 from 2.3.4 and am having a bit of an issue.  Customers still authenticate against our Active Directory Server just fine, but when an agent tries to authenticate, it all blows up. <br>
<p>
  <font color="red">&quot;Panic, user authenticated but no user data can be found in OTRS DB!! Perhaps the user is invalid.&quot;</font> <br></p><p>Here is the whole LDAP configuration part from my <a href="http://config.pm">config.pm</a> that I just copied and pasted out of the <a href="http://config.pm">config.pm</a> for 2.3.4.  I have seen that there are others with this same issue but there have been no responses.  This is all running on a windows 2003 server with a regurlar install of OTRS.  Any Ideas?<br>
</p>#-----------------------Customer Data------------------------------------------------<br><br><br>#Enable LDAP authentication for Customers / Users<br>  $Self-&gt;{&#39;Customer::AuthModule&#39;} = &#39;Kernel::System::CustomerAuth::LDAP&#39;;<br>
  $Self-&gt;{&#39;Customer::AuthModule::LDAP::Host&#39;} = &#39;vdp-dc-003&#39;;<br>  $Self-&gt;{&#39;Customer::AuthModule::LDAP::BaseDN&#39;} = &#39;dc=ci, dc=vernon, dc=ct, dc=us&#39;;<br>  $Self-&gt;{&#39;Customer::AuthModule::LDAP::UID&#39;} = &#39;sAMAccountName&#39;;<br>
<br>#The following is valid but would only be necessary if the<br>#anonymous user do NOT have permission to read from the LDAP tree<br>  $Self-&gt;{&#39;Customer::AuthModule::LDAP::SearchUserDN&#39;} = &#39;otrs_ldap&#39;;<br>
  $Self-&gt;{&#39;Customer::AuthModule::LDAP::SearchUserPw&#39;} = &#39;1qaz2wsx&#39;;<br><br>#CustomerUser<br>#(customer user database backend and settings)<br>    $Self-&gt;{CustomerUser} = {<br>      Module =&gt; &#39;Kernel::System::CustomerUser::LDAP&#39;,<br>
      Params =&gt; {<br>      Host =&gt; &#39;vdp-dc-003&#39;,<br>      BaseDN =&gt; &#39;dc=ci, dc=vernon, dc=ct, dc=us&#39;,<br>      SSCOPE =&gt; &#39;sub&#39;,<br>      UserDN =&gt;&#39;otrs_ldap&#39;,<br>      UserPw =&gt; &#39;1qaz2wsx&#39;,<br>
    },<br># customer unique id<br>    CustomerKey =&gt; &#39;sAMAccountName&#39;,<br>    # customer #<br>    CustomerID =&gt; &#39;mail&#39;,<br>    CustomerUserListFields =&gt; [&#39;sAMAccountName&#39;, &#39;cn&#39;, &#39;mail&#39;],<br>
    CustomerUserSearchFields =&gt; [&#39;sAMAccountName&#39;, &#39;cn&#39;, &#39;mail&#39;],<br>    CustomerUserSearchPrefix =&gt; &#39;&#39;,<br>    CustomerUserSearchSuffix =&gt; &#39;*&#39;,<br>    CustomerUserSearchListLimit =&gt; 250,<br>
    CustomerUserPostMasterSearchFields =&gt; [&#39;mail&#39;],<br>    CustomerUserNameFields =&gt; [&#39;givenname&#39;, &#39;sn&#39;],<br>    Map =&gt; [<br>      # note: Login, Email and CustomerID needed!<br>      # var, frontend, storage, shown, required, storage-type<br>
      #[ &#39;UserSalutation&#39;, &#39;Title&#39;, &#39;title&#39;, 1, 0, &#39;var&#39; ],<br>      [ &#39;UserFirstname&#39;, &#39;Firstname&#39;, &#39;givenname&#39;, 1, 1, &#39;var&#39; ],<br>      [ &#39;UserLastname&#39;, &#39;Lastname&#39;, &#39;sn&#39;, 1, 1, &#39;var&#39; ],<br>
      [ &#39;UserLogin&#39;, &#39;Login&#39;, &#39;sAMAccountName&#39;, 1, 1, &#39;var&#39; ],<br>      [ &#39;UserEmail&#39;, &#39;Email&#39;, &#39;mail&#39;, 1, 1, &#39;var&#39; ],<br>      [ &#39;UserCustomerID&#39;, &#39;CustomerID&#39;, &#39;mail&#39;, 0, 1, &#39;var&#39; ],<br>
      [ &#39;UserPhone&#39;, &#39;Phone&#39;, &#39;telephonenumber&#39;, 1, 0, &#39;var&#39; ],<br>      #[ &#39;UserAddress&#39;, &#39;Address&#39;, &#39;postaladdress&#39;, 1, 0, &#39;var&#39; ],<br>      #[ &#39;UserComment&#39;, &#39;Comment&#39;, &#39;description&#39;, 1, 0, &#39;var&#39; ],<br>
    ],<br>  };<br>#  -------------------------End Customer data-----------------------------<br><br><br>#------------------------------Agent Data---------------------------------<br><br>#Enable LDAP authentication for Customers / Users<br>
  $Self-&gt;{&#39;AuthModule&#39;} = &#39;Kernel::System::Auth::LDAP&#39;;<br>  $Self-&gt;{&#39;AuthModule::LDAP::Host&#39;} = &#39;vdp-dc-003&#39;;<br>  $Self-&gt;{&#39;AuthModule::LDAP::BaseDN&#39;} = &#39;dc=ci, dc=vernon, dc=ct, dc=us&#39;;<br>
  $Self-&gt;{&#39;AuthModule::LDAP::UID&#39;} = &#39;sAMAccountName&#39;;<br> <br>#The following is valid but would only be necessary if the<br>#anonymous user do NOT have permission to read from the LDAP tree<br>  $Self-&gt;{&#39;AuthModule::LDAP::SearchUserDN&#39;} = &#39;otrs_ldap&#39;;<br>
  $Self-&gt;{&#39;AuthModule::LDAP::SearchUserPw&#39;} = &#39;1qaz2wsx&#39;;<br><br># UserSyncLDAPMap<br># (map if agent should create/synced from LDAP to DB after login)<br>    $Self-&gt;{UserSyncLDAPMap} = {<br>        # DB -&gt; LDAP<br>
        UserFirstname =&gt; &#39;givenName&#39;,<br>        UserLastname =&gt; &#39;sn&#39;,<br>        UserEmail =&gt; &#39;mail&#39;,<br>    };<br><br># UserSyncLDAPGroups<br># (If &quot;LDAP&quot; was selected=&quot;selected&quot; for AuthModule, you can specify<br>
# initial user groups for first login.)<br>    $Self-&gt;{UserSyncLDAPGroups} = [<br>        &#39;users&#39;,<br>    ];<br><br># UserTable<br>    $Self-&gt;{DatabaseUserTable} = &#39;users&#39;;<br>    $Self-&gt;{DatabaseUserTableUserID} = &#39;id&#39;;<br>
    $Self-&gt;{DatabaseUserTableUserPW} = &#39;pw&#39;;<br>    $Self-&gt;{DatabaseUserTableUser} = &#39;login&#39;;<br><br>#Add the following lines when only users are allowed to login if they reside in the spicified security group<br>
#Remove these lines if you want to provide login to all users specified in the User Base DN<br>  $Self-&gt;{&#39;AuthModule::LDAP::GroupDN&#39;} =&#39;CN=otrs_ldap_allow_A,CN=Builtin,DC=ci,DC=vernon,DC=ct,DC=us&#39;;<br>  $Self-&gt;{&#39;AuthModule::LDAP::AccessAttr&#39;} = &#39;member&#39;;<br>
  $Self-&gt;{&#39;AuthModule::LDAP::UserAttr&#39;} = &#39;DN&#39;;<br><br>#---------------------------End Agent Data--------------------------------<br><br>