Hi all Not sure if this is the right forum. I have managed to install otrs 2.4.9+dfsg1-3+squeeze1 on a stable distro of debian squeeze. I am running an ldaps enviroment, I managed to authenticate my users but I get an error message saying "Need customer ID". Not sure what could be the problem, although when I search around I found that customer id is actually the user email. I attached my Kernel/config.pm file, syslog output and screen dump. Will appreciate all the help one will get. Thanx in advance. Output from Config.pm # -- # Kernel/Config.pm - Config file for OTRS kernel # Copyright (C) 2001-2009 OTRS AG, http://otrs.org/ # -- # $Id: Config.pm.dist,v 1.21 2009/02/16 12:01:43 tr Exp $ # -- # This software comes with ABSOLUTELY NO WARRANTY. For details, see # the enclosed file COPYING for license information (AGPL). If you # did not receive this file, see http://www.gnu.org/licenses/agpl.txt. # -- # Note: # # -->> OTRS does have a lot of config settings. For more settings # (Notifications, Ticket::ViewAccelerator, Ticket::NumberGenerator, # LDAP, PostMaster, Session, Preferences, ...) see # Kernel/Config/Defaults.pm and copy your wanted lines into "this" # config file. This file will not be changed on update! # # -- package Kernel::Config; BEGIN { if (-f '/etc/otrs/database.pm') { require '/etc/otrs/database.pm'; if ($dbtype eq 'pgsql') { $dbport ||= '5432'; our $dsn = "DBI:Pg:dbname"; } else { $dbport ||= '3306'; our $dsn = "DBI:mysql:database"; } } } sub Load { my $Self = shift; # ---------------------------------------------------- # # ---------------------------------------------------- # # # # Start of your own config options!!! # # # # ---------------------------------------------------- # # ---------------------------------------------------- # # ---------------------------------------------------- # # database settings # # ---------------------------------------------------- # # DatabaseHost # (The database host.) $Self->{DatabaseHost} = $dbserver || 'localhost'; # Database # (The database name.) $Self->{Database} = $dbname || 'otrs'; # DatabaseUser # (The database user.) $Self->{DatabaseUser} = $dbuser || 'otrs'; # DatabasePw # (The password of database user. You also can use bin/CryptPassword.pl # for crypted passwords.) $Self->{DatabasePw} = $dbpass; # DatabaseDSN # (The database DSN for MySQL ==> more: "man DBD::mysql") $Self->{DatabaseDSN} = "$dsn=$Self->{Database};host=$Self->{DatabaseHost};port=$dbport;"; # (The database DSN for PostgreSQL ==> more: "man DBD::Pg") # if you want to use a local socket connection # $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};"; # if you want to use a tcpip connection # $Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};host=$Self->{DatabaseHost};"; # ---------------------------------------------------- # # fs root directory # ---------------------------------------------------- # $Self->{Home} = '/usr/share/otrs'; # ---------------------------------------------------- # # insert your own config settings "here" # # config settings taken from Kernel/Config/Defaults.pm # # ---------------------------------------------------- # # $Self->{SessionUseCookie} = 0; # $Self->{CheckMXRecord} = 0; # ---------------------------------------------------- # # switch off the web based installer for the Debian package $Self->{SecureMode} = 1; # ---------------------------------------------------- # # data inserted by installer # # ---------------------------------------------------- # # $DIBI$ # ---------------------------------------------------- # # ---------------------------------------------------- # # Start of own config # # SystemID # (The identify of the system. Each ticket number and # each http session id starts with this number) $Self->{SystemID} = 10; # FQDN # (Full qualified domain name of your system.) $Self->{FQDN} = 'otrs.home.ac.za'; # HttpType # In case you use https instead of plain http specify it here $Self->{HttpType} = 'http'; # ScriptAlias # Prefix to index.pl used as ScriptAlias in web config # (Used when emailing links to agents). $Self->{ScriptAlias} = 'otrs/'; # AdminEmail # (Email of the system admin.) $Self->{AdminEmail} = 'ticket@home.ac.za'; # Organization # (If this is anything other than '', then the email will have an # Organization X-Header) # $Self->{Organization} = 'Example Company'; $Self->{Organization} = 'Hart'; # ProductName # (Shown application name in frontend.) $Self->{ProductName} = 'OTRS'; # ShowAlwaysLongTime # (show always time in long /days hours minutes/ or short # /days hours/ format) $Self->{ShowAlwaysLongTime} = 0; $Self->{TimeShowAlwaysLong} = 0; # TimeInputFormat # (default date input format) [Option|Input] $Self->{TimeInputFormat} = 'Option'; # AttachmentDownloadType # (if the tickets attachments will be opened in browser or just to # force the download) [attachment|inline] # $Self->{'AttachmentDownloadType'} = 'inline'; $Self->{'AttachmentDownloadType'} = 'attachment'; # --------------------------------------------------- # # Check Settings # --------------------------------------------------- # # CheckEmailAddresses # (Check syntax of used email addresses) $Self->{CheckEmailAddresses} = 1; # CheckEmailValidAddress # (regexp of valid email addresses) # $Self->{CheckEmailValidAddress} = '^(root@localhost|admin@localhost)$'; # CheckEmailInvalidAddress # (regexp of invalid email addresses) # $Self->{CheckEmailInvalidAddress} = '@(home)\.(..|...)$'; # --------------------------------------------------- # # LogModule # # --------------------------------------------------- # # (log backend module) # $Self->{'LogModule'} = 'Kernel::System::Log::SysLog'; $Self->{'LogModule'} = 'Kernel::System::Log::File'; # param for LogModule Kernel::System::Log::File (required!) $Self->{'LogModule::LogFile'} = '/var/log/otrs.log'; # param for LogModule Kernel::System::Log::SysLog $Self->{'LogModule::SysLog::Facility'} = 'user'; # param for LogModule Kernel::System::Log::SysLog # (Depends on you sys log system environment. 'unix' is default, on # solaris you may need to use 'stream'.) $Self->{'LogModule::SysLog::LogSock'} = 'unix'; # param for LogModule Kernel::System::Log::SysLog # (if syslog can't work with utf-8, force the log # charset with this option, on other chars will be # replaces with ?) $Self->{'LogModule::SysLog::Charset'} = 'iso-8859-15'; # $Self->{'LogModule::SysLog::Charset'} = 'utf-8'; # param for LogModule Kernel::System::Log::File (required!) $Self->{'LogModule::LogFile'} = '/var/log/otrs.log'; # param if the date (yyyy-mm) should be added as suffix to # logfile [0|1] # $Self->{'LogModule::LogFile::Date'} = 0; # system log cache size for admin system log (default 32k) # $Self->{'LogSystemCacheSize'} = 32 * 1024; # --------------------------------------------------- # # SendmailModule # --------------------------------------------------- # # (Where is sendmail located and some options. # See 'man sendmail' for details. Or use the SMTP backend.) # $Self->{'SendmailModule'} = 'Kernel::System::Email::Sendmail'; $Self->{'SendmailModule::CMD'} = '/usr/sbin/exim -i -f '; # $Self->{'SendmailModule'} = 'Kernel::System::Email::SMTP'; $Self->{'SendmailModule::Host'} = 'mail.home.ac.za'; $Self->{'SendmailModule::Port'} = '25'; $Self->{'SendmailModule::AuthUser'} = 'ticket@home.ac.za'; $Self->{'SendmailModule::AuthPassword'} = 'new@hart'; # SendmailBcc # (Send all outgoing email via bcc to... # Warning: use it only for external archive funktions) $Self->{'SendmailBcc'} = 'thunyiwe@home.ac.za'; # SendmailNotificationEnvelopeFrom # Set a email address that is used as envelope from header in outgoing # notifications # $Self->{'SendmailNotificationEnvelopeFrom'} = ''; # --------------------------------------------------- # # # # Start of config options!!! # # CustomerPanel stuff # # # # --------------------------------------------------- # # SessionName # (Name of the session key. E. g. Session, SessionID, OTRS) $Self->{CustomerPanelSessionName} = 'HART'; # CustomerPanelUserID # (The customer panel db-uid.) [default: 1] $Self->{CustomerPanelUserID} = 1; # CustomerGroupSupport (0 = compat. to OTRS 1.1 or lower) # (if this is 1, the you need to set the group <-> customer user # relations! http://host/otrs/index.pl?Action=AdminCustomerUserGroup # otherway, each user is ro/rw in each group!) $Self->{CustomerGroupSupport} = 0; # CustomerGroupAlwaysGroups # (if CustomerGroupSupport is true and you don't want to manage # each customer user for this groups, then put the groups # for all customer user in there) $Self->{CustomerGroupAlwaysGroups} = [ 'users', 'info' ]; # show online agents $Self->{'CustomerFrontend::NotifyModule'}->{'1-ShowAgentOnline'} = { Module => 'Kernel::Output::HTML::NotificationAgentOnline', ShowEmail => 1, IdleMinutes => 60, }; # --------------------------------------------------- # # customer authentication settings # # (enable what you need, auth against otrs db, # # against a LDAP directory, against HTTP basic # # authentication and against Radius server) # # --------------------------------------------------- # $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = 'ldaps://ldap.home.ac.za'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=home,dc=ac,dc=za'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'uid'; # Check if the user is allowed to auth in a posixGroup # (e. g. user needs to be in a group xyz to use otrs) $Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=otrsallow,ou=Group,dc=home,dc=ac,dc=za'; $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'memberUid'; # for ldap posixGroups objectclass (just uid) $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID'; # for non ldap posixGroups objectclass (full user dn) # $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'; # The following is valid but would only be necessary if the # anonymous user do NOT have permission to read from the LDAP tree $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'cn=nss,dc=home,dc=ac,dc=za'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'eLDeeAyePee'; # in case you want to add always one filter to each ldap query, use # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)' $Self->{'Customer::AuthModule::LDAP::AlwaysFilter'} = '(!(objectclass=computer)(objectclass=user))'; # in case you want to add a suffix to each customer login name, then # you can use this option. e. g. user just want to use user but # in your ldap directory exists user@domain. # $Self->{'Customer::AuthModule::LDAP::UserSuffix'} = '@home.ac.za'; # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) $Self->{'Customer::AuthModule::LDAP::Params'} = { # port => 389, timeout => 120, async => 0, version => 3, cafile => '/etc/ssl/certs/hh_ca.pem', }; # Die if backend can't work, e. g. can't connect to server. $Self->{'Customer::AuthModule::LDAP::Die'} = 1; # CustomerUser # (customer user ldap backend and settings) $Self->{CustomerUser} = { Name => 'LDAP Backend', Module => 'Kernel::System::CustomerUser::LDAP', Params => { # # ldap host Host => 'ldaps://ldap.home.ac.za', # # ldap base dn BaseDN => 'dc=home,dc=ac,dc=za', # # search scope (one|sub) SSCOPE => 'sub', # # The following is valid but would only be necessary if the # # anonymous user does NOT have permission to read from the LDAP tree UserDN => 'cn=nss,dc=home,dc=ac,dc=za', UserPw => 'eLDeeAyePee', # # in case you want to add always one filter to each ldap query, use # # this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter => '(objectclass=user)' AlwaysFilter => '(!(objectclass=computer(objectclass=user))', # # if your frontend is e. g. iso-8859-1 and the charset of your # # ldap server is utf-8, use this options (if not, ignore it) # SourceCharset => 'utf-8', # DestCharset => 'iso-8859-1', # # die if backend can't work, e. g. can't connect to server # Die => 1, # # Net::LDAP new params (if needed - for more info see perldoc Net::LDAP) Params => { # port => 389, timeout => 120, async => 0, version => 3, cafile => '/etc/ssl/certs/hh_ca.pem', }, }, # # customer uniq id CustomerKey => 'uid', # # customer # CustomerID => 'mail', CustomerUserListFields => ['cn', 'mail'], CustomerUserSearchFields => ['uid', 'cn', 'mail'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 250, CustomerUserPostMasterSearchFields => ['mail'], CustomerUserNameFields => ['givenname', 'sn'], # # show not own tickets in customer panel, CompanyTickets # CustomerUserExcludePrimaryCustomerID => 0, # # add a ldap filter for valid users (expert setting) # # CustomerUserValidFilter => '(!(description=gesperrt))', # # admin can't change customer preferences AdminSetPreferences => 0, # # cache time to life in sec. - cache any ldap queris CacheTTL => 0, Map => [ # # note: Login, Email and CustomerID needed! # # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly # [ 'UserSalutation', 'Title', 'title', 1, 0, 'var', '', 0 ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var', '', 0 ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var', '', 0 ], [ 'UserLogin', 'Username', 'uid', 1, 1, 'var', '', 0 ], [ 'UserEmail', 'Email', 'mail', 1, 1, 'var', '', 0 ], # [ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var', '', 0 ], # [ 'UserCustomerIDs', 'CustomerIDs', 'second_customer_ids', 1, 0, 'var', '', 0 ], # [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var', '', 0 ], # [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var', '', 0 ], # [ 'UserComment', 'Comment', 'description', 1, 0, 'var', '', 0 ], ], }; # --------------------------------------------------- # # # # Start of config options!!! # # CustomerPreferences stuff # # # # --------------------------------------------------- # # CustomerPreferences # (customer preferences module) # $Self->{'CustomerPreferences'} = { # Module => 'Kernel::System::CustomerUser::Preferences::DB', # Params => { # Table => 'customer_preferences', # TableKey => 'preferences_key', # TableValue => 'preferences_value', # TableUserID => 'user_id', # }, # }; # # # CustomerPreferencesView # (Order of shown items) # $Self->{CustomerPreferencesView} = [ 'Frontend', 'Other Options' ]; # CustomerPreferencesGroups # (All possible items) # $Self->{CustomerPreferencesGroups}->{Password} = { # Module => 'Kernel::Output::HTML::PreferencesPassword', # Colum => 'Other Options', # Label => 'Change Password', # Prio => 1000, # Area => 'Customer', # PasswordHistory => 0, # PasswordRegExp => '[a-z]|[A-z]|[0-9]|\.|;|,|:|-|\+|#|!|\$|&|\?', # PasswordRegExp => '', ## PasswordMinSize => 0, # PasswordMin2Lower2UpperCharacters => 0, # PasswordMin2Characters => 0, # PasswordNeedDigit => 0, # Activ => 1, # }; # $Self->{CustomerPreferencesGroups}->{Language} = { # Module => 'Kernel::Output::HTML::PreferencesLanguage', # Colum => 'Frontend', # Label => 'Language', # Desc => 'Select your frontend language.', # PrefKey => 'UserLanguage', ## Prio => 2000, # Activ => 1, ## }; # $Self->{CustomerPreferencesGroups}->{Theme} = { # Module => 'Kernel::Output::HTML::PreferencesTheme', # Colum => 'Frontend', # Label => 'Theme', # Desc => 'Select your frontend Theme.', # PrefKey => 'UserTheme', # Prio => 1000, # Activ => 0, # }; # $Self->{CustomerPreferencesGroups}->{PGP} = { # Module => 'Kernel::Output::HTML::PreferencesPGP', # Colum => 'Other Options', # Label => 'PGP Key', # Desc => 'PGP Key Upload', # PrefKey => 'UserPGPKey', # Prio => 10000, # Activ => 1, # }; # $Self->{CustomerPreferencesGroups}->{SMIME} = { # Module => 'Kernel::Output::HTML::PreferencesSMIME', # Colum => 'Other Options', # Label => 'S/MIME Certificate', ## Desc => 'S/MIME Certificate Upload', ## PrefKey => 'UserSMIMEKey', # Prio => 11000, # Activ => 1, # }; # # # # End of your own config options!!! # # # # ---------------------------------------------------- # # ---------------------------------------------------- # } # ---------------------------------------------------- # # needed system stuff (don't edit this) # # ---------------------------------------------------- # use strict; use warnings; use vars qw(@ISA $VERSION); use Kernel::Config::Defaults; push (@ISA, 'Kernel::Config::Defaults'); use vars qw(@ISA $VERSION); $VERSION = qw($Revision: 1.21 $)[1]; # -----------------------------------------------------# 1; ------------------------------------------------ output of syslog file ----------------------------------------------------- Jun 11 13:02:11 otrs kernel: [ 19.820226] RPC: Registered tcp NFSv4.1 backchannel transport module. Jun 11 13:02:11 otrs kernel: [ 19.900528] Slow work thread pool: Starting up Jun 11 13:02:11 otrs kernel: [ 19.900610] Slow work thread pool: Ready Jun 11 13:02:11 otrs kernel: [ 19.900751] FS-Cache: Loaded Jun 11 13:02:11 otrs kernel: [ 19.973437] FS-Cache: Netfs 'nfs' registered for caching Jun 11 13:02:15 otrs kernel: [ 23.308229] lp0: using parport0 (interrupt-driven). Jun 11 13:02:15 otrs kernel: [ 23.340609] ppdev: user-space parallel port driver Jun 11 13:06:50 otrs OTRS-CGI-10[2990]: [Notice][Kernel::System::Auth::DB::Auth] User: root@localhost authentication with wrong Pw!!! (REMOTE_ADDR: 127.0.0.1) Jun 11 13:06:56 otrs OTRS-CGI-10[2992]: [Notice][Kernel::System::Auth::DB::Auth] User: root@localhost authentication ok (REMOTE_ADDR: 127.0.0.1). Jun 11 13:13:41 otrs OTRS-CGI-10[3063]: [Notice][Kernel::System::CustomerAuth::LDAP::Auth] CustomerUser: ticket (uid=ticket,ou=People,dc=home,dc=ac,dc=za) authentication ok (REMOTE_ADDR: 127.0.0.1). ------------------- -- Regards TM Debian -> FREE software!!!! .--. |o_o | |:_/ | // \ \ (| | ) /'\_ _/`\ \___)=(___/ -- Regards TM Debian -> FREE software!!!! .--. |o_o | |:_/ | // \ \ (| | ) /'\_ _/`\ \___)=(___/