Hi Rory,

You can let the system do the syncing for you. Use 'UserSyncLDAPMap'.
Here some pointers:

* The manual; look under 'agent data sync':
http://doc.otrs.org/2.4/en/html/x1885.html#configuration-agent-auth-backend-ldap

* A mail with a complete and working configuration. The poster initially thinks he has an issue with his setup; turns out only the email address is missing in AD.
http://www.mail-archive.com/otrs@otrs.org/msg25974.html

Let us know if this helps you.

Regards,
--
Michiel Beijen
Software Consultant
+31 6 - 457 42 418
Bee Free IT + http://beefreeit.nl


On Wed, Jul 29, 2009 at 14:56, Rory <rclerkin@gmail.com> wrote:
Hi,

I've gotten otrs up and running (on IIS6 with mysql 5.1 and Activeperl 5.10).
I've attempted to set up ldap authentication with Active Directory for
Agent users. The config seems to have gone reasonably well except for
this error I get when I try to log in;

Panic, user authenticated but no user data can be found in OTRS DB!!
Perhaps the user is invalid

Do I need to sync my AD to the OTRS DB?
I think I read the how-to doc for that somewhere.

The otrs.log file gives the following;

=================
[Wed Jul 29 13:16:50 2009][Notice][Kernel::System::Auth::LDAP::Auth]
User: roryc (CN=Rory
Clerkin,OU=Users,OU=IT,OU=Departments,DC=<domain>,DC=com)
authentication ok (REMOTE_ADDR: <IP_Address>).
[Wed Jul 29 13:16:50
2009][Error][Kernel::System::User::UserLookup][680] No UserID found
for 'roryc'!
[Wed Jul 29 13:16:50
2009][Error][Kernel::System::User::UserLookup][680] No UserID found
for 'roryc'!
[Wed Jul 29 13:16:50 2009][Notice][Kernel::System::User::GetUserData]
Panic! No UserData for user: 'roryc'!!!
=================

And the otrs.log.error gives the following;

=================
ERROR: OTRS-CGI-63 Perl: 5.10.0 OS: MSWin32 Time: Wed Jul 29 13:16:50 2009

 Message: No UserID found for 'roryc'!

 Traceback (5476):
  Module: Kernel::System::User::UserLookup (v1.93) Line: 680
  Module: Kernel::System::Auth::Auth (v1.41) Line: 196
  Module: Kernel::System::Web::InterfaceAgent::Run (v1.43) Line: 192
  Module: F:\wwwroot\otrs-2.4.1\bin\cgi-bin\index.pl (v1.88) Line: 49

ERROR: OTRS-CGI-63 Perl: 5.10.0 OS: MSWin32 Time: Wed Jul 29 13:16:50 2009

 Message: No UserID found for 'roryc'!

 Traceback (5476):
  Module: Kernel::System::User::UserLookup (v1.93) Line: 680
  Module: Kernel::System::Auth::Auth (v1.41) Line: 258
  Module: Kernel::System::Web::InterfaceAgent::Run (v1.43) Line: 192
  Module: F:\wwwroot\otrs-2.4.1\bin\cgi-bin\index.pl (v1.88) Line: 49
==================

I was able to create a user for ldap lookups in the otrs DB before I
added the ldap auth config and this user exists in AD using the same
credentials.
With this user I can log into the system as they're in both AD and the
OTRS DB it seems.

So do I have to sync AD to the otrs DB? It would seem kinda strange if
I did. I think that pretty much defeats the purpose of having an ldap
login because I've no longer got a central point of administration.
What would happen if I added a new user to AD?

Any help would be hugely appreciated,

Rory Clerkin

Support my 365 Challenge in aid of the Irish Cancer Society

www.365challenge.ie
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/