Dear all, I'm still facing problems configuring LDAP authentication for agent login. Below is my earlier post to this list, which describes the problem in detail. In addition I have also tried switching from a Postgresql data base to a MySQL database, but still I'm getting the same error. Any suggestions, hints or tips, things to try as to why the sync bind is failing would be very welcome. Thanks, Warren. ---- Earlier Post I'm trying to set up OTRS 2.1.5 with Apache 2.0.58, mod_perl 2.0.3 and Postgresql 8.0.12 on a Gentoo Linux system. The area I'm having trouble with is the LDAP agent authentication. Please note that previously I have successfully set up OTRS 2.0 with LDAP agent authentication, the only real difference besides the OTRS version is that last time I used FastCGI and this time I'm using mod_perl. The problem I'm facing is that when I try and log in to OTRS as an LDAP user for the first time I get the error "Panic! No UserData!!" on screen and in the Apache log error I see is : ERROR: OTRS-CGI-1 Perl: 5.8.8 OS: linux Time: Wed May 23 11:58:27 2007 Message: Sync bind failed! No password, did you mean noauth or anonymous ? Traceback (12298): Module: Kernel::System::Auth::LDAP::Auth (v1.29) Line: 257 Module: Kernel::System::Auth::Auth (v1.20) Line: 116 Module: Kernel::System::Web::InterfaceAgent::Run (v1.17.2.1) Line: 201 Module: ModPerl::ROOT::ModPerl::Registry::var_www_otrs_2enaturesoft_2enet_otrs_2d2_2e1_2e5_bin_cgi_2dbin_index_2epl::han dler (v) Line: 47 Module: (eval) (v1.81) Line: 204 Module: ModPerl::RegistryCooker::run (v1.81) Line: 204 Module: ModPerl::RegistryCooker::default_handler (v1.81) Line: 170 Module: ModPerl::Registry::handler (v1.99) Line: 31 The relevant section from my Config.pm looks like this : # Here goes the LDAP config!! $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; $Self->{'AuthModule::LDAP::Host'} = '127.0.0.1'; $Self->{'AuthModule::LDAP::BaseDN'} = 'dc=naturesoft,dc=net'; $Self->{'AuthModule::LDAP::UID'} = 'uid'; # Some additonal LDAP options, for directories that don't allow anonymous access. # $Self->{'AuthModule::LDAP::SearchUserDN'} = ''; # $Self->{'AuthModule::LDAP::SearchUserPw'} = ''; $Self->{'AuthModule::LDAP::AlwaysFilter'} = '(objectclass=inetOrgPerson)'; # Some compulsory LDAP settings. $Self->{'AuthModule::LDAP::Params'} = { port => 389, timeout => 120, async => 0, version => 3, }; # LDAP to DB sync!! # UserSyncLDAPMap # (map if agent should create/synced from LDAP to DB after login) $Self->{UserSyncLDAPMap} = { # DB -> LDAP Firstname => 'givenName', Lastname => 'sn', Email => 'mail', }; # UserSyncLDAPGroups # (If "LDAP" was selected for AuthModule, you can specify # initial user groups for first login.) $Self->{UserSyncLDAPGroups} = [ 'users', ]; # UserTable $Self->{DatabaseUserTable} = 'system_user'; $Self->{DatabaseUserTableUserID} = 'id'; $Self->{DatabaseUserTableUserPW} = 'pw'; $Self->{DatabaseUserTableUser} = 'login'; On the LDAP server I can see in the logs a successful anonymous bind and search for full "dn" followed by another bind that authenticates with the full "dn" and then that's it. No further bind to search for the user data. May 22 13:48:19 [slapd] conn=150791 fd=153 ACCEPT from IP=192.168.0.212:43718 (IP=192.168.10.1:636)_ May 22 13:48:19 [slapd] conn=150791 fd=153 TLS established tls_ssf=256 ssf=256_ May 22 13:48:19 [slapd] conn=150791 op=0 BIND dn="" method=128_ May 22 13:48:19 [slapd] conn=150791 op=0 RESULT tag=97 err=0 text=_ May 22 13:48:19 [slapd] conn=150791 op=1 SRCH base="dc=naturesoft,dc=net" scope=2 deref=2 filter="(&(uid=warren_h)(objectClass=inetOrgPerson))"_ May 22 13:48:19 [slapd] conn=150791 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=_ May 22 13:48:19 [slapd] conn=150791 op=2 BIND dn="uid=warren_h,dc=naturesoft,dc=net" method=128_ May 22 13:48:19 [slapd] conn=150791 op=2 BIND dn="uid=warren_h,dc=naturesoft,dc=net" mech=SIMPLE ssf=0_ May 22 13:48:19 [slapd] conn=150791 op=2 RESULT tag=97 err=0 text=_ May 22 13:48:19 [slapd] conn=150791 op=3 UNBIND_ May 22 13:48:19 [slapd] conn=150791 fd=153 closed_ Note that if I use the root@localhost id and create matching username entry in OTRS then I am able to log in as that user when using LDAP agent authentication. I'm completely stumped at this point, any suggestions, hints or tips will be very welcome. Thanks, Warren.