Hi, I have implemented Agent Authentication with LDAP Backend. But I am facing problem in syncing LDAP Groups to otrs Groups My intention is to sync cn=infra users to admin group of the otrs Below is the ldif for mat of cn=infra group from ldap: dn: cn=infra,ou=Groups,dc=mycompany,dc=net gidNumber: 602 objectClass: posixGroup objectClass: top cn: infra memberUid: sandeep memberUid: abinav description: All Infrastructure members are here And following is my Config.pm entries: $Self->{'UserSyncLDAPGroupsDefination'} = { # ldap group 'cn=infra,ou=Groups,dc=mycompany,dc=net' => { # otrs group 'admin' => { # permission rw => 1, ro => 1, }, 'faq' => { rw => 0, ro => 1, }, }, }; Here user is getting authenticated but.User is not coming to the admin group in the otrs. Or user is not getting admin privilages. I am getting following error: [Fri Aug 10 15:07:07 2007][Notice][Kernel::System::Auth::LDAP::Auth] User: sandeep (uid=sandeep,ou=People,dc=mycompany,dc=net) authentication ok (REMOTE_ADDR: 61.95.200.12). [Fri Aug 10 15:07:07 2007][Notice][Kernel::System::User::UserUpdate] User: 'sandeep' updated successfully (1)! [Fri Aug 10 15:07:07 2007][Notice][Kernel::System::User::SetPassword] User: 'sandeep' changed password successfully! [Fri Aug 10 15:07:07 2007][Notice][Kernel::System::Auth::LDAP::Auth] User: 'sandeep' sync ldap groups cn=infra,ou=Groups,dc=mycompany,dc=net to groups! [Fri Aug 10 15:07:07 2007][Notice][Kernel::System::Auth::LDAP::Auth] User: sandeep not in GroupDN='cn=infra,ou=Groups,dc=mycompany,dc=net', Filter='(memberUid=uid=sandeep,ou=People,dc=mycompany,dc=net)'! (REMOTE_ADDR: 61.95.200.12). But cn=sandeep,ou=People,dc=mycompany,dc=net is in the cn=infra,ou=Groups,dc=mycompany,dc=net group. This you can see from the above ldif output. Also ldif entry for the sandeep is as below(only relevent part) dn: uid=sandeep,ou=People,dc=mycompany,dc=net uid: sandeep sn: Sandeep A.S mail: sandeep@mycompany.net So what will be the problem for this error ? Filetering is not proper ? Thanks Sandeep
Hi Sandeep, I'm not a OTRS programmer nor I know the api, but you may have a syntax error , look at UserSyncLDAPGroupsDefination, perhaps you must change last 'a' for an 'i'. Just a guess. regards, -- Ernesto Silva. Coordinador de Desarrollo Web y Sistemas Abiertos Centro de Procesamiento de Datos Universidad ORT Uruguay. E-mail: silva@ort.edu.uy Tel: (+598-2) 902-1505 ext. 206 Fax: (+598-2) 900-2952 Sandeep A.S wrote:
Hi, I have implemented Agent Authentication with LDAP Backend. But I am facing problem in syncing LDAP Groups to otrs Groups My intention is to sync cn=infra users to admin group of the otrs Below is the ldif for mat of cn=infra group from ldap:
dn: cn=infra,ou=Groups,dc=mycompany,dc=net gidNumber: 602 objectClass: posixGroup objectClass: top cn: infra memberUid: sandeep memberUid: abinav description: All Infrastructure members are here
And following is my Config.pm entries:
$Self->{'UserSyncLDAPGroupsDefination'} = { # ldap group 'cn=infra,ou=Groups,dc=mycompany,dc=net' => { # otrs group 'admin' => { # permission rw => 1, ro => 1, }, 'faq' => { rw => 0, ro => 1, }, }, };
Here user is getting authenticated but.User is not coming to the admin group in the otrs. Or user is not getting admin privilages. I am getting following error: [Fri Aug 10 15:07:07 2007][Notice][Kernel::System::Auth::LDAP::Auth] User: sandeep (uid=sandeep,ou=People,dc=mycompany,dc=net) authentication ok (REMOTE_ADDR: 61.95.200.12). [Fri Aug 10 15:07:07 2007][Notice][Kernel::System::User::UserUpdate] User: 'sandeep' updated successfully (1)! [Fri Aug 10 15:07:07 2007][Notice][Kernel::System::User::SetPassword] User: 'sandeep' changed password successfully! [Fri Aug 10 15:07:07 2007][Notice][Kernel::System::Auth::LDAP::Auth] User: 'sandeep' sync ldap groups cn=infra,ou=Groups,dc=mycompany,dc=net to groups! [Fri Aug 10 15:07:07 2007][Notice][Kernel::System::Auth::LDAP::Auth] User: sandeep not in GroupDN='cn=infra,ou=Groups,dc=mycompany,dc=net', Filter='(memberUid=uid=sandeep,ou=People,dc=mycompany,dc=net)'! (REMOTE_ADDR: 61.95.200.12). But cn=sandeep,ou=People,dc=mycompany,dc=net is in the cn=infra,ou=Groups,dc=mycompany,dc=net group. This you can see from the above ldif output. Also ldif entry for the sandeep is as below(only relevent part)
dn: uid=sandeep,ou=People,dc=mycompany,dc=net uid: sandeep sn: Sandeep A.S mail: sandeep@mycompany.net
So what will be the problem for this error ? Filetering is not proper ? Thanks Sandeep
_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/
Dear Silva, Sorry. I am really confused. What you meant by last a for an i. I did't able to locate anything of that end with a. Or you used some phrase.? (Not good in English also) Thanks Sandeep Ernesto Silva wrote:
Hi Sandeep, I'm not a OTRS programmer nor I know the api, but you may have a syntax error , look at UserSyncLDAPGroupsDefination, perhaps you must change last 'a' for an 'i'.
Just a guess.
regards,
Hi Sandeep, Ernesto was advising you to modify this directive : UserSyncLDAPGroupsDefination <---- you have a typo in it that's : UserSyncLDAPGroupsDefin<I>tion not UserSyncLDAPGroupsDefin<A>tion Best regards, Laurent Le vendredi 10 août 2007 à 20:01 +0530, Sandeep A.S a écrit :
Dear Silva, Sorry. I am really confused. What you meant by last a for an i. I did't able to locate anything of that end with a. Or you used some phrase.? (Not good in English also) Thanks Sandeep
Ernesto Silva wrote:
Hi Sandeep, I'm not a OTRS programmer nor I know the api, but you may have a syntax error , look at UserSyncLDAPGroupsDefination, perhaps you must change last 'a' for an 'i'.
Just a guess.
regards,
_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/
Thanks Ernesto and Laurent. Now I am not getting that error on the log file. But I am not getting the admin tab after preference for me. Any other configuration required ? Thanks Sandeep
Hi Sandeep,
Ernesto was advising you to modify this directive : UserSyncLDAPGroupsDefination <---- you have a typo in it
that's :
UserSyncLDAPGroupsDefin<I>tion
not
UserSyncLDAPGroupsDefin<A>tion
Best regards,
Laurent
Le vendredi 10 août 2007 à 20:01 +0530, Sandeep A.S a écrit :
Dear Silva, Sorry. I am really confused. What you meant by last a for an i. I did't able to locate anything of that end with a. Or you used some phrase.? (Not good in English also) Thanks Sandeep
Ernesto Silva wrote:
Hi Sandeep, I'm not a OTRS programmer nor I know the api, but you may have a syntax error , look at UserSyncLDAPGroupsDefination, perhaps you must change last 'a' for an 'i'.
Just a guess.
regards,
_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/
OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/
participants (3)
-
Ernesto Silva -
Laurent Minost -
Sandeep A.S