# OTRS AD Integration



## pacija (Dec 7, 2010)

Dear colleagues,

i am testing OTRS as a helpdesk solution for a company i work for. I would like to have it integrated with Active Directory, so users can use the same username and password for logging into helpdesk app. Or even better, they do not have to type anything - they are logged automatically via NTLM as current user.

I followed instructions on OTRS Wiki, but got stuck with following error in http-error log:


```
... failed to resolve handler `Apache2::AuthenNTLM': Can't locate Apache2/AuthenNTLM.pm ...
```

Apache2::AuthenNTLM is not in ports tree, and it does not compile from CPAN:


```
/usr/include/malloc.h:3:2: error: #error "<malloc.h> has been replaced by <stdlib.h>"
smblib.c: In function 'SMB_Connect_Server':
smblib.c:123: warning: incompatible implicit declaration of built-in function 'malloc'
smblib.c: In function 'SMB_Connect':
smblib.c:222: warning: incompatible implicit declaration of built-in function 'malloc'
*** Error code 1

Stop in /root/.cpan/build/Apache2-AuthenNTLM-0.02-XvcTC9/smb/smbval.
*** Error code 1

Stop in /root/.cpan/build/Apache2-AuthenNTLM-0.02-XvcTC9/smb.
*** Error code 1

Stop in /root/.cpan/build/Apache2-AuthenNTLM-0.02-XvcTC9.
  SPEEVES/Apache2-AuthenNTLM-0.02.tar.gz
  /usr/bin/make -- NOT OK
Running make test
  Can't test without successful make
Failed during this command:
 SPEEVES/Apache2-AuthenNTLM-0.02.tar.gz       : make NO
```

Anyone having some advice about setting up OTRS SSO on FreeBSD + M$ AD or i should give up?

Thank you in advance,


----------



## DutchDaemon (Dec 7, 2010)

This one?

security/p5-Authen-NTLM


----------



## pacija (Dec 8, 2010)

Unfortunately not. The one i need is Apache2::AuthenNTLM, while you are referring to Authen::NTLM

Any other ideas?


----------



## DutchDaemon (Dec 8, 2010)

Not sure if this helps, but when looking at /root/.cpan/build/Apache2-AuthenNTLM-0.02-blabla/smb/smbval/smblib.c, I see no lines like these (which _are_ present in rfcnb-util.c, session.c, and smblib-util.c in that same directory) :


```
#ifdef __FreeBSD__
#include <stdlib.h>
#else
#include <malloc.h>
#endif
```

You will see that smblib.c only mentions:


```
#include <malloc.h>
```

And that's where the build bombs.


----------



## DutchDaemon (Dec 8, 2010)

What I tried:

Replaced 
	
	



```
#include <malloc.h>
```
 with 
	
	



```
#include <stdlib.h>
```
 in /root/.cpan/build/Apache2-AuthenNTLM-0.02-blabla/smb/smbval/smblib.c, ran [cmd=]perl Makefile.PL[/cmd] in that directory (no complaints), went back up to /root/.cpan/build/Apache2-AuthenNTLM-0.02-blabla/, ran a [cmd=]make clean[/cmd] there, followed by [cmd=]perl Makefile.PL[/cmd]

This got me:


```
Writing Makefile for Authen::Smb::smbvalid
Writing Makefile for Authen::Smb
Writing Makefile for Apache2::AuthenNTLM
```

And then [cmd=]make install[/cmd]

This got me:


```
<snip>
Installing /usr/local/lib/perl5/site_perl/5.10.1/mach/Apache2/AuthenNTLM.pm
<snip>
Installing /usr/local/lib/perl5/5.10.1/man/man3/Apache2::AuthenNTLM.3
<snip>
FreeBSD: Registering installation in the package database
Appending installation info to /usr/local/lib/perl5/5.10.1/mach/perllocal.pod
```

Untested, but looks good. Registered in the pkg database as bsdpan-Apache2-AuthenNTLM-0.02.


----------



## DutchDaemon (Dec 18, 2010)

@pacija, any progress?


----------



## pacija (Dec 21, 2010)

@DutchDaemon

Thank you for your help. I did as you instructed, and indeed the module compiled successfully. Unfortunately i can not authenticate. I am getting popup window for authentication (as in BASIC scheme), which should not be the situation with NTLM. Also i am getting:


```
[error] Wrong password/user (rc=3/1/327681): DOMAIN\\user for /otrs/index.php
```

Or, more or less identical error like guy here: Apache:AuthenNTLM_not_working_properly.html

BTW I tried both IE and Firefox, with more or less same result.


----------

