I configure an authentication to my Active Directory. I create a group "OTRS_Users" which contains the users : the authentication works.
Now, I want to authorize a subgroup of users under OTRS_Users. In this case, the authentication doesn't work.
Is this setting possible ? See below my actual settings (the users are in the group "OTRS_Users") :
Best regards
Code: Select all
# This is a configuration for agents
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'my_Host';
$Self->{'AuthModule::LDAP::BaseDN'} = 'my_BaseDN';
$Self->{'AuthModule::LDAP::UID'} = 'my_UID';
# Check if the user is allowed to auth in a posixGroup
$Self->{'AuthModule::LDAP::GroupDN'} = 'my_GroupDN';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
# Bind credentials to log into AD
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'my_SearchUserDN';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'my_SearchUserPw';
# Net::LDAP new params (if needed - for more info see perldoc Net::LDAP)
$Self->{'AuthModule::LDAP::Params'} = {
port => my_port,
timeout => 120,
async => 0,
version => 3,
};
# Now sync data with OTRS DB
$Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP';
$Self->{'AuthSyncModule::LDAP::Host'} = 'my_Host';
$Self->{'AuthSyncModule::LDAP::BaseDN'} = 'my_BaseDN';
$Self->{'AuthSyncModule::LDAP::UID'} = 'my_UID';
$Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'my_SearchUserDN';
$Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'my_SearchUserPw';
$Self->{'AuthSyncModule::LDAP::UserSyncMap'} = {# DB -> LDAP
UserFirstname => 'givenName',
UserLastname => 'sn',
UserEmail => 'mail',
};