Hello,
I would like to synchronize LDAP groups with OTRS groups, taking into account that one user may belong to more than one group, so it has to take all the privileges of the groups which it belong.
Can be done?
Thank you very much.
User multiple groups in LDAP synchronize with groups of OTRS
Moderator: crythias
-
crythias
- Moderator
- Posts: 10169
- Joined: 04 May 2010, 18:38
- Znuny Version: 5.0.x
- Location: SouthWest Florida, USA
- Contact:
Re: User multiple groups in LDAP synchronize with groups of
agents - yes (see Defaults.pm for examples to copy to Config.pm and edit there).
customers - no.
customers - no.
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Re: User multiple groups in LDAP synchronize with groups of
Hello,
I try to do, but it doesn't work. For instance, I configure Default.pm in this way (using agents):
But when I log into OTRS, the user who belongs to both groups doesn’t have the line of the group with all the privileges.
Could you tell what’s wrong?
Thank you in advance.
I try to do, but it doesn't work. For instance, I configure Default.pm in this way (using agents):
Code: Select all
$Self->{'AuthSyncModule::LDAP::UserSyncGroupsDefinition'} = {
'cn=Unix,ou=GROUPS,dc=plaza,dc=eu' => {
'OPER' => {
move_into => 1,
ro => 1,
},
'Soporte Almacenamiento-Backup' => {
move_into => 1,
ro => 1,
},
'Soporte Antivirus' => {
move_into => 1,
ro => 1,
},
'Soporte Unix' => {
rw => 1,
},
},
'cn=Almacenamiento,ou=GROUPS,dc=plaza,dc=eu' => {
'OPER' => {
move_into => 1,
ro => 1,
},
'Soporte Almacenamiento-Backup' => {
rw => 1,
},
'Soporte Antivirus' => {
move_into => 1,
ro => 1,
},
'Soporte Unix' => {
move_into => 1,
ro => 1,
},
}
…..
};Could you tell what’s wrong?
Thank you in advance.
-
crythias
- Moderator
- Posts: 10169
- Joined: 04 May 2010, 18:38
- Znuny Version: 5.0.x
- Location: SouthWest Florida, USA
- Contact:
Re: User multiple groups in LDAP synchronize with groups of
This seems to have a conflict anyway ... ro => 1 means read only. You shouldn't need this *and* move_into.
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Re: User multiple groups in LDAP synchronize with groups of
I understand, now I see it, but if I delete ro and move_into, users who belong only to one group can't move or read tickets of the other groups, so I don't understand how one angent can belongs to more than one group. Could you tell me any example of this?
Thanks in advance.
Thanks in advance.
Re: User multiple groups in LDAP synchronize with groups of
Any help, please? I don't find how to do it. Thanks
Re: User multiple groups in LDAP synchronize with groups of
Any help, please? I don't find how to do it. Thanks
-
crythias
- Moderator
- Posts: 10169
- Joined: 04 May 2010, 18:38
- Znuny Version: 5.0.x
- Location: SouthWest Florida, USA
- Contact:
Re: User multiple groups in LDAP synchronize with groups of
Admin,AnaP wrote:so I don't understand how one angent can belongs to more than one group
Agents <-> Groups
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Re: User multiple groups in LDAP synchronize with groups of
Hello,
I tried doing in that way, but it doesn't work. I am programming Default.pm, I don't use the graphic mode and I would like synchronize ldap groups with otrs groups, but I can't give privileges in my way. I mean, I want to put to one agent more than one groups privileges, all the priviliges, but one of them doesn't work. Can do that? I want to do this programming .pm.
Thanks in advance
I tried doing in that way, but it doesn't work. I am programming Default.pm, I don't use the graphic mode and I would like synchronize ldap groups with otrs groups, but I can't give privileges in my way. I mean, I want to put to one agent more than one groups privileges, all the priviliges, but one of them doesn't work. Can do that? I want to do this programming .pm.
Thanks in advance
-
crythias
- Moderator
- Posts: 10169
- Joined: 04 May 2010, 18:38
- Znuny Version: 5.0.x
- Location: SouthWest Florida, USA
- Contact:
Re: User multiple groups in LDAP synchronize with groups of
Need more information to diagnose this condition. (entire Config.pm might help, error logs as well). Note that UserSyncGroupsDefinition must end in the same index/digit as AuthSyncAnaP wrote:but it doesn't work
If rw permissions exists, it will ignore all other permissions.
Code: Select all
# AuthSyncModule::LDAP::UserSyncGroupsDefinition
# (If "LDAP" was selected for AuthModule and you want to sync LDAP
# groups to otrs groups, define the following.)
# $Self->{'AuthSyncModule::LDAP::UserSyncGroupsDefinition'} = {
# # ldap group
# 'cn=agent,o=otrs' => {
# # otrs group
# 'admin' => {
# # permission
# rw => 1,
# ro => 1,
# },
# 'faq' => {
# rw => 0,
# ro => 1,
# },
# },
# 'cn=agent2,o=otrs' => {
# 'users' => {
# rw => 1,
# ro => 1,
# },
# }
# };
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Re: User multiple groups in LDAP synchronize with groups of
Hello,
My code is so simply, I have 2 groups in LDAP and the same groups in OTRS:
$Self->{'AuthSyncModule::LDAP::UserSyncGroupsDefinition'} = {
'cn=Unix,ou=GROUPS,dc=plaza,dc=eu' => {
'Soporte Almacenamiento-Backup' => {
move_into => 1,
ro => 1,
},
'Soporte Antivirus' => {
move_into => 1,
ro => 1,
},
'Soporte Unix' => {
rw => 1,
},
},
'cn=Almacenamiento,ou=GROUPS,dc=plaza,dc=eu' => {
'Soporte Almacenamiento-Backup' => {
rw => 1,
},
'Soporte Antivirus' => {
move_into => 1,
ro => 1,
},
'Soporte Unix' => {
move_into => 1,
ro => 1,
},
}
};
I have one agent en ldap who belong to the Group Alamcenamiento and Unix and the other one only belongs to Unix. The agent that belongs to Unix group must have all the priviliges in Unix and only move_into and ro in the antivirus group. The other agent, instead, must have all the privileges in both groups, but the agent only gets the restrictive priviliges in the second group.
I don't found the logs. But the problem is that I mentionated, it doesn't show error.
I have to program it using Default.pm, but it doesn't let me do as I want.
Can be done?
Thanks in advance.
My code is so simply, I have 2 groups in LDAP and the same groups in OTRS:
$Self->{'AuthSyncModule::LDAP::UserSyncGroupsDefinition'} = {
'cn=Unix,ou=GROUPS,dc=plaza,dc=eu' => {
'Soporte Almacenamiento-Backup' => {
move_into => 1,
ro => 1,
},
'Soporte Antivirus' => {
move_into => 1,
ro => 1,
},
'Soporte Unix' => {
rw => 1,
},
},
'cn=Almacenamiento,ou=GROUPS,dc=plaza,dc=eu' => {
'Soporte Almacenamiento-Backup' => {
rw => 1,
},
'Soporte Antivirus' => {
move_into => 1,
ro => 1,
},
'Soporte Unix' => {
move_into => 1,
ro => 1,
},
}
};
I have one agent en ldap who belong to the Group Alamcenamiento and Unix and the other one only belongs to Unix. The agent that belongs to Unix group must have all the priviliges in Unix and only move_into and ro in the antivirus group. The other agent, instead, must have all the privileges in both groups, but the agent only gets the restrictive priviliges in the second group.
I don't found the logs. But the problem is that I mentionated, it doesn't show error.
I have to program it using Default.pm, but it doesn't let me do as I want.
Can be done?
Thanks in advance.
Re: User multiple groups in LDAP synchronize with groups of
Have I explained myself well in the last comment? Could you help me?