Hi there,
I've had a search and I couldn't find much related to this but what I'd like to do is have my agents, who are offsite and not connected by vpn to the office, be able to click on the notification links from OTRS emails to automatically open a browser and log them in (via ldap) to OTRS to the ticket the link is pointing to.
Does that make sense? Has anybody done it? Is there anything in OTRS to prevent this?
Thanks all!
Accessing OTRS through notification links over the internet
Moderator: crythias
-
StarDestroyer
- Znuny newbie
- Posts: 20
- Joined: 05 Sep 2013, 22:26
- Znuny Version: 5.0.x
- Real Name: Jake
- Company: Hilite International
Re: Accessing OTRS through notification links over the inter
If your agents are VPN'd in, it should work just fine. I was logged into OTRS across the VPN from my phone just last night.
OTRS 5.0.x on CentOS 6 w/MySQL Database
-
Henry
- Znuny newbie
- Posts: 5
- Joined: 11 Sep 2013, 18:07
- Znuny Version: 5.0.3
- Real Name: Alan Doyle
- Company: Isode
Re: Accessing OTRS through notification links over the inter
Yes I was hoping to do it without them being on a vpn. Maybe through port forwarding. I was just wondering if anyone had done it...
-
StarDestroyer
- Znuny newbie
- Posts: 20
- Joined: 05 Sep 2013, 22:26
- Znuny Version: 5.0.x
- Real Name: Jake
- Company: Hilite International
Re: Accessing OTRS through notification links over the inter
Somehow I missed the 'not' in the sentence 'who are offsite and not connected by vpn to the office'.
It should still be possible, but you need to beware the security implications. You are allowing traffic from the Internet to pass through your firewall. Also, if you use http instead of https, all information (including usernames and passwords) will be sent across the Internet in clear text.
The specifics of how you do it will vary based on your firewall software. If you want to make it as simple as having your agents go to https://helpdesk.company.com/, you need to set a DNS entry helpdesk.company.com in your external DNS and have it point to your firewall. You then need to configure your firewall to forward port 443 traffic that arrives on its public WAN interface to the internal IP of your OTRS server. This might be called port forwarding, NAT, reverse NAT or something similar.
The web interfaces of OTRS (both customer and agent) are nothing more than web pages. If you can browse the webpage, you should be able to have full functionality. This is true even if you use alternate authentication such as LDAP as the OTRS server receives the username and password via a web request and then sends it to the LDAP server to check it. Your computer does not make any contact with the LDAP server. Same applies for an LDAP customer DB.
It should still be possible, but you need to beware the security implications. You are allowing traffic from the Internet to pass through your firewall. Also, if you use http instead of https, all information (including usernames and passwords) will be sent across the Internet in clear text.
The specifics of how you do it will vary based on your firewall software. If you want to make it as simple as having your agents go to https://helpdesk.company.com/, you need to set a DNS entry helpdesk.company.com in your external DNS and have it point to your firewall. You then need to configure your firewall to forward port 443 traffic that arrives on its public WAN interface to the internal IP of your OTRS server. This might be called port forwarding, NAT, reverse NAT or something similar.
The web interfaces of OTRS (both customer and agent) are nothing more than web pages. If you can browse the webpage, you should be able to have full functionality. This is true even if you use alternate authentication such as LDAP as the OTRS server receives the username and password via a web request and then sends it to the LDAP server to check it. Your computer does not make any contact with the LDAP server. Same applies for an LDAP customer DB.
OTRS 5.0.x on CentOS 6 w/MySQL Database
-
Henry
- Znuny newbie
- Posts: 5
- Joined: 11 Sep 2013, 18:07
- Znuny Version: 5.0.3
- Real Name: Alan Doyle
- Company: Isode
Re: Accessing OTRS through notification links over the inter
Great stuff - thanks StarDestroyer. Sounds less complicated than I thought!