Prevent a disabled LDAP account loads on ticket create

[acosta]

Hello all,

I'm need some help for the following workarroud:

Background: We use OTRS in version 3.3.7. We use openLDAP to maintain our database of customers. We did not use the customer area of the system (customer.pl). In our database of customers, we make no deleting a user account when the user let the company, your account is disabled.

Problem: On the ticket screen, when we put the user name, the system loads the information from the LDAP database, that include all users with account disabled.

Solution: We made a OU called "userdisabled" and placed all disabled accounts inside.

On OTRS, Config.pm, we included the following (in bold) parameters:

# CustomerUser
# (customer user ldap backend and settings)
$Self->{CustomerUser} = {
Name => 'LDAP Backend' ,
Module => 'Kernel::System::CustomerUser::LDAP' ,
Params => {
# ldap host
Host => 'ldap://my.server.com:389' ,
# ldap base dn
BaseDN => 'ou=users,dc=my,dc=server,dc=com' ,
# search scope (one|sub)

When we set the OU "users" the OTRS cant bind the OU "userdisabled".

Anyone know a better way to restrict a disabled LDAP user account on OTRS?

Thanks.

Alexandre Costa

[crythias]

I'd try starting here.

[acosta]

I'd try starting here.

Thanks Crystias,

I´m still search a better way to do this.
Now I think, I need to filter the ldap parameter sambaAcctFlags on Config.pm.

Something like:

# add a ldap filter for valid users (expert setting)
# CustomerUserValidFilter => '(!(description=gesperrt))',
sambaAcctFlags= [U

But I dont know yet.

Thanks for your help.