Helllo,
when applying the LDAP group restrictions for agent or customer authentication, does the user have to be a direct member of the LDAP group? For example I have an AD group OTRS_Users. This group has two subgroups CRM and IT. The individual agents are members of these groups. I would like the members of subgroups to be able to log into OTRS. Is it possible?
Thanks
[SOLVED] LDAP authentication subgroups
Moderator: crythias
[SOLVED] LDAP authentication subgroups
Last edited by aph on 06 Aug 2014, 17:24, edited 1 time in total.
OTRS 3.3.x (private/testing) on Windows Server 2008 with MSSQL database.
OTRS 3.3.x (private/testing) on CentOS with MySQL database and apache
OTRS 3.3.x (private/testing) on CentOS with MySQL database and apache
-
crythias
- Moderator
- Posts: 10170
- Joined: 04 May 2010, 18:38
- Znuny Version: 5.0.x
- Location: SouthWest Florida, USA
- Contact:
Re: LDAP authentication subgroups
yes, and so my document says.aph wrote:does the user have to be a direct member of the LDAP group?
http://stackoverflow.com/questions/1953 ... oups-squidaph wrote:This group has two subgroups CRM and IT.
Please read my ldap troubleshooting again.
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Re: LDAP authentication subgroups (nested groups)
For those wo may be interested, I was able to find a solution for the nested groups problem. An external package called ConnectAD (https://github.com/rkaldung/ConnectAD).
Now my AD directory structure is supported:
The AD group OTRS_Users contains groups ABC and PQR. The agents are members of the subgroups (ABC and PQR) and not the direct member of AD group OTRS_Users.
For the module to work, one has to download the connectAD opm from http://packages.opmzone.org/ and install it via Package Manager in Admin area.
Please note connectAD is an external package and not part of the OTRS core. The Config.pm has to be changed accordingly to use connectAD modules.
Now my AD directory structure is supported:
The AD group OTRS_Users contains groups ABC and PQR. The agents are members of the subgroups (ABC and PQR) and not the direct member of AD group OTRS_Users.
For the module to work, one has to download the connectAD opm from http://packages.opmzone.org/ and install it via Package Manager in Admin area.
Please note connectAD is an external package and not part of the OTRS core. The Config.pm has to be changed accordingly to use connectAD modules.
OTRS 3.3.x (private/testing) on Windows Server 2008 with MSSQL database.
OTRS 3.3.x (private/testing) on CentOS with MySQL database and apache
OTRS 3.3.x (private/testing) on CentOS with MySQL database and apache