i configured my OTRS (4.0.6 on debian 7.
to use SSO (over Kerberos) and LDAP as fallback, both of them work.If OTRS doesn't know the User it gets through SSO it goes to the regular loginscreen with LDAP. But if anything goes wrong with the SSO (e.g. the Browser isn't configured correctly) the user gets an error (401 Auth required) and has no possibility to change to the usual login with LDAP.
I'd like to configure it that way that if anything goes wrong with the SSO it's forced to show the loginscreen with LDAP backend.
------------------------
part of my Config.pm
Code: Select all
# Kerberos SSO authentication for AGENTS
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
$Self->{'AuthModule::HTTPBasicAuth::ReplaceRegExp'} = '@DOMAIN.DUMMY';
#Enable ACTIVE DIRECTORY authentication for AGENTS
$Self->{'AuthModule1'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host1'} = 'ad.domain.dummy';
$Self->{'AuthModule::LDAP::BaseDN1'} = 'dc=domain,dc=dummy';
$Self->{'AuthModule::LDAP::UID1'} = 'sAMAccountName';
.....
And i don't really get really an error in my logs to work with.
I'd be grateful for any suggestions!