[SOLVED] LDAP query for customer doesn´t check sub-groups

richydom · Post by **richydom** » 05 Oct 2011, 10:52

Good morning everyone,

we got a little problem with our ORTS LDAP query for agents and customer.

If the user is directly assigned to the group (GroupDN) it works great, but if the user is member of a sub-group in the GroupDN OTRS will not recognize it.

Anybody an idea to fix this problem?

Greetings

Code: Select all

	$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
	$Self->{'Customer::AuthModule::LDAP::Host'} = 'domain.tld';
	$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'dc=domain, dc=tld';
	$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';
	$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'CN=OTRS-USERGROUP,OU=GROUPS,DC=domain,DC=tld';
	$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
	$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';
	$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=OTRS-LDAP-READ,OU=ACCOUNTS,DC=domain,DC=tld';
	$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'Password';
	$Self->{'Customer::AuthModule::LDAP::Params'} = {
		port => 389,
		timeout => 120,
		async => 0,
		version => 3,
	};

Post by **crythias** » 05 Oct 2011, 13:28

Inheritance isn't checked. Just group membership.
If you want, create a more all-inclusive group (closer to all users) and use a filter for the group memberships that are relevant.

richydom · Post by **richydom** » 05 Oct 2011, 13:38

crythias wrote:Inheritance isn't checked. Just group membership.
If you want, create a more all-inclusive group (closer to all users) and use a filter for the group memberships that are relevant.

Thank you very much crythias!

Znuny Open Source Ticketsystem

[SOLVED] LDAP query for customer doesn´t check sub-groups

[SOLVED] LDAP query for customer doesn´t check sub-groups

Re: LDAP query for agents and customer doesn´t check sub-gro

LDAP query for agents and customer doesn´t check sub-groups