Good morning community,
since we want to extend our OTRS instance with some elaborate process tickets, we are in need of limiting access to certain parts of the process to certain groups. Since I want to keep the rights management as centralized as possible, I want to use AD-security groups in order to give special eprmissions e.g. for our HR people.
When it comes to rights managegent in OTRS, I am pretty green. Is it possible to to link ACLs, groups and roles to certain security groups in our AD? That way we could just manage access using the AD instead of fiddeling around in OTRS.
Is such a thing possible?
Best regards
Fabian
Limiting Access using Active Directory
Moderator: crythias
-
SultanOfSwing
- Znuny newbie
- Posts: 22
- Joined: 06 Nov 2013, 18:30
- Znuny Version: 4.0.10
- Real Name: Fabian
- Company: Company
Limiting Access using Active Directory
OTRS 3.3.8
MySQL 5.5
Debian 7.4 64bit
FAQ- + Support-Package
MySQL 5.5
Debian 7.4 64bit
FAQ- + Support-Package
-
crythias
- Moderator
- Posts: 10170
- Joined: 04 May 2010, 18:38
- Znuny Version: 5.0.x
- Location: SouthWest Florida, USA
- Contact:
Re: Limiting Access using Active Directory
Check Kernel/Config/Defaults.pm
Copy the sections to Kernel/Config.pm relevant to AuthSyncModule::LDAP::UserSyncGroupsDefinition or UserSyncRolesDefinition (or other parts that are relevant to your request)
Acl, not directly to LDAP, but group or role membership, yes.
Copy the sections to Kernel/Config.pm relevant to AuthSyncModule::LDAP::UserSyncGroupsDefinition or UserSyncRolesDefinition (or other parts that are relevant to your request)
Acl, not directly to LDAP, but group or role membership, yes.
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
-
SultanOfSwing
- Znuny newbie
- Posts: 22
- Joined: 06 Nov 2013, 18:30
- Znuny Version: 4.0.10
- Real Name: Fabian
- Company: Company
Re: Limiting Access using Active Directory
Thanks, at first glance that seems like it will do the trick!
Mapping roles and groups to AD-groups seems close enough. Once the OTRS config is clean, I should be able to bounce users around in the AD and change permissions using that.
Mapping roles and groups to AD-groups seems close enough. Once the OTRS config is clean, I should be able to bounce users around in the AD and change permissions using that.
OTRS 3.3.8
MySQL 5.5
Debian 7.4 64bit
FAQ- + Support-Package
MySQL 5.5
Debian 7.4 64bit
FAQ- + Support-Package