Hi all,
I'm having glacial progress with getting otrs (Debian) to authenticate
with Active Directory.
I've have trawled the archives and I'm still not even sure the setup
I'm after can be done.
I have a standard structure of OUs
Customer and Agent account are distributed throughout the OUs
I'd like to put Agents in a group to distinguish then from Customers
The login IDs should be their samAccountName
Group membership can be derived from the group attribute 'member'
which contains users DNs.
here's the config...
$Self->{'AuthModule::LDAP::UID'} = 'samAccountName';
$Self->{'AuthModule::LDAP::GroupDN'} =
'cn=OTRS-Agents,ou=Groups,dc=domain,dc=local';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'AuthModule::LDAP::UserAttr'} = 'distinguishedname';
Looking at the log, it seems membership is being tested using the
Login ID and failing.
Jun 8 11:37:28 vm-helpdesk OTRS-CGI-10[13668]:
[Notice][Kernel::System::Auth::LDAP::Auth] User: mjoyce authentication
failed, no LDAP group
entry foundGroupDN='cn=OTRS-Agents,ou=Groups,dc=domain,dc=local',
Filter='(member=mjoyce)'! (REMOTE_ADDR: x.x.x.x).
Have I misunderstood how this authentication process works ?
Can anyone advise me ?
Thanks
Matt
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support or consulting for your OTRS system?
=> http://www.otrs.com/
