Hi,
I was wondering if anyone had figured out a way to map Active
Directory memberOf information to OTRS roles. The main reason I want
to do this is that I'm in the process of setting up OTRS for use by
200+ agents who will be authenticating via AD's LDAP, and I'd rather
like to avoid having to assign roles to all those users manually. I
already tried the below code, but it doesn't work at all.
# $Self->{'AuthSyncModule::LDAP::UserSyncRolesDefinition'} = {
# # ldap group
# 'CN=groupName1,OU=department,DC=example,DC=com' => {
# # otrs role
# 'Role_1' => 1,
# },
# 'CN=groupName2,OU=department,DC=example,DC=com' => {
# 'Role_2' => 1,
# }
# };
The above code gives the following error:
User: someUser not in
GroupDN='CN=groupName1,OU=department,DC=example,DC=com',
Filter='(memberUid=CN=Some User,OU=department,DC=example,DC=com)'!
(REMOTE_ADDR: 10.10.0.19).
I believe that the issue is that OTRS is looking at the wrong LDAP
property when doing the lookup, but I can't find a place to change it.
Any ideas (or code) would be most helpful.
Thanks,
--
Esteban Santana Santana
"When life hands you lemons, ask for tequila and salt."
-Anonymous
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/
