Hi, I was wondering if anyone had figured out a way to map Active Directory memberOf information to OTRS roles. The main reason I want to do this is that I'm in the process of setting up OTRS for use by 200+ agents who will be authenticating via AD's LDAP, and I'd rather like to avoid having to assign roles to all those users manually. I already tried the below code, but it doesn't work at all.
# $Self->{'AuthSyncModule::LDAP::UserSyncRolesDefinition'} = { # # ldap group # 'CN=groupName1,OU=department,DC=example,DC=com' => { # # otrs role # 'Role_1' => 1, # }, # 'CN=groupName2,OU=department,DC=example,DC=com' => { # 'Role_2' => 1, # } # }; The above code gives the following error: User: someUser not in GroupDN='CN=groupName1,OU=department,DC=example,DC=com', Filter='(memberUid=CN=Some User,OU=department,DC=example,DC=com)'! (REMOTE_ADDR: 10.10.0.19). I believe that the issue is that OTRS is looking at the wrong LDAP property when doing the lookup, but I can't find a place to change it. Any ideas (or code) would be most helpful. Thanks, -- Esteban Santana Santana "When life hands you lemons, ask for tequila and salt." -Anonymous --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! http://www.otrs.com/en/support/enterprise-subscription/