Hi Roy, yes, I do sync against the samaccountname. I capture it from the kerb login using HTTPBasicAuth::ReplaceRegExp
But that's not the problem: the problem is for the users that cannot do kerberos authentification. I need them to be able to do LDAP auth using OTRS login page, as they did before. Instead, they just get a 'forbidden' error and doesn't get any login page. Kind regards, Juan Clavero -----Mensaje original----- De: Roy Kaldung [mailto:r...@kaldung.com] Enviado el: martes, 13 de noviembre de 2012 18:47 Para: User questions and discussions about OTRS. Asunto: Re: [otrs] Kerberos and LDAP Authentication On Nov 12, 2012, at 8:06 AM, Juan Manuel Clavero Almirón <juanm.clav...@ibsalut.es> wrote: > Hi Roy, > before changing the config, auth and sync were LDAP. I changed auth to > Kerberos, but sync was still LDAP. > Check your sync parameter. With mod_auth_kerb you'll get the samaccountname with or without - depends on your configuration - the domain in uppercase. Do you sync against the samaccountname? -Roy -- Roy Kaldung e-mail: r...@kaldung.com --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs