Hi Roy,
yes, I do sync against the samaccountname. I capture it from the kerb login 
using HTTPBasicAuth::ReplaceRegExp

But that's not the problem: the problem is for the users that cannot do 
kerberos authentification. I need them to be able to do LDAP auth using OTRS 
login page, as they did before. Instead, they just get a 'forbidden' error and 
doesn't get any login page.


Kind regards,
Juan Clavero
-----Mensaje original-----
De: Roy Kaldung [mailto:r...@kaldung.com] 
Enviado el: martes, 13 de noviembre de 2012 18:47
Para: User questions and discussions about OTRS.
Asunto: Re: [otrs] Kerberos and LDAP Authentication

On Nov 12, 2012, at 8:06 AM, Juan Manuel Clavero Almirón 
<juanm.clav...@ibsalut.es> wrote:
> Hi Roy,
> before changing the config, auth and sync were LDAP. I changed auth to 
> Kerberos, but sync was still LDAP. 
> 


Check your sync parameter. With mod_auth_kerb you'll get the samaccountname 
with or without - depends on your configuration - the domain in uppercase.
Do you sync against the samaccountname?

-Roy

-- 
Roy Kaldung
e-mail: r...@kaldung.com






---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Reply via email to