Ldap – OTRS authenticating with LDAP, how to get ALL Users

ldapotrs

We set up an OTRS authenticating users with LDAP (Microsoft AD), and we want to assign ALL users from domain to be customers on OTRS, the problem is that years ago when the domain was created, our Windows Servers were in our native language (Portuguese), and the default groups are named like that, not "Domain Users", but "Usuários do domínio" with all that accentuation. OTRS is not liking it and won't work getting users from that group:

$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'CN=Usuários do domínio,CN=Users,DC=example,DC=com';

Could anyone enlight me if is there another way to get ALL users from a domain besides using groups on OTRS or maybe workaround that accentuation problem?

Best Answer

Authenticating Customers with LDAP backend, with ALL users (and no dedicated "otrs-allow" group) is working for me in OTRS 5s. Just get rid of referencing this group in Settings (Admin -> SysConfig -> Search) and /opt/otrs/Kernel/Config.pm.

1) in /opt/otrs/Kernel/Config.pm - just comment this out:

# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group xyz to use otrs)
## $Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=otrs-allow,dc=example,dc=org';
## $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
## $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';

2) in OTRS Agent interface - being admin go "Admin -> SysConfig -> Search" and search for:

Customer::AuthModule::LDAP::GroupDN
Customer::AuthModule::LDAP::AccessAttr
Customer::AuthModule::LDAP::UserAttr

Reset this options to default and uncheck.

Best Answer

Related Solutions

LDAP schema design

Ldap – Use LDAP to authenticate oracle database users

Related Topic