Hi all! JFYI. I added a modular authentication design. Currently OpenTRS supports authentication against OpenTRS database or a LDAP directory. The backand modules are Kernel/System/Auth/DB.pm and Kernel/System/Auth/LDAP.pm. The used module can be configured in Kernel/Config.pm: [...] # ----------------------------------------------------# # authentication settings # # (enable what you need, auth against otrs db or # # against a LDAP directory) # # ----------------------------------------------------# # This is the auth. module againt the otrs db $Self->{'AuthModule'} = 'Kernel::System::Auth::DB'; # This is an example configuration for an LDAP auth. backend. # (take care that Net::LDAP is installed!) # $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; # $Self->{'AuthModule::LDAP::Host'} = 'ldap.example.com'; # $Self->{'AuthModule::LDAP::BaseDN'} = 'cn=Manager,dc=example,dc=com'; # $Self->{'AuthModule::LDAP::UID'} = 'uid'; # The following is valid but would only be necessary if the # anonymous user do NOT have permission to read from the LDAP tree # $Self->{'AuthModule::LDAP::SearchUserDN'} = ''; # $Self->{'AuthModule::LDAP::SearchUserPw'} = ''; [...] So it's easy to create new authentication modules. PS: Thanks to Atif! Bye, Martin -- Martin Edenhofer - <martin at edenhofer.de> - http://martin.edenhofer.de/ -- "Security is a process, not a product." - Bruce Schneider