Tyler Hepworth wrote:

My agents authenticate via LDAP and have their accounts created automatically. I would like to also add group rights at the time their account is created. I added the following code to User.pm:

At the very start ----------------------------------- use Kernel::System::Group;

my %CommonObject = (); $CommonObject{GroupObject} = Kernel::System::Group->new(%CommonObject);

Inside of sub UserAdd (just after the user is added) ---------------------------------------------------- $CommonObject{GroupObject}->GroupMemberAdd( UID => $UserID, GID => 1, UserID => 2, Permission => { ro => 0, move_into => 0, create => 0, owner => 0, priority => 0, rw => 1, } ); $CommonObject{GroupObject}->GroupMemberAdd( UID => $UserID, GID => 4, UserID => 2, Permission => { ro => 0, move_into => 0, create => 0, owner => 0, priority => 0, rw => 1, } );

For right now, I want every agent to have access to the FAQ and User groups. Later, if the system grows more complex, I will add logic to this section that will add group rights based off of the groups an Agent belongs to in my LDAP database. So, that is my bright idea, but when I tried to restart apache, it refused to start. There were no errors as to why, so I started commenting out lines of code. The offending code is the first few lines where "CommonObject" is created. Have I specified it correctly? Incorrect? Is what I am trying to do even a good idea? Or will group rights be recreated for the user every time they log in because of the sub SyncLDAP2Database (since it calls UserAdd every time)? Even if rights are created every single time, is that a problem? Any suggestions on how to automatically add group rights?

Nevermind, I got it worked out. Added the following to sub new: $Self->{GroupObject} = Kernel::System::Group->new(%Param); And the following to sub UserAdd: $Self->{GroupObject}->GroupMemberAdd( UID => $UserID, GID => 1, UserID => 2, Permission => { ro => 0, move_into => 0, create => 0, owner => 0, priority => 0, rw => 1, } ); $Self->{GroupObject}->GroupMemberAdd( UID => $UserID, GID => 4, UserID => 2, Permission => { ro => 0, move_into => 0, create => 0, owner => 0, priority => 0, rw => 1, } ); Works like a champ! :-)