I've provided some instructions (a bit dated, to be honest) with examples and more information on the forums.

Because it's in HowTos, please don't ask questions directly on HowTos, but either follow up here or in the Help part of the forums. http://forums.otterhub.org/viewtopic.php?t=16543

I've been a bit struggling with more recent versions of Apache doing SSO, but I've documented my SSO here: http://forums.otterhub.org/viewtopic.php?t=15422

SSO is a bit more complicated, but when it works, it's pretty sweet.

On Fri, Sep 2, 2016 at 7:59 AM, Dimitrakakis Georgios <gdimitrakakis@pancretabank.gr> wrote:

Hello!

 

Can someone explain a little bit more analytically how one can use AD to authenticate users?

 

I read the “External Backends” section in the manual but a few things are not clear to me.

 

So far I have managed to perform section 5.2.2 (https://otrs.github.io/doc/manual/admin/stable/en/html/external-backends.html#customer-backend-ldap) which is to configure AD for customer backend.

 

When completed from the menu Admin->Customer Users I can see the people defined on the AD to access OTRS.

 

Of course they are not able to authenticate. I am reading below section 5.3.2.2 (https://otrs.github.io/doc/manual/admin/stable/en/html/external-backends.html#customer-auth-backend-ldap)

but that doesn’t work with a “wrong password error” although the apache log says “Cannot find ID for USERNAME”

 

What I am trying to understand here is if I need somehow before authenticating to put the AD entries into the OTRS database so that it can retrieve the “username” and then by using the next part to authenticate at the AD using that.

 

If someone could share its configuration would be very nice.

 

In general what I am trying to achieve is not to have any users on OTRS DB and do everything from AD. For the moment I have configured two AD groups one for Agents and one for Customers. Ideally OTRS should be able to distinguish between those and allow login accordingly. So if you have any configuration that you can share it will be much appreciated.

 

Best regards,

 

G.


______________________________________________________________________________
Το περιεχόμενο αυτού του ηλεκτρονικού μηνύματος και τυχόν συνημμένα αρχεία είναι εμπιστευτικά. Απευθύνεται μόνο στους αναφερόμενους παραλήπτες. Αν λάβατε αυτό το μήνυμα εκ παραδρομής, παρακαλείσθε να επικοινωνήσετε αμέσως με τον αποστολέα του μηνύματος ή τον διαχειριστή του συστήματος και να μην αποκαλύψετε σε κανένα το περιεχόμενο. Οι απόψεις που εκφράζονται ανήκουν στον συγγραφέα και δεν εκφράζουν κατ' ανάγκη τις απόψεις της Παγκρήτιας Συνεταιριστικής Τράπεζας.

The contents of this email and any attachments are confidential. It is intended for the named recipients only. If you have received this email in error please notify the system administrator or the sender immediately and do not disclose the contents to anyone. Any views or opinions presented are of the author and not necessarily represent those of Pancretan Cooperative Bank


---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs