On Thu, Feb 19, 2004 at 11:15:26AM -0600, Jason Joines wrote:
I got User LDAP authentication working. Anyone who could authenticate to my directory could login. However, I need to restrict it so I created a group in the directory:
dn: cn=otrs,dc=mydomain,dc=org objectClass: posixGroup gidNumber: 523 cn: otrs description: People in Support Services, etc., who can use OTRS memberUid: jo memberUid: don memberUid: sam
Then I modified the Kernel/Config.pm file and added:
$Self->{'AuthModule::LDAP::GroupDN'} = 'cn=otrs,dc=mydomain,dc=org'; $Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid';
Then, jo, don, and sam along with everyone else were no longer able to log in. The error in the log is:
User: jo login failed, no LDAP group entry foundGroupDN='cn=otrs,dc=mydomain,dc=org', Filter='(memberUid=uid=jo,dc=mydomain,dc=org)'! (REMOTE_ADDR: 172.16.9.159).
What setting should I use to require membership in my group?
[Kernle/Config.pm] # for ldap posixGroups objectclass (just uid) $Self->{'AuthModule::LDAP::UserAttr'} = 'UID'; [...] See Kernel/Config/Defaults.pm.
Thanks,
Jason Joines =============
Martin Edenhofer -- ((otrs.de)) :: OTRS GmbH :: Norsk-Data-Str. 1 :: 61352 Bad Homburg http://www.otrs.de/ :: Manage your communication!