On Friday, March 19, 2004 11:04 AM
Thomas Nilsen
How can I disable this feature, and only allow already "approved" users access. By "approved", I mean users which I manually add to the system_user table. It's not pretty, but it works for us.
You're looking for this feature: # Check if the user is allowed to auth in a posixGroup # (e. g. user needs to be in a group xyz to use otrs) $Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=otrsallow,ou=posixGroups,dc=example,dc=com'; $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'memberUid'; # for ldap posixGroups objectclass (just uid) # $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID'; # for non ldap posixGroups objectclass (full user dn) $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'; The corresponding LDIF: version: 1 # LDIF Export for: cn=otrsallow,ou=posixGroups,dc=example,dc=com # Generated by phpLDAPadmin on March 19, 2004 3:31 pm # Server: example.com (ldap.example.com) # Search Scope: base # Total entries: 1 # Entry 1: cn=otrsallow,ou=posixGroups,dc=example,dc=com dn: cn=otrsallow,ou=posixGroups,dc=example,dc=com cn: otrsallow gidNumber: 2000 objectClass: posixgroup objectClass: top memberUid: customerA memberUid: customerB memberUid: customerC You want to adapt the above to suit your ADS, possibly use sAMAccountName somewhere... hth, Robert Kehl -- ((otrs.de)) :: OTRS GmbH :: Norsk-Data-Str. 1 :: 61352 Bad Homburg http://www.otrs.de/ :: Tel. +49 (0)6172 4832388