Hi Roy,
yes, I do sync against the samaccountname. I capture it from the kerb login using HTTPBasicAuth::ReplaceRegExp
But that's not the problem: the problem is for the users that cannot do kerberos authentification. I need them to be able to do LDAP auth using OTRS login page, as they did before. Instead, they just get a 'forbidden' error and doesn't get any login page.
Kind regards,
Juan Clavero
-----Mensaje original-----
De: Roy Kaldung [mailto:roy@kaldung.com]
Enviado el: martes, 13 de noviembre de 2012 18:47
Para: User questions and discussions about OTRS.
Asunto: Re: [otrs] Kerberos and LDAP Authentication
On Nov 12, 2012, at 8:06 AM, Juan Manuel Clavero Almirón
Hi Roy, before changing the config, auth and sync were LDAP. I changed auth to Kerberos, but sync was still LDAP.
Check your sync parameter. With mod_auth_kerb you'll get the samaccountname with or without - depends on your configuration - the domain in uppercase. Do you sync against the samaccountname? -Roy -- Roy Kaldung e-mail: roy@kaldung.com