Hello,
I've installed otrs
and having some things to configure, I'd like to be sure I understand the
queues/groups/agents/customer permission system correctly.
* A queue is
associated to a Group
* each agent can be associated to groups with a set of
permissions (ro, create, ..., rw)
* when there are more and more Queues,
Groups and Agents, it is easier to create roles
* each role can be
associated to groups with a set of permissions (ro, create, ..., rw)
* just
associate a user with a role, and he gets the role's permissions
Is this
correct ?
Yes, it's totally
correct!!!
When
you want to authorize reading to a queue or ticket creation in it, you have to
give the user ro or create permission to the group the queue belongs to, isn't
it ?
You guess
it!!!
Now, I have
:
* a queue for our IT staff (10 agents), let's call it "ITqueue". It belongs
to group "IT".
* 300 customers in our ldap backend, which all belong to group
"Clients" ( $Self->{CustomerGroupAlwaysGroups} =
['Clients']; )
I would like to give these customers read and create
rights on the "ITqueue", but can't figure how. I think I should associate them
all to a role ("Client") that would have ro & create rights on group "IT",
but how would I automatically give this role to all these 300 customers ?
By
the way, I use otrs 2.2.4
Would anybody have
an idea ?
Uhm... sorry, maybe I can't understand exactly what you
mean due to the fact that english is not my primary language
but..
The customers should access the system through the customer
interface (customer.pl): so they usually don't have need a role, since
they can only "read only" and "create" by
definition.
They can only belongs to some group, just in case you have
more than one queue and you need to hide some of those queues from customer's
eyes.
Simply activate $Self->{’CustomerGroupSupport’} = ’1’ if you need
group support for customers, the put those 300 clients in "IT" group, which
should be the same group to which your ITQueue Agents belongs
to.
Ciao, d.