RE: [otrs] two problems with LDAP authentication

My understanding is that you can specify only one backend for Agent authentication. However, you can specify multiple backends for user auth. Kurt O'Connor Linn State Technical College kurt.oconnor@linnstate.edu 573-897-5275 ---------------------------------------------------------- -----Original Message----- From: otrs-bounces@otrs.org [mailto:otrs-bounces@otrs.org] On Behalf Of Andy Lubel Sent: Friday, November 09, 2007 9:58 AM To: User questions and discussions about OTRS.org Subject: Re: [otrs] two problems with LDAP authentication ... Your second issue is that you cant get multiple backends working? When you configure multiple backends and go to the user management you should see a drop-down with each backend. -Andy On 11/9/07 5:57 AM, "Daniele" wrote:

Thank you again. I logged in as admin through the db authentication. I gave to my LDAP account admin rights so I am safe. I added LDAP interface rows to config.pm and all seems to work fine. The problem now is that no agent can log in OTRS if their name/record is not in LDAP db. This is, in my opinion, an OTRS problem.

For the missing field I made a second installation and I replaced my old db with the new one. I missed all my stuff (nothing, it was only a

local demo server) but I found again the field.

A question: Is there a way to have more than one form for customers? Or, is there a way to have a specific ticket form for each queue? I read about a lot of people asking for it, but not any answer.

Can I create a php form with the same action of ticket form

<form action="/otrs/customer.pl" method="post" name="compose" enctype="multipart/form-data"> <input type="hidden" name="Action" value="CustomerTicketMessage"> <input type="hidden" name="Subaction" value="StoreNew"> <input type="hidden" name="Expand" value=""> <input type="hidden" name="FormID" value="1194532037.5609107.86464706"> bla bla bla </form>

to populate the otrs new ticket requests?

Thank you in advance. Daniele

Andy Lubel ha scritto:

...

They may want to have a customer or agent backend that's not tied into LDAP?

If that's so, Ive never done it but there is some rather weak documentation @ otrs on how to do it:

http://doc.otrs.org/2.2/en/html/x1572.html#multiple-customer-backends

Sorry I cant help too much since we are 100% ldap backended :(

-Andy

On 11/8/07 10:37 AM, "Kurt OConnor" wrote:

...

There shouldn't be a need, to have both DB and LDAP Admin auth. The

...

...

SQL query that Daniele is offering will give an LDAP user admin rights. Then there shouldn't be a need for a DB Admin to login ever again.

Kurt O'Connor Linn State Technical College kurt.oconnor@linnstate.edu 573-897-5275 ---------------------------------------------------------- -----Original Message----- From: otrs-bounces@otrs.org [mailto:otrs-bounces@otrs.org] On Behalf

...

...

Of Daniele Sent: Thursday, November 08, 2007 2:51 AM To: User questions and discussions about OTRS.org Subject: Re: [otrs] two problems with LDAP authentication

Thank you both. Yes, I already used the new syntax for UserSyncLDAPMap. I also got inside OTRS as admin using DB auth and I added to my LDAP

...

...

account admin rights.

My problem is that I can not use both authentications at the same time FOR ADMIN AND AGENTS. I use DB auth OR LDAP auth, non both. It this possible? If so, how?

My second problem is that if I get into OTRS 2.2.3 through DB authentication the [ User Management ] area of the admin > [ User ] section is ok, otherwise I can't see the user field. See attachment.

Any suggestion? Thank you in advance. Daniele

...

That's for old version the new version, the syntax is as follows:

# UserSyncLDAPMap # (map if agent should create/synced from LDAP to DB after login) $Self->{UserSyncLDAPMap} = { # DB -> LDAP UserFirstname => 'givenName', UserLastname => 'sn', UserEmail => 'mail', };

You will also need to go into the database once you log in for the first time (with no rights but the defaults), log back out and do an update in the system_user table to make your LDAP account the new

admin.

...

Good news is I am building a test environment today so if you have trouble doing that update query to make your account the admin, I could paste the SQL code to make that happen :)

-Andy

On 11/7/07 12:32 PM, "Kurt OConnor"

wrote:

...

...

Check that you have the right names for this mapping.

# UserSyncLDAPMap # (map if agent should create/synced from LDAP to DB after

login)

...

...

$Self->{UserSyncLDAPMap} = { # DB -> LDAP Firstname => 'givenName', Lastname => 'sn', Email => 'mail', };

Kurt O'Connor Linn State Technical College kurt.oconnor@linnstate.edu 573-897-5275 ---------------------------------------------------------- -----Original Message----- From: otrs-bounces@otrs.org [mailto:otrs-bounces@otrs.org] On Behalf Of Daniele Sent: Wednesday, November 07, 2007 8:05 AM To: otrs@otrs.org Subject: [otrs] two problems with LDAP authentication

I updated otrs from 2.0.4 to 2.2.3 yesterday on my debian server. I didn't change the db. I am still using the previous installation

...

...

...

...

mySQL db.

Today, if I use internal DB authentication I can get inside my OTRS as admin and all is fine.

But, if I change my kernel/config.pm to use LDAP authentication, I

...

...

...

...

get the following two problems.

1st. I no longer can get in as DB admin, I MUST use a different admin

account from MS AD. 2nd. I no longer can get/see the edit field to enter user names on

...

...

...

...

the left side of the [ User Management ] area of the admin > [ User ]

section

Can someone help me, please? Thank you in advance. Daniele _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/ NOTE:

This e-mail transmission may contain confidential information. If you are not the intended recipient, employee or agent responsible for delivering this information to the intended recipient, unauthorized disclosure, copying, distribution or use of the contents

of this transmission is strictly prohibited. If you have received

...

...

...

...

this e-mail in error, please immediately notify the sender and delete

it from your computer. Thank you for your compliance. _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/

NOTE:

This e-mail transmission may contain confidential information. If you are not the intended recipient, employee or agent responsible

...

...

for delivering this information to the intended recipient, unauthorized disclosure, copying, distribution or use of the contents of this transmission is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and delete it from your computer. Thank you for your compliance. _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/

_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/

_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/ --

_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/ NOTE: This e-mail transmission may contain confidential information. If you are not the intended recipient, employee or agent responsible for delivering this information to the intended recipient, unauthorized disclosure, copying, distribution or use of the contents of this transmission is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and delete it from your computer. Thank you for your compliance.