Martin Edenhofer wrote:
Hi Atif, Atif "The LDAP Guy" Ghaffar! ,-)
Noh. I am not LDAP guy, I just dont like to replicate data here and there, gets a bit messy to manage sometimes (read: every time)
The users/groups/queues design is fixed to DB. Because the database_user_id (also database_group_id and database_queue_id) is used as reference for owner, ... and in some big selects (one select is faster then 2 or more).
Yup, I've been a bit through the code. Its very much tied to the DB. Perhaps in future releases, we can put a bit of abstraction so its not tied to anything. (just an idea)
Solution: * It's easy to add LDAP support for the OpenTRS authentication (Kernel/System/Auth.pm).
I would prefer Kernel/System/Auth/Driver1.pm Kernel/System/Auth/Driver2.pm Kernel/System/Auth/Driver3.pm This way, most DB/LDAP/XML specific stuff can be in the Drivers, where as Kernel/System/Auth.pm, just worries about authentification.
* How about a sync-script (e. g. ldap2db.pl) to sync the OpenTRS user table with LDAP (e. g. via cron).
Yes, that is also another possibility. Do you have API docs? I would like to have CLI tools for otrs. addticket, adduser, addgroup, addadmin etc then other programs can make calls easier.
It would be much work to split users/groups/queues from the database. Maybe a feature for a new major release?!
I'll see what I can do to help you. best regards. -- Atif Ghaffar ---------------------------. +41 78 845 31 64 ¦ tel aghaffar@developer.ch ¦ email http://atifghaffar.com ¦ www 8206786 ¦ icq