Hi, I have been stalking this list for the past month or so as I got my OTRS up and going. So far everything is beautiful, but there are a few things I would like to do and I just haven't been able to figure them out. I was hoping someone here can help me out. I am running OTRS 2.4.5 on a CentOS 5.4 VMWare machine. It is currently authenticating using LPAD that is housed on another server. Everything works fine, I can log in to both the user and customer pages.

From here I would like to set up security groups to stop everyone in the company from having access to put in and resolve tickets. The users that will be included in these groups are located in multiple organizational units. I can't figure out how to program this in. I have tried to use the groupDN module and such with no avail.

I would also like to set everything up so that when a user logs into the index.pl page for the first time they are automatically given rw status for all areas. I have tried multiple ways of doing this as well. Does anyone have any ideas to help me address these concerns? Below is my current Config.pm minus the permission attempts - I got mad at deleted those. Thank you, Junell #Enable LDAP authentication for Admin $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; $Self->{'AuthModule::LDAP::Host'} = '<ip>'; $Self->{'AuthModule::LDAP::BaseDN'} = 'DC=<company>,DC=<company>,DC=com'; $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=OTRS,CN=Users,DC=<company>,DC=<company>,DC=com'; $Self->{'AuthModule::LDAP::SearchUserPw'} = 'Secret1'; $Self->{'AuthSyncModule'} = 'Kernel::System::Auth::Sync::LDAP'; $Self->{'AuthSyncModule::LDAP::Host'} = 'ip'; $Self->{'AuthSyncModule::LDAP::BaseDN'} = 'DC=<company>,DC=<company>,DC=com'; $Self->{'AuthSyncModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'AuthSyncModule::LDAP::SearchUserDN'} = 'CN=OTRS,CN=Users,DC=<company>,DC=u<company>,DC=com'; $Self->{'AuthSyncModule::LDAP::SearchUserPw'} = 'Secret1'; $Self->{'AuthSyncModule::LDAP::UserSyncMap'} = { UserFirstname => 'givenName', UserLastname => 'sn', UserEmail => 'userPrincipalName', }; #Customer (customer.pl) authentication $Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP'; $Self->{'Customer::AuthModule::LDAP::Host'} = '<ip>'; $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'DC=plusone,DC=us,DC=com'; # $Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'CN=ORTS Users,CN=Users,DC=<company>,DC=<company>,DC=com'; # $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member'; # $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'; $Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'CN=OTRS,CN=Users,DC=<company>,DC=<company>,DC=com'; $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'Secret1'; #CustomerUser #(customer user database backend and settings) $Self->{CustomerUser} = { Module => 'Kernel::System::CustomerUser::LDAP', Params => { Host => '<ip>', BaseDN => 'DC=<company>,DC=<company>,DC=com', SSCOPE => 'sub', UserDN => 'CN=OTRS,CN=Users,DC=<company>,DC=<company>,DC=com', UserPw => 'Secret1', }, ## customer unique id CustomerKey => 'sAMAccountName', ## # customer # CustomerID => 'sAMAccountName', CustomerUserListFields => ['sAMAccountName', 'cn', 'userPrincipalName'], CustomerUserSearchFields => ['sAMAccountName', 'cn', 'userPrincipalName'], CustomerUserSearchPrefix => '', CustomerUserSearchSuffix => '*', CustomerUserSearchListLimit => 1000, CustomerUserPostMasterSearchFields => ['userPrincipalName'], CustomerUserNameFields => ['givenname', 'sn'], Map => [ # note: Login, Email and CustomerID needed! #var, frontend, storage, shown, required, storage-type [ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ], [ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ], [ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ], [ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ], [ 'UserEmail', 'Email', 'userPrincipalName', 1, 1, 'var' ], [ 'UserCustomerID', 'CustomerID', 'userPrincipalName', 0, 1, 'var' ], [ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ], # [ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ], [ 'UserComment', 'Comment', 'description', 1, 0, 'var' ], ], };