Hello, I've installed otrs and having some things to configure, I'd like to be sure I understand the queues/groups/agents/customer permission system correctly. * A queue is associated to a Group * each agent can be associated to groups with a set of permissions (ro, create, ..., rw) * when there are more and more Queues, Groups and Agents, it is easier to create roles * each role can be associated to groups with a set of permissions (ro, create, ..., rw) * just associate a user with a role, and he gets the role's permissions Is this correct ? When you want to authorize reading to a queue or ticket creation in it, you have to give the user ro or create permission to the group the queue belongs to, isn't it ? Now, I have : * a queue for our IT staff (10 agents), let's call it "ITqueue". It belongs to group "IT". * 300 customers in our ldap backend, which all belong to group "Clients" ( $Self->{CustomerGroupAlwaysGroups} = ['Clients']; ) I would like to give these customers read and create rights on the "ITqueue", but can't figure how. I think I should associate them all to a role ("Client") that would have ro & create rights on group "IT", but how would I automatically give this role to all these 300 customers ? By the way, I use otrs 2.2.4 Would anybody have an idea ? Thanks in advance, -- Mikael Kermorgant
How can I make OTRS check it's POP3 mailbox more often?
How can I make OTRS check it's POP3 mailbox more often?
See the end of section 7.2.1 for details (http://doc.otrs.org/2.3/en/html/x1331.html). It's controlled via a croon job. gl, LQ
Hello, I've installed otrs and having some things to configure, I'd like to be sure I understand the queues/groups/agents/customer permission system correctly. * A queue is associated to a Group * each agent can be associated to groups with a set of permissions (ro, create, ..., rw) * when there are more and more Queues, Groups and Agents, it is easier to create roles * each role can be associated to groups with a set of permissions (ro, create, ..., rw) * just associate a user with a role, and he gets the role's permissions Is this correct ? Yes, it's totally correct!!! When you want to authorize reading to a queue or ticket creation in it, you have to give the user ro or create permission to the group the queue belongs to, isn't it ? You guess it!!! Now, I have : * a queue for our IT staff (10 agents), let's call it "ITqueue". It belongs to group "IT". * 300 customers in our ldap backend, which all belong to group "Clients" ( $Self->{CustomerGroupAlwaysGroups} = ['Clients']; ) I would like to give these customers read and create rights on the "ITqueue", but can't figure how. I think I should associate them all to a role ("Client") that would have ro & create rights on group "IT", but how would I automatically give this role to all these 300 customers ? By the way, I use otrs 2.2.4 Would anybody have an idea ? Uhm... sorry, maybe I can't understand exactly what you mean due to the fact that english is not my primary language but.. The customers should access the system through the customer interface (customer.pl): so they usually don't have need a role, since they can only "read only" and "create" by definition. They can only belongs to some group, just in case you have more than one queue and you need to hide some of those queues from customer's eyes. Simply activate $Self->{'CustomerGroupSupport'} = '1' if you need group support for customers, the put those 300 clients in "IT" group, which should be the same group to which your ITQueue Agents belongs to. Ciao, d.
2009/1/23 CARNINO Daniele (FIAT ITEM)
Would anybody have an idea ?
*Uhm... sorry, maybe I can't understand exactly what you mean due to the fact that english is not my primary language but..* *The customers should access the system through the customer interface (customer.pl): so they usually don't have need a role, since they can only "read only" and "create" by definition.* *They can only belongs to some group, just in case you have more than one queue and you need to hide some of those queues from customer's eyes.*
Thanks for this explanation, it's good to hear this because I was a bit hesitating to modify these parameters by just guessing the consequences ! Regards, -- Mikael Kermorgant
On Wed, Jan 21, 2009 at 11:22 PM, Mikael Kermorgant < mikael.kermorgant@gmail.com> wrote:
Now, I have : * a queue for our IT staff (10 agents), let's call it "ITqueue". It belongs to group "IT". * 300 customers in our ldap backend, which all belong to group "Clients" ( $Self->{CustomerGroupAlwaysGroups} = ['Clients']; )
I would like to give these customers read and create rights on the "ITqueue", but can't figure how. I think I should associate them all to a role ("Client") that would have ro & create rights on group "IT", but how would I automatically give this role to all these 300 customers ?
Hello, I've ended associating all customers to group IT. From what I've tested, things seem quite OK this way : they are allowed to see their own tickets but not others, and create new ones from the web interface. $Self->{CustomerGroupAlwaysGroups} = ['Clients', 'IT']; Regards, -- Mikael Kermorgant
participants (4)
-
CARNINO Daniele (FIAT ITEM) -
Levi_Ruiz@ord.uscourts.gov -
LQ Marshall -
Mikael Kermorgant