On Thu, Feb 19, 2004 at 11:15:26AM -0600, Jason Joines wrote:
> I got User LDAP authentication working. Anyone who could
> authenticate to my directory could login. However, I need to restrict
> it so I created a group in the directory:
>
> dn: cn=otrs,dc=mydomain,dc=org
> objectClass: posixGroup
> gidNumber: 523
> cn: otrs
> description: People in Support Services, etc., who can use OTRS
> memberUid: jo
> memberUid: don
> memberUid: sam
>
>
> Then I modified the Kernel/Config.pm file and added:
>
> $Self->{'AuthModule::LDAP::GroupDN'} = 'cn=otrs,dc=mydomain,dc=org';
> $Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUid';
>
>
> Then, jo, don, and sam along with everyone else were no longer able
> to log in. The error in the log is:
>
> User: jo login failed, no LDAP group entry
> foundGroupDN='cn=otrs,dc=mydomain,dc=org',
> Filter='(memberUid=uid=jo,dc=mydomain,dc=org)'! (REMOTE_ADDR: 172.16.9.159).
>
> What setting should I use to require membership in my group?
[Kernle/Config.pm]
# for ldap posixGroups objectclass (just uid)
$Self->{'AuthModule::LDAP::UserAttr'} = 'UID';
[...]
See Kernel/Config/Defaults.pm.
> Thanks,
>
> Jason Joines
> =============
Martin Edenhofer
--
((otrs.de)) :: OTRS GmbH :: Norsk-Data-Str. 1 :: 61352 Bad Homburg
http://www.otrs.de/ :: Manage your communication!
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support oder Consulting f�r Ihr OTRS System?
=> http://www.otrs.de/
