The problems with AD is that group memberships doesn't comply with the standard LDAP posix group structure. Group members in AD are listed with a serial number type entry - which doesn't directly reflect the users.. and I haven't quite figured out that it actually does reflect..
What I was thinking of was just commenting out the code that allows "self registration" on the login page... if i knew where it is... ;-) Regards, Thomas >-----Original Message----- >From: Robert Kehl [mailto:[EMAIL PROTECTED] >Sent: Friday, March 19, 2004 3:35 PM >To: User questions and discussions about OTRS. >Subject: Re: [otrs] Limit Agent user registration > > >On Friday, March 19, 2004 11:04 AM >Thomas Nilsen <[EMAIL PROTECTED]> wrote: >> How can I disable this feature, and only allow already "approved" >> users access. By "approved", I mean users which I manually add to the >> system_user table. It's not pretty, but it works for us. > >You're looking for this feature: > > # Check if the user is allowed to auth in a posixGroup > # (e. g. user needs to be in a group xyz to use otrs) > $Self->{'Customer::AuthModule::LDAP::GroupDN'} = >'cn=otrsallow,ou=posixGroups,dc=example,dc=com'; > $Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'memberUid'; > # for ldap posixGroups objectclass (just uid) ># $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'UID'; > # for non ldap posixGroups objectclass (full user dn) > $Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'; > >The corresponding LDIF: > >version: 1 > ># LDIF Export for: cn=otrsallow,ou=posixGroups,dc=example,dc=com ># Generated by phpLDAPadmin on March 19, 2004 3:31 pm ># Server: example.com (ldap.example.com) ># Search Scope: base ># Total entries: 1 > ># Entry 1: cn=otrsallow,ou=posixGroups,dc=example,dc=com >dn: cn=otrsallow,ou=posixGroups,dc=example,dc=com >cn: otrsallow >gidNumber: 2000 >objectClass: posixgroup >objectClass: top >memberUid: customerA >memberUid: customerB >memberUid: customerC > >You want to adapt the above to suit your ADS, possibly use >sAMAccountName somewhere... > >hth, > >Robert Kehl > >-- >((otrs.de)) :: OTRS GmbH :: Norsk-Data-Str. 1 :: 61352 Bad Homburg > http://www.otrs.de/ :: Tel. +49 (0)6172 4832388 > >_______________________________________________ >OTRS mailing list: otrs - Webpage: http://otrs.org/ >Archive: http://lists.otrs.org/pipermail/otrs >To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs >Support oder Consulting f�r Ihr OTRS System? >=> http://www.otrs.de/ > DISCLAIMER: This message contains information that may be privileged or confidential and is the property of the Roxar Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorised to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support oder Consulting f�r Ihr OTRS System? => http://www.otrs.de/
