Hello again -
I've learned that Active Directory has no 'member' attribute (well, its
blank by default) that OTRS tries to look for as a search filter when
authenticating groups for my Agent. I'm familiar with the
AuthModule::LDAP::AccessAttr setting, however when this is set to:
$Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
...I see in the logs that the filter being used is still based on
'memberUid'. If I set this property to:
$Self->{'AuthModule::LDAP::AccessAttr'} = 'member12345';
...I see in the logs that the filter is then based on 'member12345'.
Its as if this property passes what you assign it to, unless its value
is 'member', otherwise it will pass 'memberUid'. I can't get over this
roadblock.
Secondarily, am I also correct in assuming that I can use this property
to restrict which Agents can actually log in? I know I can further
restrict their access using Roles in OTRS, but as far as simply allowing
or denying login access (regardless of role permissions), is this
sufficient?
Anyone else seen this behaviour before? If so, what did you do to
resolve it?
Thanks!
-dant
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/
