Ansicht von 0 Antwort-Themen
-
Beiträge
-
-
Hello All,
I have connected Otobo on a microsoft ActiveDirectory for agent authentication.
This first step is working normally. Now, I need to assign Otobo Roles regarding user’s group in AD.
But, cannot manage this step to work.
This is my configuration and error logs, any advice will be welcomed.
# # Agent Authentication # # # -------------------------------------------------------------------------------------------- $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP'; $Self->{'AuthModule::LDAP::Host'} = 'my.ldap.host'; #name or ip address of the ldap server $Self->{'AuthModule::LDAP::BaseDN'} = 'DC=myhost,DC=com';#domain name $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName'; $Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUID'; # for 2008st domain is 'member' for 2003rd domain is 'memberUID'* $Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=compte technique,OU=Informatique,DC=myhost,DC=com'; # the user that logs in the Ldap. It is also possible to use the Principal Name $Self->{'AuthModule::LDAP::SearchUserPw'} = 'Password'; # the password of the account that logs in the Ldap # ROLE ASSIGNMENT $Self->{'AuthSyncModule::LDAP::UserSyncRolesDefinition'} = { # ldap group 'CN=Supervisors,OU=Informatique,DC=myhost,DC=com' => { # otobo role 'Supervisors' => 1, }, };Now, in systemlogs, I see authentication was good.
User: ctechnique (CN=compte technique,OU=Informatique,DC=myhost,DC=com) authentication ok
But for group assignment, Otobo doesn’t find the user is the „supervisors“ group in AD. (it is for sure).
User: ctechnique not in GroupDN='CN=Supervisors,OU=Informatique,DC=myhost,DC=com', Filter='(memberUid=CN=compte technique,OU=Informatique,DC=myhost,DC=com)'!
Perhaps something wrong with this filter with „memberUid=CN=..“ but cannot found where to change this filter ?
Thanks in advance.
-
Ansicht von 0 Antwort-Themen
- Du musst angemeldet sein, um auf dieses Thema antworten zu können.