Viewing 0 reply threads
  • Author
    • #12858
      Karl67 Karl

      Hello All,

      I have connected Otobo on a microsoft ActiveDirectory for agent authentication.

      This first step is working normally. Now, I need to assign Otobo Roles regarding user’s group in AD.

      But, cannot manage this step to work.

      This is my configuration and error logs, any advice will be welcomed.

      # # Agent Authentication #
      # # --------------------------------------------------------------------------------------------
      $Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
      $Self->{'AuthModule::LDAP::Host'} = ''; #name or ip address of the ldap server
      $Self->{'AuthModule::LDAP::BaseDN'} = 'DC=myhost,DC=com';#domain name
      $Self->{'AuthModule::LDAP::UID'} = 'sAMAccountName';
      $Self->{'AuthModule::LDAP::AccessAttr'} = 'memberUID'; # for 2008st domain is 'member' for 2003rd domain is 'memberUID'*
      $Self->{'AuthModule::LDAP::SearchUserDN'} = 'CN=compte technique,OU=Informatique,DC=myhost,DC=com'; # the user that logs in the Ldap. It is also possible to use the Principal Name
      $Self->{'AuthModule::LDAP::SearchUserPw'} = 'Password'; # the password of the account that logs in the Ldap
      $Self->{'AuthSyncModule::LDAP::UserSyncRolesDefinition'} = {
      # ldap group
      'CN=Supervisors,OU=Informatique,DC=myhost,DC=com' => {
      # otobo role
      'Supervisors' => 1,

      Now, in systemlogs, I see authentication was good.

      User: ctechnique (CN=compte technique,OU=Informatique,DC=myhost,DC=com) authentication ok

      But for group assignment, Otobo doesn’t find the user is the „supervisors“ group in AD. (it is for sure).

      User: ctechnique not in GroupDN='CN=Supervisors,OU=Informatique,DC=myhost,DC=com', Filter='(memberUid=CN=compte technique,OU=Informatique,DC=myhost,DC=com)'!

      Perhaps something wrong with this filter with „memberUid=CN=..“ but cannot found where to change this filter ?

      Thanks in advance.

      • This topic was modified 8 months, 2 weeks ago by Karl67 Karl.
Viewing 0 reply threads
  • You must be logged in to reply to this topic.