Ldap Authenticated customers are not noted in DB
Moderator: crythias
Ldap Authenticated customers are not noted in DB
Hello Guys,
Finally I have made a proper configuration of LDAP for our OTRS instance but unfortunatelly when any customer is logging in to customer view he has not leave any entry or trace in DB. Do you know how to configure LDAP authentcation to duplicate customers in the database? I made a configuration for agents on that way that if some agent logs in his login and password is duplicated in database in table "SELECT * FROM users".
Finally I have made a proper configuration of LDAP for our OTRS instance but unfortunatelly when any customer is logging in to customer view he has not leave any entry or trace in DB. Do you know how to configure LDAP authentcation to duplicate customers in the database? I made a configuration for agents on that way that if some agent logs in his login and password is duplicated in database in table "SELECT * FROM users".
Re: Ldap Authenticated customers are not noted in DB
Hi,
there is no customer user sync available.
Flo
there is no customer user sync available.
Flo
OTRS 8 SILVER (Prod)
OTRS 8 auf Debian 11 (Test)
Znuny 7.x latest version testing auf Debian 11
-- Ich beantworte keine Forums-Fragen PN - No PN please
I won't answer to unfriendly users any more. A greeting and regards are just polite.
OTRS 8 auf Debian 11 (Test)
Znuny 7.x latest version testing auf Debian 11
-- Ich beantworte keine Forums-Fragen PN - No PN please
I won't answer to unfriendly users any more. A greeting and regards are just polite.
Re: Ldap Authenticated customers are not noted in DB
There is no sync In all version of OTRS?
Maybe with some background there will be easier to find a solution.
I have a lot of customers on my OTRS instance who is authenticating via LDAP.
All of that users - because they are authenticating via LDAP - have a CustomerID as their mail mentioned in AD, of course it can be any value mentioned in their account in AD .
If customerA create a ticket only he can see and edit it because he has unique CustomerID. CustomerB can not view a ticket of CustomerA because he have other unique CustimerID. I want to add ability for CustomerA to control which customer can view his ticket. I thought that I will acheive this creating a CustomerID as a ticket number and put there both Customers using GenericAgent and some python script which made a changes in database, but LDAP customers do not leave any entries in DB despite of table Ticket . I will be very thankfull for solution of it.
Hope you guys well during this whole Corona thing.
Maybe with some background there will be easier to find a solution.
I have a lot of customers on my OTRS instance who is authenticating via LDAP.
All of that users - because they are authenticating via LDAP - have a CustomerID as their mail mentioned in AD, of course it can be any value mentioned in their account in AD .
If customerA create a ticket only he can see and edit it because he has unique CustomerID. CustomerB can not view a ticket of CustomerA because he have other unique CustimerID. I want to add ability for CustomerA to control which customer can view his ticket. I thought that I will acheive this creating a CustomerID as a ticket number and put there both Customers using GenericAgent and some python script which made a changes in database, but LDAP customers do not leave any entries in DB despite of table Ticket . I will be very thankfull for solution of it.
Hope you guys well during this whole Corona thing.
Re: Ldap Authenticated customers are not noted in DB
Hi,
use CustomerIDs.
no scripts, no generic agent, no changes in database.
Flo
yes.
https://doc.otrs.com/doc/manual/admin/6 ... ckets-ldapmaro584 wrote: ↑19 Mar 2020, 17:30 If customerA create a ticket only he can see and edit it because he has unique CustomerID. CustomerB can not view a ticket of CustomerA because he have other unique CustimerID. I want to add ability for CustomerA to control which customer can view his ticket. I thought that I will acheive this creating a CustomerID as a ticket number and put there both Customers using GenericAgent and some python script which made a changes in database, but LDAP customers do not leave any entries in DB despite of table Ticket . I will be very thankfull for solution of it.
use CustomerIDs.
no scripts, no generic agent, no changes in database.
Flo
OTRS 8 SILVER (Prod)
OTRS 8 auf Debian 11 (Test)
Znuny 7.x latest version testing auf Debian 11
-- Ich beantworte keine Forums-Fragen PN - No PN please
I won't answer to unfriendly users any more. A greeting and regards are just polite.
OTRS 8 auf Debian 11 (Test)
Znuny 7.x latest version testing auf Debian 11
-- Ich beantworte keine Forums-Fragen PN - No PN please
I won't answer to unfriendly users any more. A greeting and regards are just polite.
Re: Ldap Authenticated customers are not noted in DB
You suggent to put in field:
CustomerID => 'customer_id',
Some name of customerID but it will caused that all customers will have the same customerId and a effect of thi will be that every customer user will have a ability to see all of the tickets. What I want to achieve is that all customers will only have an access to their ticket but also they will have abbility to assign some other ldap user to see his ticket.
CustomerID => 'customer_id',
Some name of customerID but it will caused that all customers will have the same customerId and a effect of thi will be that every customer user will have a ability to see all of the tickets. What I want to achieve is that all customers will only have an access to their ticket but also they will have abbility to assign some other ldap user to see his ticket.
Re: Ldap Authenticated customers are not noted in DB
this requires an additional Feature Add On to have additional customers assigned to the ticket
"Production": OTRS™ 8, OTRS™ 7, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
Re: Ldap Authenticated customers are not noted in DB
One more thing , support for the same problem advise me something like below, so I will share it and maybe it helps anybody in any case:
//But is there any way to configure ldap authentication of customers that customers will be stored in db?
you can use the script /opt/otrs/scripts/contrib/otrs.SyncLDAP2DB.pl to synch LDAP data to your local DB.
Configure your LDAP settings in the script and run in frequently as you need it (daily, hourly,...).
Treat all your Customer Users now as coming from local DB, the script just reads the LDAP information and copies the data to the local DB.
Be aware this will lead to delays, any change in LDAP is synchronized on next run of the script.
But when I am trying to use this script I have received an error like this:
otrs.SyncLDAP2DB.pl: IO::Socket::INET: Bad hostname 'bay.csuhayward.edu' at ./otrs.SyncLDAP2DB.pl line 69.
And I think the cause of it is network issues in my company (proxy)
//But is there any way to configure ldap authentication of customers that customers will be stored in db?
you can use the script /opt/otrs/scripts/contrib/otrs.SyncLDAP2DB.pl to synch LDAP data to your local DB.
Configure your LDAP settings in the script and run in frequently as you need it (daily, hourly,...).
Treat all your Customer Users now as coming from local DB, the script just reads the LDAP information and copies the data to the local DB.
Be aware this will lead to delays, any change in LDAP is synchronized on next run of the script.
But when I am trying to use this script I have received an error like this:
otrs.SyncLDAP2DB.pl: IO::Socket::INET: Bad hostname 'bay.csuhayward.edu' at ./otrs.SyncLDAP2DB.pl line 69.
And I think the cause of it is network issues in my company (proxy)
-
- Administrator
- Posts: 3968
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: Ldap Authenticated customers are not noted in DB
Hi,
that is the hostname of the LDAP server in the script. You should think about adjusting parameters according to your environment.
- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Re: Ldap Authenticated customers are not noted in DB
Yes, you have right, silly me
I have tested this script, and yes it duplicate a users from ldap to DB.
I think we can close a topic and enjoy this solution
Have a happy quarantine
I have tested this script, and yes it duplicate a users from ldap to DB.
I think we can close a topic and enjoy this solution
Have a happy quarantine
Re: Ldap Authenticated customers are not noted in DB
Unfortunatelly it is not working as I thought, something is going wrong.
Now in the the table customer_user there are a users from AD but no password in pw column. Does anybody know what is wrong here?
Now in the the table customer_user there are a users from AD but no password in pw column. Does anybody know what is wrong here?
Re: Ldap Authenticated customers are not noted in DB
Passwords can not be fetched by LDAP for security reasons. So the script sets test as a password and the customer users should use the password forgotten function the create a local password.
You still could mix the customer data (from DB) and the authentification (via LDAP) but I strongly advise to get some deeper experience with OTRS first (like admin training)
You still could mix the customer data (from DB) and the authentification (via LDAP) but I strongly advise to get some deeper experience with OTRS first (like admin training)
"Production": OTRS™ 8, OTRS™ 7, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com