Hello all,
We had a very similar issue trying to authenticate Customer accounts against
LDAP provided by Windows 2012 R2. We finally tracked down a solution (worked
for us, your results may vary) by modifying the lookup code that checks to see
if a user account is enabled.
A code snippet from our Config.pm file appears below. My understanding is
that since Win2008 the 'enabled' value is no longer stored as a discreet value,
but is instead contained in a hash that combines the results of the state of
many user account attributes. I don't have a deep knowledge of this, but
hopefully this can serve as a starting point for further investigation.
Code snippet to test for 'enabled' state on user account:
# in case you want to add always one filter to each ldap query, use
# this option. e. g. AlwaysFilter => '(mail=*)' or AlwaysFilter =>
'(objectclass=user)'
$Self->{'AuthModule::LDAP::AlwaysFilter'} =
'(&(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))';
Thanks,
Pat
From: otrs-boun...@otrs.org [mailto:otrs-boun...@otrs.org] On Behalf Of LQ
Marshall
Sent: Friday, October 10, 2014 1:02 PM
To: 'User questions and discussions about OTRS.'
Subject: Re: [otrs] Authentication failed for customers - Windows 2012 R2 AD
LDAP
Importance: Low
Raul - sounds like packet capture time...
From: otrs-boun...@otrs.org<mailto:otrs-boun...@otrs.org>
[mailto:otrs-boun...@otrs.org] On Behalf Of Raul Libório
Sent: Friday, October 10, 2014 1:59 PM
To: User questions and discussions about OTRS.
Subject: Re: [otrs] Authentication failed for customers - Windows 2012 R2 AD
LDAP
Marshall,
Yes, I have also read something about that but I can not remember that was
related. I'm looking to find these parameters, if a problem of AD.
Alvaro, my problem is with customers. I'm using the sAMAccountName for
authentication, as the mapping done in Config.pm
Thanks!
Raul Libório
http://rauhmaru.blogspot.com/
openSUSE Member | Linux User #4444581
On Fri, Oct 10, 2014 at 12:18 PM, Alvaro Cordero
<alv...@gridshield.net<mailto:alv...@gridshield.net>> wrote:
Did you verify what are you using to authenticate as uuid, email,
SAMAccountname, other, that affects too. Also, are you having issues
authenticating agents or customers?
Regards
2014-10-09 15:11 GMT-06:00 Raul Libório
<rauhm...@gmail.com<mailto:rauhm...@gmail.com>>:
Hello
I have an Active Directory installed on Windows Server 2012 R2. The OTRS can
view all users, however, when I try to authenticate, displays error like
username or password is incorrect.
Does anyone have any tips on how to solve?
Thanks
Raul Libório
http://rauhmaru.blogspot.com/
openSUSE Member | Linux User #4444581
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
--
___________________________
Alvaro Cordero Retana
Consultor de Tecnologias
Gridshield Monitoreo de Redes e
Infraestructura.
2258-5757 ext 123
alv...@gridshield.net<mailto:alv...@gridshield.net>
www.gridshield.net<http://www.gridshield.net>
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Confidentiality Notice: The information contained in, and any attachments to,
this message may be confidential, private and protected by federal and/or state
law from use and disclosure. Therefore, this message is intended to be read
only by the individual or organization named above to which it was sent, even
if it was sent to you in error. If you are not the intended recipient, then any
disclosure, distribution, duplication or dissemination of any information
contained in this message or any attachments to this message is strictly
prohibited and may be unlawful. If you have received this message in error,
please notify the sender immediately by return e-mail and then delete this
message from your computer system. Thank you for your compliance.
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
