date:20151124

[otrs] Limit help desk access

2015-11-24 Thread Edson Richter


Hi!

Is there any way to implement such configuration scenario?

1) Help desk employees and technicians can access OTRS from our Remote 
Desktop Server only (it can be a source IP address check)

2) Customers can access from anywhere

I believe this could be achieved in two ways:

1) In user configuration, set IP address restriction (better, IMHO). If 
the configuration is empty, then it can Access from anywhere.
2) Customizing the code for each restricted page (which ones?), except 
pages customer would have access to.


Has anyone tried anything similar?
Any tips on how to achieve that?


Thanks,

--
Atenciosamente,

Edson Carlos Ericksson Richter

-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Re: [otrs] Limit help desk access

2015-11-24 Thread Raul Orav

We are using 2 step authentification - Google Auth and https and allow acces 
from outside too.

Regards,
Raul 

> On 24 Nov 2015, at 19:32, Edson Richter  wrote:
> 
> 1) Help desk employees and technicians can access OTRS from our Remote 
> Desktop Server only (it can be a source IP address check)

-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

[otrs] OTRS CMDB search and CIAttributeCollection

2015-11-24 Thread Raul Orav

Hello,

Please give me some advice. I’m stuck.

I upgraded just to OTRS 5.0.3. It seems that when using CIAttributeCollection 
then CMDB search window doesn’t work - it’s not possible to select “Additional 
filters”. For example when I want to search by CI name - I can’t select by 
name. This “+” doesn’t work. By the way - I have noticed that I can’t work 
without “CIAttributeCollection” - after upgrading (tried 5.0 and 5.0.1 also) 
CMDB doesn’t work without “ CIAttributeCollection”. If I remember correctly - 
the same issue was when upgraded to OTRS 4 also. 

If I remove “ CIAttributeCollection” then everything works, until some time or 
until I restart Apache2 - then I get “Internal server error”. It looks like I’m 
not able to remove “ CIAttributeCollection” completely. Either there is a 
javascript error or … 

> Internal server error message:
> 
> Internal Server Error
> The server encountered an internal error or misconfiguration and was unable 
> to complete your request.
> Please contact the server administrator, i...@visioline.ee 
>  and inform them of the time the error occurred, 
> and anything you might have done that may have caused the error.
> More information about this error may be available in the server error log.
> 
> And after restarting Apache2 or after some time removing 
> CIAttributeCollection:
> 
>  RemoteAddress: 10.199.1.1
>  RequestURI: /otrs/index.pl?Action=AgentITSMConfigItem
> 
>  Traceback (10503): 
>Module: Kernel::System::ObjectManager::_DieWithError Line: 533
>Module: Kernel::System::ObjectManager::_ObjectBuild Line: 200
>Module: Kernel::System::ObjectManager::Get Line: 180
>Module: Kernel::System::ITSMConfigItem::XML::XMLValueLookup Line: 54
>Module: Kernel::Output::HTML::ITSMConfigItem::OverviewSmall::_XMLData2Hash 
> Line: 567
>Module: Kernel::Output::HTML::ITSMConfigItem::OverviewSmall::Run Line: 330
>Module: 
> Kernel::Output::HTML::Layout::ITSMConfigItem::ITSMConfigItemListShow Line: 580
>Module: Kernel::Modules::AgentITSMConfigItem::Run Line: 306
>Module: Kernel::System::Web::InterfaceAgent::Run Line: 1041
>Module: 
> ModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_index_2epl::handler 
> Line: 40
>Module: (eval) (v1.99) Line: 204
>Module: ModPerl::RegistryCooker::run (v1.99) Line: 204
>Module: ModPerl::RegistryCooker::default_handler (v1.99) Line: 170
>Module: ModPerl::Registry::handler (v1.99) Line: 31
> 
> [Tue Nov 24 17:20:02 2015] [error] 
> Kernel::System::ITSMConfigItem::XML::Type::CIAttachment could not be loaded: 
> Can't locate Kernel/System/ITSMConfigItem/XML/Type/CIAttachment.pm in @INC 
> (@INC contains: /usr/Custom /usr/Kernel/cpan-lib /usr /usr/sbin/../../Custom 
> /usr/sbin/../../Kernel/cpan-lib /usr/sbin/../.. /opt/otrs/Custom 
> /opt/otrs/Kernel/cpan-lib /opt/otrs/ /etc/perl /usr/local/lib/perl/5.10.1 
> /usr/local/share/perl/5.10.1 /usr/lib/perl5 /usr/share/perl5 
> /usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl 
> /usr/local/lib/perl/5.10.0 /usr/local/share/perl/5.10.0 . /etc/apache2) at 
> /opt/otrs//Kernel/System/ObjectManager.pm line 191.\n at 
> /opt/otrs//Kernel/System/ObjectManager.pm line 
> 537\n\tKernel::System::ObjectManager::_DieWithError('Kernel::System::ObjectManager=HASH(0xf80a4d20)',
>  'Error', 'Kernel::System::ITSMConfigItem::XML::Type::CIAttachment could...') 
> called at /opt/otrs//Kernel/System/ObjectManager.pm line 
> 200\n\tKernel::System::ObjectManager::_ObjectBuild('Kernel::System::ObjectManager=HASH(0xf80a4d20)',
>  'Package', 'Kernel::System::ITSMConfigItem::XML::Type::CIAttachment') called 
> at /opt/otrs//Kernel/System/ObjectManager.pm line 
> 180\n\tKernel::System::ObjectManager::Get('Kernel::System::ObjectManager=HASH(0xf80a4d20)',
>  'Kernel::System::ITSMConfigItem::XML::Type::CIAttachment') called at 
> /opt/otrs//Kernel/System/ITSMConfigItem/XML.pm line 
> 54\n\tKernel::System::ITSMConfigItem::XML::XMLValueLookup('Kernel::System::ITSMConfigItem=HASH(0xf93f9400)',
>  'Item', 'HASH(0xfa015a58)', 'Value', '') called at 
> /opt/otrs//Kernel/Output/HTML/ITSMConfigItem/OverviewSmall.pm line 
> 567\n\tKernel::Output::HTML::ITSMConfigItem::OverviewSmall::_XMLData2Hash('Kernel::Output::HTML::ITSMConfigItem::OverviewSmall=HASH(0xf9...',
>  'XMLDefinition', 'ARRAY(0xfa014218)', 'XMLData', 'HASH(0xfa0342f8)') called 
> at /opt/otrs//Kernel/Output/HTML/ITSMConfigItem/OverviewSmall.pm line 
> 330\n\tKernel::Output::HTML::ITSMConfigItem::OverviewSmall::Run('Kernel::Output::HTML::ITSMConfigItem::OverviewSmall=HASH(0xf9...',
>  'ShowColumns', 'ARRAY(0xf8c524a8)', 'View', 'Small', 'Filter', 36, 
> 'LinkPage', 'Filter=36;View=;SortBy=Number;OrderBy=Down;', ...) called at 
> /opt/otrs//Kernel/Output/HTML/Layout/ITSMConfigItem.pm line 
> 580\n\tKernel::Output::HTML::Layout::ITSMConfigItem::ITSMConfigItemListShow('Kernel::Output::HTML::Layout=HASH(0xf8323f38)',
>  'ConfigItemIDs', 'ARRAY(0xf94a3e70)', 'Total', 135, 'View', '',

Re: [otrs] Limit help desk access

2015-11-24 Thread Edson Richter

Sorry, I could not understand how Google Auth would help me limit the 
user IP address access to the OTRS system.

Would you ellaborate a bit more?
I tend to prefer a in house solution without external APIs, but is just 
a matter of understanding how Google Auth can help.



Thanks,

Atenciosamente,

Edson Carlos Ericksson Richter

Em 24/11/2015 15:36, Raul Orav escreveu:
We are using 2 step authentification - Google Auth and https and allow 
acces from outside too.


Regards,
Raul

On 24 Nov 2015, at 19:32, Edson Richter > wrote:


1) Help desk employees and technicians can access OTRS from our 
Remote Desktop Server only (it can be a source IP address check)




-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs


-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Re: [otrs] Limit help desk access

2015-11-24 Thread Raul Orav

Basically if you do some 2 step authentification then apache doesn’t allow to 
connect without password. Depends which auth do you use. But if you are up to 
date then it’s a good solution how to keep your OTRS public and secure. But I 
think your solution could be in configuring apache allow directives. 

> On 24 Nov 2015, at 19:49, Edson Richter  wrote:
> 
> Sorry, I could not understand how Google Auth would help me limit the user IP 
> address access to the OTRS system.
> Would you ellaborate a bit more?
> I tend to prefer a in house solution without external APIs, but is just a 
> matter of understanding how Google Auth can help.
> 
> 
> Thanks,
> Atenciosamente,
> 
> Edson Carlos Ericksson Richter
> Em 24/11/2015 15:36, Raul Orav escreveu:
>> We are using 2 step authentification - Google Auth and https and allow acces 
>> from outside too.
>> 
>> Regards,
>> Raul 
>> 
>>> On 24 Nov 2015, at 19:32, Edson Richter < 
>>> edsonrich...@hotmail.com 
>>> > wrote:
>>> 
>>> 1) Help desk employees and technicians can access OTRS from our Remote 
>>> Desktop Server only (it can be a source IP address check)
>> 
>> 
>> 
>> -
>> OTRS mailing list: otrs - Webpage: http://otrs.org/ 
>> Archive: http://lists.otrs.org/pipermail/otrs 
>> 
>> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs 
>> 
> -
> OTRS mailing list: otrs - Webpage: http://otrs.org/
> Archive: http://lists.otrs.org/pipermail/otrs
> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Re: [otrs] Limit help desk access

2015-11-24 Thread Diego Chacón

You can use apache location ip limit.
https://httpd.apache.org/docs/2.2/howto/access.html

On Tue, Nov 24, 2015 at 11:32 AM, Edson Richter 
wrote:

> Hi!
>
> Is there any way to implement such configuration scenario?
>
> 1) Help desk employees and technicians can access OTRS from our Remote
> Desktop Server only (it can be a source IP address check)
> 2) Customers can access from anywhere
>
> I believe this could be achieved in two ways:
>
> 1) In user configuration, set IP address restriction (better, IMHO). If
> the configuration is empty, then it can Access from anywhere.
> 2) Customizing the code for each restricted page (which ones?), except
> pages customer would have access to.
>
> Has anyone tried anything similar?
> Any tips on how to achieve that?
>
>
> Thanks,
>
> --
> Atenciosamente,
>
> Edson Carlos Ericksson Richter
>
> -
> OTRS mailing list: otrs - Webpage: http://otrs.org/
> Archive: http://lists.otrs.org/pipermail/otrs
> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
>



-- 
*Diego Chacón Rojas*
** E-mail: di...@gridshield.net *
-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Re: [otrs] Limit help desk access

2015-11-24 Thread John O'Neill

You could create two vhosts in apache, one for customers and one for
agents. Lock the agent vhost down to access only from the rdp server
On 24 Nov 2015 17:58, "Diego Chacón"  wrote:

> You can use apache location ip limit.
> https://httpd.apache.org/docs/2.2/howto/access.html
>
> On Tue, Nov 24, 2015 at 11:32 AM, Edson Richter 
> wrote:
>
>> Hi!
>>
>> Is there any way to implement such configuration scenario?
>>
>> 1) Help desk employees and technicians can access OTRS from our Remote
>> Desktop Server only (it can be a source IP address check)
>> 2) Customers can access from anywhere
>>
>> I believe this could be achieved in two ways:
>>
>> 1) In user configuration, set IP address restriction (better, IMHO). If
>> the configuration is empty, then it can Access from anywhere.
>> 2) Customizing the code for each restricted page (which ones?), except
>> pages customer would have access to.
>>
>> Has anyone tried anything similar?
>> Any tips on how to achieve that?
>>
>>
>> Thanks,
>>
>> --
>> Atenciosamente,
>>
>> Edson Carlos Ericksson Richter
>>
>> -
>> OTRS mailing list: otrs - Webpage: http://otrs.org/
>> Archive: http://lists.otrs.org/pipermail/otrs
>> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
>>
>
>
>
> --
> *Diego Chacón Rojas*
> ** E-mail: di...@gridshield.net *
>
>
> -
> OTRS mailing list: otrs - Webpage: http://otrs.org/
> Archive: http://lists.otrs.org/pipermail/otrs
> To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
>
-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

[otrs] Troubleshoot Insufficient Rights error

2015-11-24 Thread Saunders, Eric

I have an Activity Dialog that I would like to update the ticket Owner to 
whomever is completing the dialog. The Required Lock property seems to do 
exactly what I want. However, if I open the dialog and before completing it 
click "Undo & close window" I get an Insufficient Rights error:

Message: We are sorry, you do not have permissions anymore to access this 
ticket in its current state.

At this point I am the ticket owner with full rw permissions on the queue in 
which the ticket resides. And I can go back to the zoom view for the ticket and 
complete other dialogs, so the permissions issue seems to be localized to just 
this "undo" action.

I thought it might have something to do with the Permission property of the 
Activity Dialog but none of the various settings I've tried have made any 
difference. There is also no indication in the System Log what might be causing 
the error.

CentOS 6.x
OTRS 4.0.13

Appreciate any assistance.

+Eric


-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Re: [otrs] Limit help desk access

2015-11-24 Thread Edson Richter


Hi, John.

This seems exactly what I'm looking for.
Thanks, I'll investigate a bit more.

Kind regards,

Atenciosamente,

Edson Carlos Ericksson Richter

Em 24/11/2015 16:08, John O'Neill escreveu:


You could create two vhosts in apache, one for customers and one for 
agents. Lock the agent vhost down to access only from the rdp server


On 24 Nov 2015 17:58, "Diego Chacón" > wrote:


You can use apache location ip limit.
https://httpd.apache.org/docs/2.2/howto/access.html

On Tue, Nov 24, 2015 at 11:32 AM, Edson Richter
mailto:edsonrich...@hotmail.com>> wrote:

Hi!

Is there any way to implement such configuration scenario?

1) Help desk employees and technicians can access OTRS from
our Remote Desktop Server only (it can be a source IP address
check)
2) Customers can access from anywhere

I believe this could be achieved in two ways:

1) In user configuration, set IP address restriction (better,
IMHO). If the configuration is empty, then it can Access from
anywhere.
2) Customizing the code for each restricted page (which
ones?), except pages customer would have access to.

Has anyone tried anything similar?
Any tips on how to achieve that?


Thanks,

-- 
Atenciosamente,


Edson Carlos Ericksson Richter

-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs




-- 
/Diego Chacón Rojas/

/* E-mail: di...@gridshield.net /
//


-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs



-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs


-
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

[otrs] Limit help desk access

Re: [otrs] Limit help desk access

[otrs] OTRS CMDB search and CIAttributeCollection

Re: [otrs] Limit help desk access

Re: [otrs] Limit help desk access

Re: [otrs] Limit help desk access

Re: [otrs] Limit help desk access

[otrs] Troubleshoot Insufficient Rights error

Re: [otrs] Limit help desk access

9 matches

Site Navigation

Mail list logo

Footer information