KevinTheJedi
Ok, good to be clear on what HTTP Passthru does.
The problem I'm facing now is that when I login with an AD user to the client portion of the portal it kinds of logs in but then I still see the "sign in" at the upper right hand side of the screen, so no actual authentication is done there (?).
I have the option for agents to register users only. Could that be a problem?
KevinTheJedi I checked logs in EventViewer and they don't seem to be related to OSTicket
So hard to troubleshoot this...
I created a test AD User in the domain root and I get this now:
Wait, does that user exist in osticket yet? If not they need to be. Else you need to update your registration to Public.
Cheers.
KevinTheJedi
KevinTheJedi
Yep, disabling that made it work. That is why I mentioned it in the previous comment.
I saw that email information and phone number is not captured despite that information being set in the object properties for the users.
All right thanks, hopefully @ntozier can help me get those filled automatically hehe
So I've read through this twice and I'm not real sure what it is you are trying to do, or what the problem is that you are experiencing is (it has been a long day so maybe my reading comprehension is bad right now).
The Authentication::LDAP and AD plugin lets users authenticate against an LDAP/AD server. But those users have to exist in osTicket to work right. We use a paid plugin to sync our users from AD to osTicket to make this easier.
ntozier thanks for the reply
Well, users are not registered but they can login, (they get automatically registered after first login) create tickets, and even first and last name shows in their profile.
However, I cannot get other attributes to show up. Maybe thats why there's a paid plugin?
It should be pulling that info on User creation if it follows msad or RFC-2307 schemas. You can see this here:
I would assume the attribute names in your AD don’t match what we are looking for (https://github.com/osTicket/osTicket-plugins/blob/develop/auth-ldap/authentication.php#L288-292).
Cheers.
That only shows the display names for the attributes not the actual attribute names. I’m not too familiar with AD so I have no idea where to find that unfortunately.
Cheers.
KevinTheJedi Ok I get it,
so OSTicket looks for specific AttributeEditors, you're right, the default ones are named different in both scenarios.
I'm trying to create new attributes through Schema Editor, my AD account is already a member of enterprise admins and schema admin (I just added it), but the option "Create" is grayed out T_T
I want to clarify that the attribute names we are looking for are in the link I posted above and they are the values, not the keys. So for example in the link above for msad there is 'first' => 'givenName',. The attribute name we look for in AD is givenName.
Cheers.
KevinTheJedi Oh ok,
So...if that's the case, then it doesn't work right
Just tested and it works fine for me. It pulled my First + Last Name, my Email Address, and my Phone Number. I use default msad format and my attributes are named givenName, sn, mail, and telephoneNumber respectively. Note, it will only do this when it's creating the User in osTicket. If the User is already created in osTicket it will not sync/update the User's information.
What did you select as the LDAP Schema in the Plugin settings?
Cheers.
KevinTheJedi
Ok users were already registered that's why it did not take it.
Now it works
Thanks everyone
