I've been searching through these forums and banging my head against the wall.
I've so far had no problems with osTicket until this issue. and the following fixed them.
It seems that osTicket requires a location (a folder/directory) to "store" session data. Normally this would either be in the php path or possibly the working directory, web root, or maybe a system directory. Either way, when you have administrative privilege it's no problem, but introduce guest or limited privilege, it becomes one.
I have a server used for my IT support dept, I have admin and thus no problems. The box is Server 2003, IIS, PHP 5.x (latest) MySQL 5 (latest), etc.
I turned off anonymous access, but add proper permissions for myself and for my support staff. I had no issue, but sporadically my support staff (without admin) would get the issue of not being able to get past the login screen. Eventually no combination of permissions short of admin on the entire server would fix it, however this (the solution at the bottom) did, even with the most restrictive permissions reasonably possible, and it is in this forum (can't find it though, must have been fortunate to stumble upon it), please let me know if this fixes it for you.
PROBLEM: the PHP session can not be created/stored anywhere (even though there is no indication of file level access being needed.
FIX: create an in-line modification of the php.ini to redirect the session to be stored in an external (to your web root) folder. You may need to create this, for IIS, i created a folder called "phpsessions" inside Inetpub and granted read/write to the appropriate user groups.
EDIT: \osticket\main.inc.php
Find the session_start(); function.
In the comment above it //Start the session
Append ini_set("session.save_path",your-filesystem-path);
Maybe i'm being redundant. Hopefully this will help, and I will try to find the other thread so I can give that guy some credit.