Ok, So loving that this is finally a feature (and was the one thing I was waiting for before we migrate from OTRS), and I am running this on a test install that has been upgraded from 1.8.2 however I can't seem to login as a client using AD credentials, the ldap plugin is setup correctly as it works fine for my staff account, and the tickbox to enable ldap for client access is also ticked and I have tried various username formats (username, domain\username and UPN), but none seem to work.What's the correct procedure for getting this working beyond putting in correct LDAP details and ticking the box to enable ldap for client logins too?

Do you have user registration set to Public? What's sort of error you're getting?

Yep, registration is set to Public, the only error when logging in with an AD account is access denied and a Failed Login attempt log entry is generated (which contains the password that was attempted which I'm not sure is a great thing to do from a security perspective).

Are you using AD account username or email to login? We only support username at the moment.PS: We're aware of the clear password being logged on invalid login and will be addressing it.

I've tried both the UPN and SamAccountName and not had any luck, this is largely a fresh setup so I'm assuming there is no other things I need to do to get the client logins working other than the LDAP details and enabling ldap client logs in the plugin, there shouldn't be any need to create user accounts for AD users should there?

SamAccoutName should work. What do you have as Registration Method in Admin Panel > Settings > Access?

>SamAccoutName should work. What do you have as Registration Method in Admin Panel > Settings > Access?

Currently Public - Anyone can Register

We're also having the same issue as Nick-C.New fresh install, using XAMPP web server and manually updated to latest PHP version. Admins can LDAP authenticate, but end users are unable to.

We're looking into the issue - although we can't replicate the issue locally. Anyone willing to schedule a goto meeting either today or tomorrow? We're in CDT timezone.

I am hopefully free tomorrow, on BST here so if I am right the only time I'm free is 0900 - 1100 CDT (which works out to 1500 - 1700 BST)

@[deleted] - email help at osticket.com and we'll schedule a conference call. Be sure to mention this thread.

No problem, email sent :)

We here are also interested in this issue, having also a lot of trouble getting ldap client auth to work (as already written in the avid users forum). Unfortunately our time zone is CEST, which is +7h... :( ... But since NickC seems to have the same problems as we have here, hope your goto meeting will be a success. Would be great to finally see this issue fixed :)

Also interested in this issue.And I have something more: I have the ost_client table loaded with internal clients (really don't remember how I did it, as there are all the users from Active Directory even if they never opened a ticket - maybe some old customization). All of them are guests.Is there a way to register all these users ?I want each user to login with user+password to get access to all his/her tickets, but I don't wan't the "you have to register" trouble.

For all interested in the issue:

This and other issues are fixed with the new ldap.phar.

where can I get it ?At Downloads, still says "Latest Stable Release, v0.4 Released March 3rd, 2014" and development repo is 2 month old.Thx

where can I get it ?

At Downloads, still says "Latest Stable Release, v0.4 Released March 3rd, 2014" and development repo is 2 month old.

Thx

It's not been released yet as the devs only found out what was going wrong on friday afternoon, I have a working version of the files that the devs were able to put together while working with me to debug the plugin but I don't really want to release it as it isn't my code and may contain other problems (as we only really did basic testing on it confirming that AD accounts could now login and create tickets).I would imagine an official update to the plugin will come soon so others can test and confirm the fix is working correctly.

@[deleted] & @[deleted] - We actually have an updated plugin, with the fix, available in download edge page. 

@[deleted] & @[deleted] - We actually have an updated plugin, with the fix, available in download edge page. 

Ah, didn't realise it had been updated there as the dates hadn't changed, even better then! :)

Ok - now I can login with client user with AD authentication.Thanks