Good morning,I have recently installed osTicket 1.9.3 onto an Ubuntu server running Apache 2.4.7 and have installed the the LDAP plugin available on the OS Ticket website.I have read a number of articles on the forums about configuration and have got Staff Authentication working via LDAP, however when I try and login as a client I get an Access Denied error. I have tried loggin in with domain\user, user and email address but still get the Access Denied.Is anyone able to point me in the right direction?Kind regards,Ben

At Admin panel -> Manage -> Plugins -> LDAP -> at the bottom have you ticked "Client Authentication"?

And have you configured Apache correctly?

13 days later

My apologies for the delay in coming back to you, I have been on annual leave.Client authentication has been enabled in the plugin and Apache has been configured. As mentioned in my original post LDAP Authentication works for the Staff Authentication just not client authentication.

For further information, I have used the SAMAccount name in the username field. When logging in i have tried username username@domain as well as email address but every time it says access denied.I have enabled PHP errors and checked the apache error log but nothing is showing up there either and it is incredibly bizarre that it works for staff but not clients.

yeah, it's more important for clients... than staff.

6 days later

Has anyone got any further guidance on this at all?

Sorry but I do not have any ideas.  I have this setup and working on my installations and my test boxes with out any issues.  I suspect that you have a problem with your configuration settings in the plugin, but since you haven't shared any of thsoe settings with us I am unable to make any further suggestions.You might try going to Admin panel -> Settings -> Default Log Level and setting it to Debug and see what happens when someone tries to log in.

Hi Ntozier,I have taken a screen shot of my config and attached it. I did as you suggested with the logging abd the only error that appears in the log is failed login attempt. It doesn't provide any more reasoning.Thank you for your support.

LDAPCONFIG.JPG

Try changing your Search User to: the actual username (DN).  Try changing the Search Base to: OU=Kings College - Windows 7,OU=Kings College Guildford, DC=internal,DC=kingscollege,DC=surrey,DC=sch,DC=uknote: I have no idea if the spaces or - characters in the values will be an issue... but I changed my OUs to use _ instead of spaces a few years ago.

Write a Reply...