Hello,We're running osticket 1.9.2 and are interested in using the auth-ldap under core plugins so that we can connect to the open directory. A couple questions, what happens if the OD server has to be restarted? Does it mean users cannot log into osticket helpdesk while the server is unavailable? Or it would continue to work just no user updates(eg. password changes) would be reflected in the osticket during that window when server is down?Also, is it possible that ONLY the users are "connected" through the OD while the staff members are managed only through the osticket scp (admin panel)? Or once we connect the auth-ldap ALL users in the system (general users, staff, admin) are all required to login with their credentials from the OD?Thanks in advance. 

If you only got 1 open directory server I guess (have not tested, just thinking) the authentication will not work if the server is offline / unavailable.

To separate staff authentication is not a problem. There is an option inside the plugin to enable/disable the authentication for staff and/or users.

Finally you may want to look at my little how to for ldap and pass thru plugin: http://forum.osticket.com/d/discussion//http-passthru#latest

Thanks for quick response, really appreciate it.

We'll need to sort out issue on our OD since we've been having issues recently and need to restart often.

The helpdesk is running on Linux box with apache but it's in the cloud(AWS) , not connected to our local intranet. How would we use ldap in that case? I assume we need to setup vpn between the systems. Do you have any recommendations?

Since we run our osTicket only internally (also apache) it's no problem with ldap / active directory.

Unfortunately I have no experience with AWS (hosting everything on our own servers and don't trust any cloud provider... data security and safety is really important for us) and how to connect it probably to an internal environment.

So assuming we are using same configuration internally (as you have), if the OD is restarted do we need to do anything to connect again? Or as soon as the OD is back online users can login again?

As soon as the OD is back and your osTicket web server can connect, your users shall be able to log in to the system again.

Okay, so that's good :)Is there any option for users to authenticate to a local users table while the OD is down? Then connect normally once it is back online? I guess that would involve some customizations probably?

I guess too that it would require some customization in case the OD is down.Since I have not really knowledge with OD, a stupid question: Why not setting up a second OD server in addition to the first OD server?(We have a cluster of several machines running here to make sure everthing continues to run in case one domain controller / active directory server is down)

Good point, I will start to look into that option. Think that makes more sense since it won't be only the helpdesk that is effected but other applications as well...Really appreciate your help and direction with this. For setting up the ldap/plugin part, you recommend using your how-to link above, anything special we need to note?Thanks again

"anything special we need to note?"I guess not But in case you run into any error, there are several threads at the forum where different "errors" have been covered and solved, so search is your friend. Alternatively open a new discussion when there is an error or something you don't know how to get around with at all ;)

Write a Reply...