HelloFirst time post here.I am currently working on an issue in OSTicket version 1.9.8.1.We are using active directory (AD) to automatically authenticate a user and if that comes back as true and we get their user data, it will automatically create an account.The issue we were having was it would authenticate and send back the appropriate data.  Inside file /includes/class.auth.php on line 107 is this piece of code:if ($this_form->isValid(function($f) { return !$f->get('private'); })

&& ($U = User:($this_form->getClean()))

&& ($acct = ClientAccount:($U, $defaults))

// Confirm and save the account

&& $acct->confirm()

// Login, since `tickets.php` will not attempt SSO

&& ($cl = new ClientSession(new EndUser($U)))

&& ($bk->login($cl, $bk)))

return $cl;My question is the anonymous function at:function($f) { return !$f->get('private');Can someone tell me what it is trying to do? If I was able to break out this long statement into this: $U = User:($this_form->getClean()); $acct = ClientAccount:($U, $defaults); $acct->confirm(); $cl = new ClientSession(new EndUser($U)); $bk->login($cl, $bk);I had no problems in creating the account and logging in but it appears the anonymous function is not liking it and therefore not auto creating the account. I was able to checkthe response from that anonymous function and it was 0.If someone could maybe explain what the anonymous function is doing or checking for, I can get a better understanding.Thanking anyone who comments on this in advance.

7 days later

Would love to know if you're able to get this working. We have SSO and AD auth working, but like you mentioned the users have to be created in osTicket ahead of time. EDIT: Disregard... my test account didn't have an email address associated with it -- Account creation is happening on the fly now, woowhooo

They really need to improve the LDAP/AD integration, I'm constantly having issues with it and it's the primary reason our osTicket instance is not yet in production.

@[deleted] Really?  Because I've never really had a problem with LDAP/AD integration other then when i very first set it up.  Could you be more specific about the problems that you had experienced?

5 days later

About the third of the problems are "our fault" but were exacerbated by poor logging on osTicket regarding LDAP errors. Most problems relate to SSO being unreliable, PKI problems with TLS for LDAP (which is more of a PHP problem but osTicket plugin UI doesn't help) and auto-creation of user accounts in osTicket for LDAP users upon first login.

I agree on the logging side.  As a developer, in my opinion, you are as only as good as your logging.  If you cant go back over a certain period of time and tell me whats been going on, then there is some gap in your logging.

Can someone write "how to" make SSO and AD auth working on OsTicket ??My environment is Windows++Wamp Server+OsTicket+ADmod(working)

Not for Windows specifically, but take a look at the following discussion:

http://forum.osticket.com/d/discussion//http-passthru#latest

Write a Reply...