Hello, I am attempting to set up osticket to authenticate clients and staff members. I have the LDAP plugin installed and working for staff members. I thought this would be just clicking another check box but apparently it's not.What we currently have done is allowed users to make their own accounts using their work email addresses and another password that they have to remember. What I am attempting to do is allow users to authenticate with their ad credentials. We would slowly phase out the accounts that the users made and move to the AD Accounts. What do I need to do to allow users to authenticate with their ad credentials?I have attached info from my os ticket info page. Also I am running this on Centos7. Thanks for the help. 

osticket info.PNG

Admin panel -> Manage -> Plugins -> LDAP Authentication and Lookuptick Client Authentication.Click Save Changes.

@[deleted]I have done that. When I have asked users to authenticate they get an access denied message. 

Then you should consult the ldap logs and see why its being rejected.My first guess is that you could have the search base to restrictive, but since I don't know how your AD is setup or what you used for setting in your plugin I have no way of knowing what the problem could be.

My search base is pointed to the root of the directory. So in theory it should be able to see everyone. Where are the ldap logs stored. I have looked in /var/httpd/access_log. There are no entries in that file. 

ldap logs are stored on your ldap server.

a month later

What should I be looking for in the LDAP logs? We are using windows active directory. 

logs from the failed attempts.

Write a Reply...