Hey,I set up osTicket to the requirements of my organization, and installed the LDAP authentication plugin correctly (or so I thought).Once that was installed and configured to what I thought were the correct settings I attempted to log in with a few accounts that existed in our AD, which was successful and created the accounts on osTicket. I created 3 accounts this way, but when I shared my osTicket link out to my organization I noticed a number of failed logins. So I tested a new account from AD and it failed to log in.So it seems that the plugin, at one point, was creating users as they were trying to log in with their AD credentials, but this has since stopped working.I was just wondering if I've changed a setting or done something wrong.Thanks in advance.

The LDAP plugin has never created users for you.  You have to create users accoutns.  You can export your accounts from AD and import them into osTicket or you can use something like this paid plugin to sync it for you:http://software-mods/adSync.html

Yeah, that's what I'd read. But it successfully created 3 accounts from AD, which was a surprise to me.

So it seems I've got it to automatically register users with their AD credentials by changing the Registration Method in User Settings to Public.

@[deleted] You can mark this as solved, I user accounts are created from AD when their credentials are entered into the login screen without any additional plugins to the offical LDAP/AD Auth one.Not sure why there's no documentation or this, or why I was told it wasn't possible.

Apparently it depends on the Registration Method (which I learned by reading your post).  I assume its because its not really creating an account (and is creating a guest account) for the users.

4 days later

Is there any drawback to these guest accounts being created and used? They seem to function as well as any non-guest account should.

8 months later

I would think it is just an advantage. I was looking for a way automatically remove users after three months. Our system is being used in a shop also so it would need to comply with GDPR. I thought this would be the best option to automatically remove the users that either just bought or fixed a device and doesn't have contract with us.

Write a Reply...