My Changes to Get osTicket working with AD
First: test my ldap connection with osticket:
1. make a php file (ex. test.php) and include content
2. if it works, then you'll see the logged in message
<?php
\\format i used = 'microsoft.com'
$ldap = ldap_connect('your_domain_name');
//format = domain\username (ex. 'microsoft\bgates')
$username='ad username';
$password='ad password';
if($bind = ldap_bind($ldap, $username,$password ))
echo 'logged in';
else
echo 'fail';
echo '
done';
?>
Second: My changes and examples in bold for class.staff.php. The addition in change one was the major stopper because my username was not passing thru the scp login screen.
Two changes:
1. add $this->username in function load()
2. make 2 simple changes for AD connection
1.****************************************** 1.
function load($var='') {
$this->ht=db_fetch_array($res);
$this->id = $this->ht;
$this->username = $this->ht;
$this->teams = $this->ht = array();
$this->group = $this->dept = null;
$this->departments = $this->stats = array();
}
2.****************************************** 2.
function getInfo() {
return $this->udata;
}
/*compares user password*/
function check_passwd($password, $autoupdate=true) {
/*bcrypt based password match*/
if(Passwd:($password, $this->getPasswd()))
return true;
// Change made for LDAP Auth based on -> http://osticket.com/forums/showthread.php?t=3312(http://osticket.com/forums/showthread.php?t=3312)
// Change this line to the FQDN of your domain controller
$ds=ldap_connect('microsoft.com') or die("Couldn't connect to AD!");
// Change this line to the name of your Active Directory domain
if ($ds) {
$domain="microsoft"."\\"; $ldapbind = ldap_bind($ds);
if (!@ldap_bind( $ds, $domain.$this->username, $password))
{
//just to show the passed values if your AD login is not working - delete after
print $domain;
print $this->username;
print $password;
// Auth failed! lets try at osTicket database
return (strlen($this->passwd) && strcmp($this->passwd, MD5($password))==0)?(TRUE):(FALSE);
// return(FALSE);
}
else{// Auth succeeded!
return(TRUE);
}
// End Changes
}
}
// //Fall back to MD5
// if(!$password || strcmp($this->getPasswd(), MD5($password))) return false;
//
// //Password is a MD5 hash: rehash it (if enabled) otherwise force passwd change.
// $sql='UPDATE '.STAFF_TABLE.' SET passwd='.db_input(Passwd:($password)).' WHERE staff_id='.db_input($this->getId());
// if(!$autoupdate || !db_query($sql)) $this->forcePasswdRest();
// return true;}