Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

Completely overriding settings from external authentication

Hi all.

I just noticed a "small" problem. When I authenticate against an external data source (like AD), the system saves the user profile in its internal DB, and that could be OK. But then if some information gets updated in the external data source, the two archives remain out-of-sync.

For example I login for the first time as a staff member: a row gets added to ost_staff saying that I'm a staff member. Later, my profile gets "promoted" to admin on the external data source, but ost_staff insists on saying I'm still regular staff (seems I have no means to tell OsTicket that user level changed).

That quite completely defeats the purpose of having a central directory!

The only workaround I could find is manually updating ost_staff.isadmin every time it's different from what it should be with a direct query:
if($isadmin!=$user->isAdmin()) {
  $sql='UPDATE '.STAFF_TABLE.' SET isadmin='.($isadmin?1:0).' WHERE staff_id='.$u;
  db_query($sql);
}
every time my plugin's signOn() gets called.

Is there a better way, that doesn't require direct table manipulation?

Tks.

Tagged:

Comments


  • ADmin panel -> Staff -> Staff member you want to edit -> Account Type and Assigned Group
  • Well, that's not automatically syncing against the external source... So, to say, I can't simply add a user account to a group in AD and automatically have that account "promoted" to admin in ost.

    What's worse, when an account gets removed from the "admins" group in AD, ost still considers it as an admin. Unless I update STAFF_TABLE in my signOn method.
    And I still didn't consider the case where an account ceases to be a staff member and becomes a normal user (say because that person got moved to another mansion): should I delete or just lock that record in STAFF_TABLE ?

Sign In or Register to comment.