Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

LDAP users access denied


Install the LDAP plugin and my staff are already connected, but my clients give me access denied.

CENTOS 7
php v 5.6.3
osticket v1.10
LDAP plugin 0.6.3

Comments

  • Have you enabled "Enable authentication of clients" in the plugin settings?
  • yes, "Enable authentication of clients" in the plugin LDAP
  • Are you sure that the clients connecting to osTicket are in AD? And they have USERNAMES set, after registering the client?
  • yes, they exist and work in AD. 

    ldap.jpg
    772 x 777 - 140K
  • As I mentioned before - what about username for client, after you register a guest, you need to go to Users > User Directory > Your client user > Manage Account > Manage Access > Username

    You must set username, which corresponds your AD for that specific user.

  • I already did it and it does not work.
  • Two questions:
    1. Since you are running CentOS have you disabled SELinux or created rules for it to allow traffic?
    2. Have you applied the two fixes here?
  • Delete these lines -> values_flat ( ' Identificación ' , ' nombre ' , ' default_email__address ' )
    -> Anotar (
    array ( ' __relevance__ ' => nueva SQLCODE ( 1 )))

    ADD this

    ->values_flat('id', 'name', 'default_email__address')

    -
  • Please follow what ntozier said and see if that helps, let us know.
  • I haven't the foggiest idea what your badly formatted pink tables are trying to convery to us....
  • Perhaps you meant to answer the two questions?  For the record they were:

    Two questions:
    1. Since you are running CentOS have you disabled SELinux or created rules for it to allow traffic?
    2. Have you applied the two fixes here?

    Your response does not invoke confidence that you have done 1. and the two things in 2.
  • edited February 22
    1.- Selinux is disabled

    2. Delete line 87 annotate(array('__relevance__' => new SqlCode(1)))


  • You have specifically mentioned one of the fixes in 2.
  • edited February 22
    Si,  
    ¿What is the other please help me
  • Click on the link I gave you..
    Scroll down until you see the second fix.
    Click on the link.
  • I did the following:
    add in the include/ajax.users.php  
    $id = str_replace('/','\\',$id);
    it does not work, please Help
  • edited February 23
    Great!

    What do your PHP error logs say?
    What do your LDAP server error logs say?
  • php error log:
    [Thu Feb 23 10:28:25.897589 2017] [mpm_prefork:notice] [pid 922] AH00163: Apache/2.4.6 (CentOS) PHP/5.6.30 configured -- resuming normal operations
    [Thu Feb 23 10:28:25.897616 2017] [core:notice] [pid 922] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
    [Thu Feb 23 10:46:07.741133 2017] [mpm_prefork:notice] [pid 922] AH00170: caught SIGWINCH, shutting down gracefully
    [Thu Feb 23 10:46:08.843813 2017] [suexec:notice] [pid 2599] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
    AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using xxxxx.uta.edu.ec. Set the 'ServerName' directive globally to suppress this message
    [Thu Feb 23 10:46:08.874469 2017] [auth_digest:notice] [pid 2599] AH01757: generating secret for digest authentication ...
    [Thu Feb 23 10:46:08.875169 2017] [lbmethod_heartbeat:notice] [pid 2599] AH02282: No slotmem from mod_heartmonitor
    PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/php_ldap.dll' - /usr/lib64/php/modules/php_ldap.dll: cannot open shared object file: No such file or directory in Unknown on line 0
    [Thu Feb 23 10:46:08.931788 2017] [mpm_prefork:notice] [pid 2599] AH00163: Apache/2.4.6 (CentOS) PHP/5.6.30 configured -- resuming normal operations
    [Thu Feb 23 10:46:08.931816 2017] [core:notice] [pid 2599] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'


  • .......and the other question is?
Sign In or Register to comment.