When using an LDAP installation (e.g. openldap) without using LDAP groups Zammad will reject the LDAP setup completely.
This is not documented on LDAP / Active Directory — Zammad documentation and there is no documentation what to do to create groups for Zammad.
I think the correct approach would be to allow a setup without Groups and setting all users as customers as default.
I believe that this is a technical question rather than a feature request.
May play into the same corner like this thread:
That being said, it’s already working I can’t reproduce it:
Hi @MrGeneration thanks for your reply.
I should have included the error I get. Sorry.
I just tested it again to look into the developer console and actually did find the problem.
I get the error that Zammad can not find the LDAP groups if I try to use ou=users,dc=example,dc=org but it does work with dc=example,dc=org
In the group assignment wizard Zammad does not even show ou=users as a suggestion.
I did use the admin ldap user so I do not think that this is a permission problem.
We do use OpenLDAP.
But as I did unterstood the error message wrong I agree that this is not a Feature request.
Thanks for your help!
ou=users,dc=example,dc=org
You are entering OUs rather than security groups. You need your users to be a member of a group, not just in an OU.
CN=GroupName,OU=Groups,DC=ad,DC=domain,DC=org
What @astrugatch said.
Don’t ever try to type something own within the mapping values.
If Zammad didn’t find it it’s not available to use. Zammad expects it’s own provided values there.
I tried entering ou=users,dc=example,dc=org into the Base DN field. I am sorry if did not state that correctly.
I have now understood that group mappings require ldap groups.
What made me think that this would work with OUs is that dc=example,dc=org was recommended in the group mapping field.
Many thanks for all your help!
I’ll try to point that out better on my next rewrite for LDAP integration page in the future. Sorry for the confusion.
This topic was automatically closed after 416 days. New replies are no longer allowed.
