Infos:
- Used Zammad version: 2.9.x
- Used Zammad installation source: docker-compose
- Operating system: Debian 9
- Browser + version: Chrome
Background
I’ve configured the LDAP integration to create our agents. Zammad suggested this attribute mapping:
LDAP givenname -> Zammad Firstname
LDAP sn -> Zammad Lastname
LDAP mail -> Zammad Login
I used it as suggested, but that caused our agents to be created with an empty email address:
irb(main):278:0> pp User.find_by(login: 'firstname.lastname@ourcompany.tld'); nil
#<User:0x00005562e616e628
id: 41,
organization_id: nil,
login: "firstname.lastname@ourcompany.tld",
firstname: "Firstname",
lastname: "Lastname",
email: "",
This in turn seemed to break email notifications, because Zammad didn’t know where to send the notifications to. I then reconfigured the LDAP integration like this:
LDAP givenname -> Zammad Firstname
LDAP sn -> Zammad Lastname
LDAP mail -> Zammad Email
LDAP uid -> Zammad Login
This seemed more sensible, and now our agents look like this:
irb(main):282:0> pp User.find_by(login: 'firstname.lastname'); nil
#<User:0x00005562e5c441c0
id: 41,
organization_id: nil,
login: "firstname.lastname",
firstname: "Firstname",
lastname: "Lastname",
email: "firstname.lastname@ourcompany.tld",
But my original admin account “Zammad Admin” (created during the setup, without LDAP of course) has login: "zammad.admin@ourcompany.tld"
, which is now inconsistent with all the other agents that have been synced via LDAP. I then wanted to edit “Zammad Admin” and set his login to zammad.admin
, but the user interface doesn’t allow me to edit the login name
(The reason I want it consistent is because I use a script with the REST API to manage the role assignments of all our agents.)
Then I thought - why not configure the LDAP integration like this, to have all LDAP users consistent again with Zammad Admin:
LDAP givenname -> Zammad Firstname
LDAP sn -> Zammad Lastname
LDAP mail -> Zammad Email
LDAP mail -> Zammad Login
But that doesn’t work either. When you try to sync a single LDAP field onto multiple Zammad fields, Zammad will remove all but one field, that is, I can only sync LDAP mail into either Email or Login, but not both.
As a workaround, I’ll manually change the login of Zammad Admin in the Rails console, but I think it would be nice if this would all work in the user interface
Expected behavior:
- It should be possible to modify the Login value of users.
- LDAP sync should be able to sync an LDAP attribute onto multiple Zammad attributes.
Actual behavior:
- It’s not possible to modify the Login value of users outside of the rails console.
- LDAP sync will remove all but one the LDAP attributes when you attempt to sync it onto multiple Zammad attributes.
Steps to reproduce the behavior:
- Attempt to edit the login value of a user.
- Attempt to sync e.g. LDAP mail onto Zammad Email and Zammad login.