Inconsistent Overviews


  • Used Zammad version: 3.6
  • Used Zammad installation source: (source, package, …) package
  • Operating system: CentOS7
  • Browser + version: Chrome 88

Expected behavior:

  • The Overview to appear with the correct tickets and for user impersonation to show exactly what user 1 sees.

Actual behavior:

  • Logging in as user 1 only shows ‘My Tickets’, not new Overview ‘YY’
    Impersonating the user only shows the new Overview ‘YY’, not ‘My Tickets’
    Creating a ticket with user 2 with Department = ‘XX’ does not show in Overview ‘YY’

Steps to reproduce the behavior:

  • I created a role called Power User
    I assigned a user with only the role Power User
    I gave the user Full permissions for all Groups
    I created an Overview ‘YY’ for Department = ‘XX’, State = New or Open
    The Overview is available for a new role I made called Power User
    The preview in the Overview creation form shows a match

The goal is to create views for each location (LDAP Department > Zammad Department), and have a role with one user per location that can see that location’s tickets.

The users’ departments match the Overview.

Well I will wait from now on before posting an issue because I realize now that Zammad is not merging third-party accounts so I was logging in as and impersonating the same user, but Zammad had created a Google and an LDAP account that was not merged.

I’m not sure how Zammad decides whether to merge or not but I will close this particular issue for now.

That’s not exactly true.
Zammad uses the email address to identify existing users and will link the user if applicable and activated. This means that there will not be two users.

Above required “Automatic account link on initial logon” to be active:

I currently expect that your LDAP source was first.

Also note that a user can always, if allowed to, link his/her third party account to the Zammad account:

This allows the user to have email addresses that do not match.
Other wise Zammad can’t forecast who’s who.

Thank you for the response. How might I troubleshoot “automatic account link on initial logon”? This is enabled, I started looking into LDAP as my source and then decided I would much rather use SSO. I tried Google as well and user are duplicated between LDAP and Google. The Google account comes in as the UID, and the LDAP as I’ve mapped.

I may just start over once I can figure out SSO, I would really like to skip the login screen since it would be very confusing for users to never use the username and password box.

You can’t, sorry.
You could use custom CSS to hide the login form but that’s about it.

In my opinion it has tons of disadvantages if you just redirect users to the authentication endpoint.
If you don’t care about that: Look for the zammad session cookie, if it’s not present redirect.
However. Note that this will only work after restarting your browser, if you log out and navigate to Zammad again the session cookie is still present.

Zammad uses the mail address of the user to see the unique user.
If the mail address is different, users have to manually link the account to the Zammad account.

Much better would be to have consistent data though.

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.