On Zammad 6.3.1, I’ve a running LDAP integration that assigns to users the role of agent.
So far, so good.
Then I manually edited a few users to assign also the role of admin.
However, on the next synchronization with LDAP, the admin role is cleared out.
Manually assigned groups are kept.
What is the correct way to make Zammad, if possible, not clearing added information? I don’t have an LDAP group to distinguish between roles at the moment.
I had the same issue and resolved by creating different groups in LDAP for different access. Example
Alan
Bill
Charlie
Group Agent = Alan , Bill
Group Admin = Alan , Charlie
After the LDAP sync , Alan will have the agent and admin role.
Hope this helps.
Thanks @pratat , I was already thinking to create separated groups in LDAP to achieve the task. However, this will not solve the case when I manually add some property to a specific user, since it will be “overwritten” by LDAP sync.
You cannot manually adjust users that are being synced by Zammads LDAP integration, as long as you chance attributes that are part of the sync information.
That means:
You have to adjust the relevant information in LDAP, as this is the source of truth to Zammad.