LDAP Roles and Groups

mko · October 1, 2020, 7:06am

Infos:

Used Zammad version: 3.5.0 - 1601452467.437aa9ac8.stretch
Used Zammad installation source: DEB package
Operating system: Debian 9.13 / Stretch

We have been using Zammad for some time now and I am a huge fan. Thanks for this cool software.

Now I have a question that I can’t get solved:

In the beginning there was always
Active Directory Group -> LDAP Mapping -> Zammad Role --> Group permissions / Memberships

Now I have new groups where individual users from different roles belong to.

Can a user have more than one role and receive group permissions? I have tested it once, but it does not seem to work additively.

I just have the feeling that it is not effective to build a role for every possible constellation of users/group permissions, or am I missing something?

MrGeneration · October 8, 2020, 11:34am

Yes! That’s perfectly possible.
You can map the same active directory group to several Zammad roles without issues.

mko · October 8, 2020, 1:28pm

oh man. It never occurred to me. Yes, that actually works perfectly. Now my users have several roles with the appropriate group permissions.

Do I see it right, if a user has two or more roles, are the rights additive?

MrGeneration · October 26, 2020, 9:56am

Yes! Several roles act additive one the same user.

system · February 23, 2021, 9:56am

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.