OTRS 6 import, some user passwords not working

Infos:

  • Used Zammad version: 6.3.0-1713857963.c5266fae.jammy
  • Used Zammad installation type: package
  • Operating system: Ubuntu 22.04
  • Browser + version: Firefox 125.0.3 (64-bit)

Expected behavior:

  • All user passwords are imported accurately from OTRS 6 to Zammad.
  • Users should be able to log in to Zammad using their existing passwords without any issues.
  • Password compatibility should be consistent across all users, regardless of their role or account creation date.

Actual behavior:

  • Some users’ passwords from OTRS 6 are functioning correctly in Zammad, allowing them to log in without any problems.
  • However, for other users, their passwords do not work in Zammad despite being verified as correct.
  • This inconsistency is observed across different user roles, including administrators, customers, and agents.
  • The affected users share the common characteristic of having accounts dating back to 2006 in the OTRS system.

Steps to reproduce the behavior:

  • Import user data from OTRS 6 to Zammad using the provided import module.
  • Attempt to log in to Zammad with the imported user credentials for users with accounts dating back to 2006.
  • Note the discrepancies in password functionality among different users, where some can log in successfully while others encounter login failures despite correct credentials.

Has anyone encountered a similar issue during their migration from OTRS to Zammad? Are there any known changes in how OTRS manages passwords that might not be adequately addressed in Zammad’s import functionality? Any guidance, insights, or suggestions would be greatly appreciated as I work to resolve this issue and ensure a smooth transition for all users.

Thank you in advance for your assistance!

Best,
Skip

Confirmed, I looked into the database.

OLDer (between 2007 and June 2012) passwords in OTRS are saved in plaintext :fearful:

This means that in Zammd only the newer accounts with a hash instead of the plaintext password will work after import.

Solutions:

  1. Make users change their password before migrating from OTRS to Zammad.
  2. Let users use the recover password functionality in Zammad after the migration

Or use LDAP/SAML or let users change their password in Zammad as a new system.
Benefit would be that these passwords would be rotated at least once after some years.

For Zammad we are going to use M365 OAuth which should reduce this issue, although some people might still want to use the username/password from OTRS until they get used to M365 login.

The proposed solution works right after the import phase if people are not using LDAP or M365.

And I totally agree, if not every 3 months, at least once a year.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.