Would you like to learn how to configure the OTRS LDAP authentication on Active Directory? In this tutorial, we are going to show you how to authenticate OTRS users using the Active Directory from Microsoft Windows and the LDAP protocol.
• Ubuntu 20
• Ubuntu 19
• Ubuntu 18
• OTRS 6.0.29
OTRS - Related Tutorial:
On this page, we offer quick access to a list of tutorials related to OTRS.
Tutorial Windows - Domain Controller Firewall
• IP - 192.168.15.10
• Operacional System - WINDOWS 2012 R2
• Hostname - TECH-DC01
First, we need to create a Firewall rule on the Windows domain controller.
This firewall rule will allow the OTRS server to query the Active directory.
On the domain controller, open the application named Windows Firewall with Advanced Security
Create a new Inbound firewall rule.
Select the PORT option.
Select the TCP option.
Select the Specific local ports option.
Enter the TCP port 389.
Select the Allow the connection option.
Check the DOMAIN option.
Check the PRIVATE option.
Check the PUBLIC option.
Enter a description to the firewall rule.
Congratulations, you have created the required firewall rule.
This rule will allow the OTRS server to query the Active Directory database.
Tutorial Windows - Domain Account Creation
Next, we need to create at least 2 accounts on the Active Directory database.
The USER01 account will be used to login on OTRS as an agent.
The BIND account will be used to query the Active Directory database.
On the domain controller, open the application named: Active Directory Users and Computers
Create a new account inside the Users container.
Create a new account named: USER01
Password configured to USER01: 123qwe..
This account will be used to authenticate on the OTRS web interface.
Important! An agent account must have the email address specified.
Create a new account named: bind
Password configured to the BIND user: kamisama123..
This account will be used to query the information stored on the Active Directory database.
Congratulations, you have created the required Active Directory accounts.
Tutorial Windows - Domain Group Creation
Next, we need to create a group on the Active Directory.
On the domain controller, open the application named: Active Directory Users and Computers
Create a new group inside the Users container.
Create a new group named: OTRS-AGENTS.
Members of this group will be allowed to authenticate on OTRS as agents.
Important! Add the account USER01 as a member of the OTRS-AGENTS group.
Congratulations, you have created the required Active Directory group.
OTRS - LDAP Authentication on the Active Directory
Edit the OTRS configuration file.
Locate the following area.
Below this area, insert the LDAP authentication configuration.
First, we configured OTRS to authenticate on the Active Directory using LDAP.
Second, we configured OTRS to create a local account every time a user successfully authenticates using an Active Directory account.
In our example, members of the OTRS-AGENTS group will be allowed to login as agents on ORTS.
You need to change the bind credentials to reflect your Network environment.
You need to change the domain information to reflect your Network environment.
Tutorial OTRS - LDAP Authentication
Open your browser and enter the IP address of your web server plus /otrs/.
In our example, the following URL was entered in the Browser:
• http://192.168.15.20/otrs/
The OTRS web interface should be presented.
On the login screen, use the Active Directory account
• Username: user01
• Password: Enter the Active Directory password.
After a successful login, you will be sent to the OTRS Dashboard.
Congratulations! You configured the OTRS authentication to use the Active Directory.
