One of my first tasks at the new gig was to set up an open source ticketing system. We decided on osTicket. My boss said I could use any distro I wanted, the only requirement was that it had to authenticate with AD.
He sent me some links to possibly help get it working, and one was how to set up LDAP authentication in Linux. If you have been reading my blog for a while, then you know that I discovered an even easier way to get Linux to authenticate with AD using Likewise-Open. That was only part of the puzzle though.
We not only had to get Ubuntu (The distro I chose) to authenticate with AD, we had to get osTicket to authenticate with AD using Pam. Here is what we did:
- Installed Likewise-Open using my instructions
- Installed a few packages:
sudo apt-get install php5-imap postfix php5-pam-auth pecl php_pam mcrypt php5-mcrypt
- Modified /include/class.staff.php as follows
sudo nano /var/www/include/class.staff.php
Replace
/*compares user password*/
function check_passwd($password){
return (strlen($this->passwd) && strcmp($this->passwd, MD5($password))==0)?(TRUE):(FALSE);
}
with
/*compares user password*/
function check_passwd($password){
if (pam_auth($this->username, $password, &$error)) {
return TRUE;
} else {
return FALSE;
}
}
- Restarted Apache
- Done!
Also to control spam since anyone in the world can create a ticket with osTicket without authentication, we also added recaptcha using these instructions here: (Captcha in osTicket)
Do you use osTicket? Like it? Dislike it? Do you have it integrating with AD? Did you do the same thing, or do something different? Let us know in the comments.
Special thanks to henkka on the osTicket forum.
NOTE: If you are using osTicket 1.6ST Read my post here: (AD Authentication in osTicket 1.6.0)