OTRS and Active Directory …

I had a look at OTRS a few years ago but didn’t get a chance to test it much. To be honest, i remember that i wasn’t really impressed with the interface at the time either. Anyhow, i had reason to be looking at Helpdesk options recently and came across the OTRS website again.  It looks like they changed their interface significantly.

I downloaded, setup a CentOS 6 VM, installed the pre-requisites and installed OTRS. All good. I created a couple of users and agents which all worked well. The next step was to see if i could get AD users to logon without needing to create OTRS user accounts for them all.

This required adding some lines to the Config.pm file in the folder /opt/otrs/kernel. This did not prove as easy as it looked. Unfortunately, i tried some many different combinations of code, i don’t remember exactly how it all went together. Therefore, i have included below the code that is working for me and links to the pages that helped.

1. Added a user to AD and added this user to the group ‘Windows Authorisation Access Group’ in the ‘Builtin’ OU. See this article on TrinityHome.org:


2. See this link for the code i added to the Config.pm file. Obviously, i have changed my specific values to generic ones. It also includes the OTRS pre-existing tags indicating where to place custom code:

Here are most of the pages i used as reference:






I also came across this interesting GUI tool for creating OTRS config for Active Directory. It is in German but Google Translate seemed to do a reasonable job of translation (i think). Anyhow, i didn’t actually try it in the end but include it here for future reference:




  1. Hey,
    I also created a sourceforge-project: https://sourceforge.net/projects/otrsadconfig/
    The description and the program itself are in English.


    1. Thanks Daniel. That looks really good. I’ll definitely download and have a closer look. I expect it would have saved me a bit of time. Next time. I’m guessing the inspiration sprung from similar frustrations to mine.

  2. I would appreciate it, because many people downloaded it but I never got any response e.g. bugs or improvments of any other kind.
    Yeah creating this config file took me a long time, because there are multiple different templates. Furthermore I had to include two ActiveDirectory Domains, this also was a bit difficult. In the end I thought it would make things much easier if I would have had a GUIde ;)
    Thanks a lot

  3. Hi, I am new to otrs but i installed successfully, later i created user and agents it works fine, now i want to connect with AD, what you are explained, i can understand but in AD part i cant understand what to do because i’m unaware of AD. i want to connect OTRS for Agents and users(customer).

    i created two groups are “otrs_allow_A” and otrs_allow_C.

    now “sAMAccountName” is what name i have to give.

    in your attached program what and where i have edit to connect.

    Sorry for asking such a question, i am a new guy to this filed.

    thanks in advance

  4. And i need to install ldap connection in red hat ?

  5. Hello sgkrish007. I’m not sure I can be much help. I didn’t really go any further with this. You say “I’m unaware of AD”. Perhaps I misunderstand but AD means Active Directory. This is the Windows Server directory similar to LDAP. If I recall correctly, I was looking at integrating with AD. If you don’t have AD, then you would need to look at integrating with whatever directory system you use. If you don’t have a directory system, then I guess you do not need to think about integrations. I hope that helps.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: