[Rt-devel] LDAP Authentication module does not place users under "Everyone"

n.chrysandreas at albourne.com n.chrysandreas at albourne.com
Mon Nov 23 05:00:50 EST 2009


Hi, 

I've configured RT (3.8.5) to authenticate users using LDAP by adding the plugin RT::Authen::ExternalAuth.
My problem is that no user is under the global group "Everyone", thus any permissions I give to the Everyone group does not get applied to all (or any) of the users. 
The same thing goes with the "Unprivileged" group.
I have read somewhere that the authentication module does not place users under the right groups as it should.
Has anyone faced the same problem? Any suggestions how I can get around it? 


Thanks in advance for the help
Nik



My RT_SiteConfig.pm configuration (only the part concerning the problem) :

Set(@Plugins,(qw(RT::Authen::ExternalAuth)));
Set($AutoCreate, {Privileged => 0});
Set($WebExternalAuth , 1);
Set($WebFallbackToInternalAuth , true);
Set($WebExternalAuto , 1);
Set($ExternalInfoPriority, ['My_LDAP']);
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalAuthPriority,['My_LDAP']);

Set($ExternalSettings, {'My_LDAP' => {
                                'type' => 'ldap',
                                'auth' => 1,
                                'info' => 1,
                                'server' => 'server_hostname',
                                'user' => 'defined',
                                'pass' => 'defined',
                                'base' => 'defined',
                                'filter' => '(objectclass=Person)',
                                'd_filter' => '(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))',
                                'tls' => 0,
                               'net_ldap_args' => [ version => 3 ],
                                'group' => '',
                               'group_attr' => '',
                               'attr_match_list' => [ 'Name',
                                                'EmailAddress',
                                                'RealName',
                                                'WorkPhone',
                                                'Address2'],
                                'attr_map' => { 'Name' => 'sAMAccountName',
                                                'EmailAddress' => 'mail',
                                                'Organization' => 'physicalDeliveryOfficeName',
                                                'RealName' => 'cn',
                                                'ExternalAuthId' => 'sAMAccountName',
                                                'Gecos' => 'sAMAccountName',
                                                'WorkPhone' => 'telephoneNumber',
                                                'Address1' => 'streetAddress',
                                                'City' => 'l',
                                                'State' => 'st',
                                                'Zip' => 'postalCode',
                                                'Country' => 'co'
                                                }
                                        }
                        }
);
1;


More information about the Rt-devel mailing list