[rt-users] RT::Authen::ExternalAuth problem

Mike Peachey mike.peachey at jennic.com
Mon Sep 22 10:28:03 EDT 2008


David Mackintosh wrote:
> On Fri, Sep 19, 2008 at 03:40:51PM -0400, David Mackintosh wrote:
> 
>> So my definitions look like:
>>
>> [...]
>>
>>     'base' => 'ou=Users,ou=ABC,dc=abcsystems,dc=com',
>>     'filter' => '(objectclass=Person)',
>>     'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
>>     'group' => 'Request Tracker Users',
>>
>> [...]
> 
> Partially working: if I change 'base' to 'dc=abcsystems,dc=com', and
> comment out the 'group' field, I can log in with my AD credentials. 

It's the commenting out the group that will do it, your base was fine so
long as it reflects actual OUs in your AD config.

> So now my only authentication problem is how to specify the 'group'
> parameter.  

As before, try specifying the full container id.

> 
> I did notice when poking around that the AD user has no privileges by
> default except to create a new ticket

Set($AutoCreate,                        {Privileged => 0});
Autocreated users are unprivileged.

Set($AutoCreate,                        {Privileged => 1});
Autocreated users are privileged.


> -- and this user doesn't appear
> in the RT user list such that I can apply privileges to it.  Is there
> a link someone can provide that can show me what privs I need to
> assign, and where, to get going?

This is simply a misunderstanding. By default, the list of users only
shows privileged users because in many RT installations there may be
thousands or millions of users who've raised support tickets, but only a
few users that are support staff that might need to be played around with.

In the users search page, try specifying this search precisely:

"Find users whose username isn't farfegnugen"

That should show you all users and then allow you to modify them.
-- 
Kind Regards,

__________________________________________________

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com
__________________________________________________



More information about the rt-users mailing list