[rt-users] RT + VAS + Kerberos + AD
Marcin Stangel
Marcin.Stangel at framestore.com
Wed Feb 18 07:19:37 EST 2009
Hello,
Some time ago I asked you for hints / clues regarding the setup of RT
3.8.1 running on RHEL5, using Vintela Authentication Services (VAS) and
Active Directory + Kerberos.
I just couldn't stop thinking about it, so I kept digging ...
I finally figured out how to configure it to work correctly, so I
decided to share it in case someone else would have similar issue.
first thing RT_SiteConfig.pm
just add these three lines:
Set($WebExternalAuth , 1);
Set($WebFallbackToInternalAuth , 1);
Set($WebExternalAuto , 1);
apache configuration:
in your virtual host definition
(within <Directory ............> ......... </Directory> )
AuthType VAS
AuthName "Systems Support Request Tracker"
AuthVasUseBasic On
AuthVasRemoteUserMap local
Require valid-user
after the </directory> you will need this:
<LocationMatch "/NoAuth">
Satisfy Any
Allow from all
</LocationMatch>
otherwise RT's mailgate will not accept any emails to your RT system.
one final information is, that this setup assumes that you have
installed and configured the following module for your apache:
mod_auth_vas
which is available on http://rc.quest.com
Hope this will save some time to someone :)
regards,
Marcin
More information about the rt-users
mailing list