[rt-users] RES: [*****SPAM*****] Re: RES: Re: RES: Re: RES: Re: RT External Auth and uid problem

Kevin Falcone falcone at bestpractical.com
Mon Oct 3 15:57:26 EDT 2011


On Mon, Oct 03, 2011 at 04:51:03PM -0300, Luciano Ernesto da Silva wrote:
> The patch is here:
> 
> http://pastebin.com/W8N5PcnF
> 
> I tried  to get a bitcard account, but didn't receive the confirmation.

You can use mail if that's easier (just send mail to the address on
that rt.cpan.org page)

-kevin

> -----Mensagem original-----
> De: rt-users-bounces at lists.bestpractical.com
> [mailto:rt-users-bounces at lists.bestpractical.com] Em nome de Kevin
> Falcone
> Enviada em: segunda-feira, 3 de outubro de 2011 15:46
> Para: rt-users at lists.bestpractical.com
> Assunto: [*****SPAM*****] Re: [rt-users] RES: Re: RES: Re: RES: Re: RT
> External Auth and uid problem
> 
> On Mon, Oct 03, 2011 at 03:38:53PM -0300, Luciano Ernesto da Silva
> wrote:
> > Hello,
> > 
> > I worked in a solution, modifying the file ExternalAuth.pm in 
> > /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ and seems
> 
> > to work fine.
> > In this case, only work with local auth and LDAP with UID. It prefix 
> > the uid number with letter a, and remove it where is necessary.
> > 
> > Here's the mofifications if someone need it in future: 
> > 
> > http://pastebin.com/4qZ5vbsM
> > 
> > If you want, I can post in the wikia page too.
> 
> It'd be great if you sent a diff of this to the relevant bug queue so it
> could be looked at and possibly made into an optional config.
> 
> https://rt.cpan.org/Public/Bug/Report.html?Queue=RT-Authen-ExternalAuth
> 
> -kevin
> 
> > -----Mensagem original-----
> > De: rt-users-bounces at lists.bestpractical.com
> > [mailto:rt-users-bounces at lists.bestpractical.com] Em nome de Kevin 
> > Falcone Enviada em: quarta-feira, 24 de agosto de 2011 14:52
> > Para: rt-users at lists.bestpractical.com
> > Assunto: [*****SPAM*****] Re: [rt-users] RES: Re: RES: Re: RT External
> 
> > Auth and uid problem
> > 
> > On Wed, Aug 24, 2011 at 02:22:35PM -0300, Luciano Ernesto da Silva
> > wrote:
> > > I will try prefix the numeric username with a character. I don't 
> > > know where start. Can you tell me what functions are involved in 
> > > user creation?
> > 
> > As I said earlier
> > 
> > >> In the past, people have prefixed numeric usernames with a 
> > >> character,
> > 
> > >> but since I've never had to do that, I do not know the best way to 
> > >> do
> > 
> > >> it.
> > 
> > -kevin
> > 
> > > I think I would have to map the authentication, including a 
> > > character "a" internally before the number and "a" on creation.
> > > 
> > > Luciano
> > > 
> > > -----Mensagem original-----
> > > De: rt-users-bounces at lists.bestpractical.com
> > > [mailto:rt-users-bounces at lists.bestpractical.com] Em nome de Kevin 
> > > Falcone Enviada em: quarta-feira, 24 de agosto de 2011 13:42
> > > Para: rt-users at lists.bestpractical.com
> > > Assunto: Re: [rt-users] RES: Re: RT External Auth and uid problem
> > > 
> > > On Wed, Aug 24, 2011 at 12:26:26PM -0300, Luciano Ernesto da Silva
> > > wrote:
> > > > Kevin,
> > > > 
> > > > Ok, I understand, I will not touch the extension. But is there a 
> > > > way
> > 
> > > > to overlay creation of privileged users and allow 'Name' with 
> > > > numeric field? We have many services that use LDAP and users just 
> > > > use the
> > > 
> > > RT does not support numeric usernames.
> > > Changing that would require significant code churn.
> > > 
> > > -kevin
> > > 
> > > > uid(numeric) and password. 
> > > > Would be more friendly keep the same method. 
> > > > The last option would use Name = > 'mail' in 'attr_map', but I 
> > > > don't
> > 
> > > > think this a good solution.
> > > > 
> > > > 
> > > > -----Mensagem original-----
> > > > De: rt-users-bounces at lists.bestpractical.com
> > > > [mailto:rt-users-bounces at lists.bestpractical.com] Em nome de Kevin
> 
> > > > Falcone Enviada em: quarta-feira, 24 de agosto de 2011 11:13
> > > > Para: rt-users at lists.bestpractical.com
> > > > Assunto: Re: [rt-users] RT External Auth and uid problem
> > > > 
> > > > On Wed, Aug 24, 2011 at 10:54:22AM -0300, Luciano Ernesto da Silva
> > > > wrote:
> > > > >
> > > > 'attr_match_list'           => [
> > > > >    'Name',  'EmailAddress',  'RealName'],
> > > > > 
> > > > >                                                            # The
> > > > mapping of RT attributes on to
> > > > >    LDAP attributes
> > > > > 
> > > > >
> > > 'attr_map'
> > > > =>  {
> > > > >    'Name' => 'uid', 'EmailAddress' => 'mail',  'RealName' => 
> > > > > 'cn',
> > 
> > > > > 'ExternalAuthId' => 'uid' }
> > > > > 
> > > > > 
> > > > > 
> > > > >    In the extension ExternalAuth I changed all  the strings
> "Name"
> > 
> > > > > for
> > > > "NickName" and seems work,
> > > > >    but I still cant't create users.
> > > > 
> > > > Do you meant you literally replaced all occurrences of Name with 
> > > > NickName in the extension?  That will never work.
> > > > 
> > > > If you have a non-numeric field, just fix attr_map so that Name =>
> 
> > > > 'non_numeric_ldap_field'
> > > > 
> > > > Also, you almost certainly don't want attr_match_list to consider 
> > > > RealName to be unique.  That would mean that you can't have two 
> > > > users in RT with the name Kevin Falcone since the extension will 
> > > > try
> > 
> > > > to resolve them to the same AD user.
> > > > 
> > > > -kevin
> > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > >    I thought a solution creating a local/lib overlay for create 
> > > > > a user
> > > > with NickName to use as
> > > > >    uid number, and keep RealName for cn, and EmailAdddress for
> > mail.
> > > > > 
> > > > > 
> > > > > 
> > > > >    What function in lib is used to create the users? Can you 
> > > > > give me
> > > > some tips?
> > > > > 
> > > > > 
> > > > > 
> > > > >    Thanks for your help,
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > >    Luciano Silva
> > > > > 
> > > > >    [1]Luciano at cpd.ufrgs.br
> > > > > 
> > > > > References
> > > > > 
> > > > >    Visible links
> > > > >    1. mailto:Luciano at cpd.ufrgs.br
> > > > 
> > > > > --------
> > > > > RT Training Sessions
> > > > > (http://bestpractical.com/services/training.html)
> > > > > *  Chicago, IL, USA ? September 26 & 27, 2011
> > > > > *  San Francisco, CA, USA ? October 18 & 19, 2011
> > > > > *  Washington DC, USA ? October 31 & November 1, 2011
> > > > > *  Melbourne VIC, Australia ? November 28 & 29, 2011
> > > > > *  Barcelona, Spain ? November 28 & 29, 2011
> > > > 
> > > > --------
> > > > RT Training Sessions
> > > > (http://bestpractical.com/services/training.html)
> > > > *  Chicago, IL, USA  September 26 & 27, 2011
> > > > *  San Francisco, CA, USA  October 18 & 19, 2011
> > > > *  Washington DC, USA  October 31 & November 1, 2011
> > > > *  Melbourne VIC, Australia  November 28 & 29, 2011
> > > > *  Barcelona, Spain  November 28 & 29, 2011
> > > --------
> > > RT Training Sessions 
> > > (http://bestpractical.com/services/training.html)
> > > *  Chicago, IL, USA  September 26 & 27, 2011
> > > *  San Francisco, CA, USA  October 18 & 19, 2011
> > > *  Washington DC, USA  October 31 & November 1, 2011
> > > *  Melbourne VIC, Australia  November 28 & 29, 2011
> > > *  Barcelona, Spain  November 28 & 29, 2011
> > --------
> > RT Training Sessions (http://bestpractical.com/services/training.html)
> > *  San Francisco, CA, USA  October 18 & 19, 2011
> > *  Washington DC, USA  October 31 & November 1, 2011
> > *  Melbourne VIC, Australia  November 28 & 29, 2011
> > *  Barcelona, Spain  November 28 & 29, 2011


> --------
> RT Training Sessions (http://bestpractical.com/services/training.html)
> *  San Francisco, CA, USA ? October 18 & 19, 2011
> *  Washington DC, USA ? October 31 & November 1, 2011
> *  Melbourne VIC, Australia ? November 28 & 29, 2011
> *  Barcelona, Spain ? November 28 & 29, 2011

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20111003/f586e8e7/attachment.sig>


More information about the rt-users mailing list