[rt-users] Ldap groups and queues permissions
Kenneth Crocker
kenn.crocker at gmail.com
Thu Apr 12 21:26:29 EDT 2012
Cristo,
There are several tables that work in conjunction with privileges, The ACL,
Group, GroupMembers, CacheGroupMembers, Principals, etc.
If you get them out of sync, you are in a world of hurt.
I'd suggest reading about privileges and more about the framework of rights
before putzing around in the database and doing damage you will regret.
There are a couple books out there you can get to help you with this.
Kenn
On Wed, Apr 11, 2012 at 10:52 AM, Thomas Sibley <trs at bestpractical.com>wrote:
> Please keep replies on the list.
>
> On 04/11/2012 01:43 PM, Cristo Bolaños Trujillo wrote:
> > This is interesting: I created user on RT user admin page, but didn't
> > see any change on user permissing.
>
> Take note of the checkbox "Let this user be granted rights (Privileged)"
> which turns a user Privileged or not (Unprivileged).
>
> > After sometime (I don't know really how many and when), user get right
> > permission.
>
> Permissions come from RT's internal system groups, ticket/queue roles,
> and your own custom user groups. You can grant rights to these globally
> or on a specific queue/article/custom field level.
>
> > It looks like cachedgroupmembers table get updated periodically, so, is
> > there any way to force it to refresh immediatelly?
>
> No, it doesn't get updated periodically. It gets updated immediately.
> There's no "refresh". Futzing with the database is the really wrong way
> to go about what you want and will almost certainly lead to you breaking
> RT.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20120412/d091274a/attachment.htm>
More information about the rt-users
mailing list