[rt-users] RT External Authen/LDAP import with AD user names as numeric
Kevin Falcone
falcone at bestpractical.com
Tue Mar 27 18:16:50 EDT 2012
On Tue, Mar 27, 2012 at 03:21:38PM +0530, Murugan wrote:
> If i could Prefix a string,can i use AD authentication ?Can you guide me with that hack
> ?thanks in advance
You'll need to search the mailing list archives, I've not configured
RT like this so I'm not sure what you'll need to do.
-kevin
> On Mon, Mar 26, 2012 at 7:15 PM, Kevin Falcone <[1]falcone at bestpractical.com> wrote:
>
> On Sat, Mar 24, 2012 at 03:59:27PM +0530, Murugan wrote:
> > I am new to RT and installed RT4.05 in Ubuntu 11.10 with RT External authentication.Active
> > Directory users whose login ID is numeric(say 0001234 which will be their employee id )
> cannot
> > log in in RT(user names not created in RT).
> > All others whose AD Login ID are alphabet/alphanumeric(like b001) can log in (user name
> > created in RT).
> > I tried LDAP import also and it fails fails with messages like
> > [warning]: Skipping user '0003503', as it is numeric
> > (/opt/rt4/local/plugins/RT-Extension-LDAPImport/lib/RT/Extension/LDAPImport.pm:969)
> >
> > Is there any way to authenticate or import users from LDAP without changing AD user names?
>
> If you search the list archives, you'll find people who've hacked up
> RT-Authen-ExternalAuth or LDAPImporter to handle number usernames by
> prefixing a string. RT does not allow numeric usernames, so this is a
> required workaround. I don't think we've received a patch to make
> that feature core in RT-Authen-ExternalAuth or the LDAPImporter.
>
> -kevin
>
> > This is my RT External Auth Config file
> >
> > Set($ExternalAuthPriority, [ 'My_LDAP' ] );
> > Set($ExternalInfoPriority, [ 'My_LDAP' ] );
> > Set($ExternalServiceUsesSSLorTLS, 0);
> > Set($AutoCreateNonExternalUsers, 0);
> >
> > Set($ExternalSettings, {
> > 'My_LDAP' => {
> >
> > 'type' => 'ldap',
> > 'server' => '[1][2]serverr.domain.com',
> > 'user' => 'cn=RT,ou=ouname,dc=example,dc=com',
> > 'pass' => 'Welcome123',
> > 'base' => 'dc=example,dc=com',
> >
> > 'filter' => '(&(ObjectCategory=User)(ObjectClass=Person))',
> > 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
> >
> > 'tls' => 0,
> > # 'ssl_version' => 3,
> >
> > 'net_ldap_args' => [ version => 3 ],
> > # 'group' => 'cn=RT Users,dc=sps,dc=co,dc=in',
> > # 'group_attr' => 'member',
> >
> > 'attr_match_list' => [ 'Name','EmailAddress' ],
> > 'attr_map' => { 'Name' => 'sAMAccountName',
> > 'EmailAddress' => 'mail',
> > 'Organization' => 'physicalDeliveryOfficeName',
> > 'RealName' => 'cn',
> > 'ExternalAuthId' => 'AMAccountName',
> > 'Gecos' => 'sAMAccountName',
> > 'WorkPhone' => 'telephoneNumber',
> > 'Address1' => 'streetAddress',
> > 'City' => 'l',
> > 'State' => 'st',
> > 'Zip' => 'postalCode',
> > 'Country' => 'co'
> > }
> >
> > In RT_Site Config.PM
> >
> > Set(@Plugins, qw(RT::Authen::ExternalAuth
> > RTx::Calendar
> > RT::Extension::JSGantt
> > RT::Extension::QuickCalls
> > RT::Extension::SLA
> > RTx::TicketlistTransactions
> > RT::Extension::Utils
> > RTx::WorkflowBuilder
> > RT::Extension::NotifyOwners));
> >
> > require "/opt/rt4/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm";
> > Set($AutoCreate, {Privileged => 1});
> >
> > Am i missing something ?
> >
> > Regards
> > Murugan
> >
> > References
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20120327/707fa217/attachment.sig>
More information about the rt-users
mailing list