<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Kevin,<br>
<br>
Yes, I am using LDAP and yes, we are on 3.6.4. I tried turning that
switch on "Set($LdapAutoCreateNonLdapUsers, 1);" and it didn't work.
Earlier in this thread, User_Vendor.pm was mentioned and I went looking
for some of this stuff. I tried to find "<br>
<pre wrap="">/opt/rt3/local/html/Callbacks/ExternalAuth/autohandler/Auth" and could not. What I found was:
-bash-3.00$ cd Callbacks<o:p></o:p>
-bash-3.00$ ls -l<o:p></o:p>
total 16<o:p></o:p>
drwxr-xr-x<span style=""> </span>3 rt<span style=""> </span>rt<span
style=""> </span>4096 Feb<span style=""> </span>6<span style=""> </span>2008 LDAP<o:p></o:p>
drwxr-xr-x<span style=""> </span>4 rt<span style=""> </span>rt<span
style=""> </span>4096 Jan 29<span style=""> </span>2008 RTx-RightsMatrix
I DID find Auth here:"opt/rt3/local/html/Callbacks/LDAP/autohandler/".
Am I missing some software that I need to change or refer to?
Thanks.
Kenn
LBNL
</pre>
On 5/14/2009 6:53 AM, Kevin Falcone wrote:
<blockquote
cite="mid:68926EEF-13CF-45B0-99A0-87666E920E60@bestpractical.com"
type="cite">
<pre wrap="">I read the rt-users mailing list, its ok to send mail to just the list,
rather than CCing me
On May 13, 2009, at 5:18 PM, Ken Crocker wrote:
</pre>
<blockquote type="cite">
<pre wrap=""> Thank you so much for answering. I looked through our
RT_Config.pm file and did not see any reference to either
"RT::User::CanonicalizeUserInfo"
</pre>
</blockquote>
<pre wrap=""><!---->
This is a method on the RT::User where you can customize what RT does
on user creation,
you'll need to override and tweak it.
It should already be overridden in User_Vendor.pm by the LDAP overlay
you're
using and you could add changes there.
</pre>
<blockquote type="cite">
<pre wrap="">or "RT::Authen::ExternalAuth". Where do I find them and how do I set
them?
</pre>
</blockquote>
<pre wrap=""><!---->
This is a perl module that implements LDAP auth, since you didn't tell
us your
RT version or how you were doing LDAP I had to do some guessing
It appears you're using the older overlay method (probably with 3.6)
</pre>
<blockquote type="cite">
<pre wrap=""> Our current applicable LDAP settings (in RT_SiteConfig.pm) are
as follows:
• Set($AuthMethods, ['LDAP', 'Internal']);
• Set($LdapExternalAuth, 1);
• Set($LdapExternalInfo, 1);
</pre>
</blockquote>
<pre wrap=""><!---->
This variable change name slightly between the Overlay and the
formal extension
</pre>
<blockquote type="cite">
<pre wrap=""> • Set($LdapAutoCreateNonLdapUsers, 0);
</pre>
</blockquote>
<pre wrap=""><!---->
Try changing it to 1, it should let you create users that
aren't in LDAP
-kevin
</pre>
<blockquote type="cite">
<pre wrap=""> •
Set($LdapAttrMap, {'Name' => 'uid',
'EmailAddress' => 'mail',
'Organization' => 'o',
'RealName' => 'cn',
'ExternalContactInfoId' => 'dn',
'ExternalAuthId' => 'lblempnum',
'Gecos' => 'uid',
'WorkPhone' => 'telephonenumber',
'Address1' => 'lblmailstop',
'Address2' => 'postaladdress'}
);
• Set($LdapRTAttrMatchList, ['ExternalContactInfoId', 'Name',
'EmailAddress', 'RealName', 'ExternalAuthId', 'WorkPhone',
'Address2']);
• Set($LdapEmailAttrMatchList, ['uid']);
• Set($LdapEmailAttrMatchPrefix, [''] );
• Set($LdapTLS, 1);
• Set($LdapSSLVersion, 3);
Do I have all the LDAP settings I need? Do I need to add one?
Change one?
THANK you!
Kenn
LBNL
On 5/13/2009 1:12 PM, Kevin Falcone wrote:
</pre>
<blockquote type="cite">
<pre wrap="">On May 13, 2009, at 12:48 PM, Ken Crocker wrote:
</pre>
<blockquote type="cite">
<pre wrap="">To any and all,
I've asked this question before, but perhaps I didn't word it so
it made any sense. When we add a 'CC' on any correspondance thru a
ticket, we find that if the user is not an RT User, as long as they
pass the LDAP test, they get added, with their email address as
their Id (NAME field). First question is:
How do we get RT to drop the '@xxx.xxx' from the Id is uses for
"NAME" on the USER Table.
</pre>
</blockquote>
<pre wrap="">You can use RT::User::CanonicalizeUserInfo to munge the Name,
assuming
you're
not using RT::Authen::ExternalAuth which already overrides this.
</pre>
<blockquote type="cite">
<pre wrap=""> Secondly, how do we get RT to add a 'CC' to the USER table as an
"unprivileged" user if they do NOT pass the LDAP test?
</pre>
</blockquote>
<pre wrap="">You don't say how you're doing LDAP auth so answering this is hard.
If you're using RT::Authen::ExternalAuth you want to check your
setting of
AutoCreateNonExternalUsers
-kevin
_______________________________________________
<a class="moz-txt-link-freetext" href="http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users">http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users</a>
Community help: <a class="moz-txt-link-freetext" href="http://wiki.bestpractical.com">http://wiki.bestpractical.com</a>
Commercial support: <a class="moz-txt-link-abbreviated" href="mailto:sales@bestpractical.com">sales@bestpractical.com</a>
Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
Buy a copy at <a class="moz-txt-link-freetext" href="http://rtbook.bestpractical.com">http://rtbook.bestpractical.com</a>
</pre>
</blockquote>
</blockquote>
<pre wrap=""><!---->
_______________________________________________
<a class="moz-txt-link-freetext" href="http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users">http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users</a>
Community help: <a class="moz-txt-link-freetext" href="http://wiki.bestpractical.com">http://wiki.bestpractical.com</a>
Commercial support: <a class="moz-txt-link-abbreviated" href="mailto:sales@bestpractical.com">sales@bestpractical.com</a>
Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
Buy a copy at <a class="moz-txt-link-freetext" href="http://rtbook.bestpractical.com">http://rtbook.bestpractical.com</a>
</pre>
</blockquote>
</body>
</html>