<br><br><div class="gmail_quote">On Fri, Aug 28, 2009 at 7:20 AM, Kevin Falcone <span dir="ltr"><<a href="mailto:falcone@bestpractical.com">falcone@bestpractical.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="im">On Thu, Aug 27, 2009 at 02:59:03PM -0500, Robert Nesius wrote:<br>
<br>
><br>
> I've installed RT-Extension-LDAPImport and was reading the README. What jumped out at me is<br>
> that there is both a script to run (presumably to bulk-load identities) and a plug-in. I was<br>
> expecting to see a script, but a plugin was unexpected, which lead me to wonder if this module<br>
> is both a method for importing users from ldap, and an on-the-fly authentication and<br>
> user-creation tool too? If so, that implies I don't need the 3rd party ldapauth plug-in I<br>
> already have installed. (I'd rather use a module from Best Practical if I had a choice).<br></div>
<br>
If you look at the script, it is 23 lines long. The plugin is where<br>
the import code is stored and organized, the script is just a wrapper.</blockquote><div><br>I saw that and I get that the script is a wrapper. <br><br>What I was wondering is why the import code is stored in a plug-in and loaded as a plug-in, but I think I figured it out. Basically the import code is working against the objects and subsystems in RT, and needs those objects to exist before it's loaded, so you load your import code indirectly via by simply loading the RT runtime via the RT Module, which inspects RT_SiteConfig.pm, initializes the environment, and then eventually loads your plug-in, thus making your code available to your script within the context of a complete RT runtime environment. <br>
<br>Okay, so I get that now. <br><br>Once I configured the script the first thing I wanted to do was "test the config". I was extremely surprised to see there is no "look before you leap" flag. Rather, just a comment advising "back up your database first", which has this sense of playing russian roulette with a revolver with no empty cylinders. Having looked at the code I can see some ways to work around that. Not cleanly, since "fetch users" and "load users" are sitting inside one api call but it shouldn't be hard to change that. <br>
<br>-Rob<br><br><br> <br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
You still need RT-Authen-ExternalAuth or apache LDAP authentication if<br>
you want to validate passwords against an external source<br>
<br>
-kevin<br>
<div class="im"><br>
><br>
> Just trying to make sure I'm understanding things correctly.<br>
><br>
> Thanks much!<br>
><br>
> -Rob<br>
><br>
</div>> On Tue, Aug 18, 2009 at 12:52 PM, Robert Nesius <[1]<a href="mailto:nesius@gmail.com">nesius@gmail.com</a>> wrote:<br>
<div class="im">><br>
> On Tue, Aug 18, 2009 at 12:50 PM, Kevin Falcone <[2]<a href="mailto:falcone@bestpractical.com">falcone@bestpractical.com</a>> wrote:<br>
><br>
> Have you looked at RT-Extension-LDAPImport ?<br>
> -kevin<br>
><br>
> I had not found my way to it yet! Now that I read the cpan page, that looks very much like<br>
> what I'm looking for.<br>
><br>
> Thanks so much, Kevin. I'll play with this and see how it goes!<br>
</div><div><div></div><div class="h5">_______________________________________________<br>
<a href="http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users" target="_blank">http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users</a><br>
<br>
Community help: <a href="http://wiki.bestpractical.com" target="_blank">http://wiki.bestpractical.com</a><br>
Commercial support: <a href="mailto:sales@bestpractical.com">sales@bestpractical.com</a><br>
<br>
<br>
Discover RT's hidden secrets with RT Essentials from O'Reilly Media.<br>
Buy a copy at <a href="http://rtbook.bestpractical.com" target="_blank">http://rtbook.bestpractical.com</a><br>
</div></div></blockquote></div><br>