<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"><meta name="Generator" content="Microsoft Word 12 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
span.EmailStyle17
        {mso-style-type:personal-compose;
        font-family:"Calibri","sans-serif";
        color:windowtext;}
.MsoChpDefault
        {mso-style-type:export-only;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
--></style></head><body lang="EN-US" link="blue" vlink="purple"><div class="WordSection1"><p class="MsoNormal">Good Afternoon,</p><p class="MsoNormal"> </p><p class="MsoNormal">I have been working to figure this out for a while and I am just not sure what I am not doing wrong and I am unable to find much information on this on the web.  I am running Request Tracker 3.8.7 on Ubuntu 10.04 with MySQL 5.0.92 and Apache 2.2.14 with mod perl 2.0.4.  I have RT::Authen::ExternalAuth configured and I am able to send an email as a user and they are then able to log in and view their ticket.  However, I would like to set up some of the users as privileged users as they are the queue managers but they are not showing in the Configuration/Users screen.  I have Set($AutoCreate, {Privileged => 1}); so I thought I would be able to at least edit my users, but they are not showing up.  My RTSiteConfig.pm is below with the personal info obscured.  If anyone can help that would be greatly appreciated.  Thanks!</p>
<p class="MsoNormal"> </p><p class="MsoNormal">April</p><p class="MsoNormal"> </p><p class="MsoNormal"># This file was generated by running "update-rt-siteconfig-3.8".</p><p class="MsoNormal">#</p><p class="MsoNormal">
# While local modifications will not be overwritten without permission,</p><p class="MsoNormal"># it is recommended the they are instead placed in</p><p class="MsoNormal"># /etc/request-tracker3.8/RT_SiteConfig.d</p><p class="MsoNormal">
#</p><p class="MsoNormal"># Note that modifications to the RT_SiteConfig.d directory won't</p><p class="MsoNormal"># take effect until the update command mentioned above is run again.</p><p class="MsoNormal"> </p><p class="MsoNormal">
# start /etc/request-tracker3.8/RT_SiteConfig.d/40-timezone</p><p class="MsoNormal"># dynamically find out the current timezone</p><p class="MsoNormal">my $zone = "UTC";</p><p class="MsoNormal">$zone=`/bin/cat /etc/timezone`</p>
<p class="MsoNormal">    if -f "/etc/timezone";</p><p class="MsoNormal">chomp $zone;</p><p class="MsoNormal">Set($Timezone, $zone);</p><p class="MsoNormal"># end   /etc/request-tracker3.8/RT_SiteConfig.d/40-timezone</p>
<p class="MsoNormal"># start /etc/request-tracker3.8/RT_SiteConfig.d/50-debconf</p><p class="MsoNormal"># THE BASICS:</p><p class="MsoNormal"> </p><p class="MsoNormal">Set($rtname, 'tickets');</p><p class="MsoNormal">
Set($Organization, ' XXXXXX ');</p><p class="MsoNormal"> </p><p class="MsoNormal">Set($CorrespondAddress , ' XXXXXX ');</p><p class="MsoNormal">Set($CommentAddress , ' XXXXXX ');</p><p class="MsoNormal">
 </p><p class="MsoNormal">Set($WebExternalAuth , '1');</p><p class="MsoNormal">Set($WebFallbackToInternalAuth , '1');</p><p class="MsoNormal">Set($WebExternalGecos , undef);</p><p class="MsoNormal">Set($WebExternalAuto , '1');</p>
<p class="MsoNormal"> </p><p class="MsoNormal">Set($MaxAttachmentSize , 10000000);</p><p class="MsoNormal"> </p><p class="MsoNormal">Set($FriendlyFromLineFormat, "\"%s\" <%s>");</p><p class="MsoNormal">
 </p><p class="MsoNormal">Set( @Plugins, qw(RT::Authen::ExternalAuth) );</p><p class="MsoNormal"> </p><p class="MsoNormal"># THE WEBSERVER:</p><p class="MsoNormal"> </p><p class="MsoNormal">Set($WebPath , "/rt");</p>
<p class="MsoNormal">Set($WebBaseURL , "http:// XXXXXX ");</p><p class="MsoNormal"> </p><p class="MsoNormal"># end   /etc/request-tracker3.8/RT_SiteConfig.d/50-debconf</p><p class="MsoNormal"># start /etc/request-tracker3.8/RT_SiteConfig.d/51-dbconfig-common</p>
<p class="MsoNormal"># THE DATABASE:</p><p class="MsoNormal"># generated by dbconfig-common</p><p class="MsoNormal"> </p><p class="MsoNormal"># map from dbconfig-common database types to their names as known by RT</p><p class="MsoNormal">
my %typemap = (</p><p class="MsoNormal">    mysql   => 'mysql',</p><p class="MsoNormal">    pgsql   => 'Pg',</p><p class="MsoNormal">    sqlite3 => 'SQLite',</p><p class="MsoNormal">);</p>
<p class="MsoNormal"> </p><p class="MsoNormal">Set($DatabaseType, $typemap{mysql} || "UNKNOWN");</p><p class="MsoNormal"> </p><p class="MsoNormal">Set($DatabaseHost, 'localhost');</p><p class="MsoNormal">
Set($DatabasePort, '');</p><p class="MsoNormal"> </p><p class="MsoNormal">Set($DatabaseUser , ' XXXXXX ');</p><p class="MsoNormal">Set($DatabasePassword , ' XXXXXX ');</p><p class="MsoNormal"> </p>
<p class="MsoNormal"># SQLite needs a special case, since $DatabaseName must be a full pathname</p><p class="MsoNormal">my $dbc_dbname = 'rtdb'; if ( "mysql" eq "sqlite3" ) { Set ($DatabaseName, '' . '/' . $dbc_dbname); } else { Set ($DatabaseName, $dbc_dbname); }</p>
<p class="MsoNormal"># end   /etc/request-tracker3.8/RT_SiteConfig.d/51-dbconfig-common</p><p class="MsoNormal">1;</p><p class="MsoNormal"># The order in which the services defined in ExternalSettings</p><p class="MsoNormal">
# should be used to authenticate users. User is authenticated</p><p class="MsoNormal"># if successfully confirmed by any service - no more services</p><p class="MsoNormal"># are checked.</p><p class="MsoNormal">Set($ExternalAuthPriority,  [   'My_LDAP' ] );</p>
<p class="MsoNormal"> </p><p class="MsoNormal"># The order in which the services defined in ExternalSettings</p><p class="MsoNormal"># should be used to get information about users. This includes</p><p class="MsoNormal"># RealName, Tel numbers etc, but also whether or not the user</p>
<p class="MsoNormal"># should be considered disabled.</p><p class="MsoNormal">#</p><p class="MsoNormal"># Once user info is found, no more services are checked.</p><p class="MsoNormal">#</p><p class="MsoNormal"># You CANNOT use a SSO cookie for authentication.</p>
<p class="MsoNormal">Set($ExternalInfoPriority,  [   'My_LDAP' ] );</p><p class="MsoNormal"> </p><p class="MsoNormal"># If this is set to true, then the relevant packages will</p><p class="MsoNormal"># be loaded to use SSL/TLS connections. At the moment,</p>
<p class="MsoNormal"># this just means "use Net::SSLeay;"</p><p class="MsoNormal">Set($ExternalServiceUsesSSLorTLS,    0);</p><p class="MsoNormal"> </p><p class="MsoNormal"># If this is set to 1, then users should be autocreated by RT</p>
<p class="MsoNormal"># as internal users if they fail to authenticate from an</p><p class="MsoNormal"># external service.</p><p class="MsoNormal">Set($AutoCreateNonExternalUsers,    0);</p><p class="MsoNormal">Set($AutoCreate, {Privileged => 1});</p>
<p class="MsoNormal"> </p><p class="MsoNormal"># These are the full settings for each external service as a HashOfHashes</p><p class="MsoNormal"># Note that you may have as many external services as you wish. They will</p>
<p class="MsoNormal"># be checked in the order specified in the Priority directives above.</p><p class="MsoNormal"># e.g.</p><p class="MsoNormal">#Set(ExternalAuthPriority,['My_LDAP']);</p><p class="MsoNormal">#</p>
<p class="MsoNormal">Set($ExternalSettings,      {   # AN EXAMPLE LDAP SERVICE</p><p class="MsoNormal">                                'My_LDAP'       =>  {</p><p class="MsoNormal">                                                        'type'                      =>  'ldap',</p>
<p class="MsoNormal">                                                        'server'                    =>  ' XXXXXX ',</p><p class="MsoNormal">                                                        'user'                      =>  ' XXXXXX ',</p>
<p class="MsoNormal">                                                        'pass'                    =>  ' XXXXXX ',</p><p class="MsoNormal">                                                        'base'                      =>  ' XXXXXX ',</p>
<p class="MsoNormal">                                                        #</p><p class="MsoNormal">                                                        # ALL FILTERS MUST BE VALID LDAP FILTERS ENCASED IN PARENTHESES!</p>
<p class="MsoNormal">                                                        # YOU **MUST** SPECIFY A filter AND A d_filter!!</p><p class="MsoNormal">                                                        #</p><p class="MsoNormal">
                                                        # The filter to use to match RT-Users</p><p class="MsoNormal">                                                        'filter'                    =>  '(&(ObjectCategory=User)(ObjectClass=Person))',</p>
<p class="MsoNormal">                                                        #</p><p class="MsoNormal">                                                        # The filter that will only match disabled users</p><p class="MsoNormal">
                                                        'd_filter'                  =>  '(userAccountControl:1.2.840.113556.1.4.803:=2)',</p><p class="MsoNormal">                                                        #</p>
<p class="MsoNormal">                                                        'tls'                       =>  0,</p><p class="MsoNormal">                                                        'ssl_version'               =>  3,</p>
<p class="MsoNormal">                                                        'net_ldap_args'             => [    version =>  3   ],</p><p class="MsoNormal">                                                        # Does authentication depend on group membership? What group name?</p>
<p class="MsoNormal">                                                        #'group'                     =>  'cn=Domain Users,cn=Users,dc=ad,dc=yelpcorp,dc=com',</p><p class="MsoNormal">                                                        # What is the attribute for the group object that determines membership?</p>
<p class="MsoNormal">                                                        #'group_attr'                =>  'member',</p><p class="MsoNormal">                                                        ## RT ATTRIBUTE MATCHING SECTION</p>
<p class="MsoNormal">                                                        # The list of RT attributes that uniquely identify a user</p><p class="MsoNormal">                                                        # This example shows what you *can* specify.. I recommend reducing this</p>
<p class="MsoNormal">                                                        # to just the Name and EmailAddress to save encountering problems later.</p><p class="MsoNormal">                                                        'attr_match_list'           => [ 'EmailAddress' ],</p>
<p class="MsoNormal">                                                        # The mapping of RT attributes on to LDAP attributes</p><p class="MsoNormal">                                                        'attr_map'                  =>  {   'Name' => 'sAMAccountName',</p>
<p class="MsoNormal">                                                                                            'EmailAddress' => 'mail',</p><p class="MsoNormal">                                                                                            'Organization' => 'physicalDeliveryOfficeName',</p>
<p class="MsoNormal">                                                                                            'RealName' => 'cn',</p><p class="MsoNormal">                                                                                            'ExternalAuthId' => 'sAMAccountName',</p>
<p class="MsoNormal">                                                                                            'Gecos' => 'sAMAccountName',</p><p class="MsoNormal">                                                                                            'WorkPhone' => 'telephoneNumber',</p>
<p class="MsoNormal">                                                                                            'Address1' => 'streetAddress',</p><p class="MsoNormal">                                                                                            'City' => 'l',</p>
<p class="MsoNormal">                                                                                            'State' => 'st',</p><p class="MsoNormal">                                                                                            'Zip' => 'postalCode',</p>
<p class="MsoNormal">                                                                                            'Country' => 'co'</p><p class="MsoNormal">                                                                                        }</p>
<p class="MsoNormal">                                                    }</p><p class="MsoNormal">                                }</p><p class="MsoNormal">);</p><p class="MsoNormal"> </p><p class="MsoNormal">1;</p></div>
</body></html>