[Rt-devel] Revised LDAP Overlay for RT3

Ruediger Riediger ruediger.riediger at Sun.COM
Tue Dec 21 09:19:51 EST 2004 

Hello RT3 users & developers,
hello Jesse,

I have brushed up the LDAP Overlay which is/was posted as a link on the 
twiki. Mainly, I have revised the code, eliminated some bugs, moved 
things where they belong so they are now ..._Local.pm and can be stored 
in /opt/rt3/local/..., and added some functionality (see RT_SiteConfig.pm).

* supports TLS
   => set '$LdapCert' to certificate attributes (just the subject will
      be checked) or '$LdapCertDir' (checks vs. a CA certificate)
* uses a LDAP-to-RT3 attribute map in the config
* creates users on the fly when a new user
   - sends email
   - logs in for the first time
   - is added as watcher
   => $LDAPExternalAuto
* provides a separate tool which can be run via cron to update the
   information in the RT3 user database from LDAP
   => rt_ldap2user.pl
* internal (RT3) passwords can overwrite LDAP passwords: if the RT3
   password is set, only this password will be accepted, even if the
   LDAP password would be valid
   => $LDAPInternalAuthRequired

All custom code is wrapped with "LDAP Overlay" comment, so if there is a 
new revision, code changes can be easily adopted. It's GPL2, no support, 
use at your own risk, etc.

This was developed on RT3.0.11, so all functions are based on code from 
this revision.

Best regards,

	Ruediger Riediger

-- 
Dr. Ruediger Riediger                              Sun Microsystems GmbH
NSG - SunCERT                                             Komturstr. 18a
mailto:Ruediger.Riediger at Sun.com                          D-12099 Berlin
------------------------------------------------------------------------
NOTICE:  This email message is for the sole use of the intended
recipient(s) and may contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution is prohibited.
If you are not the intended recipient, please contact the sender by
reply email and destroy all copies of the original message.
------------------------------------------------------------------------
PGP 2048RSA/0x2C5020E9          964C E189 0FF0 8882  2BAB 65E2 6912 1FF2
------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: LDAP1.0_RT3.tar.gz
Type: application/x-tar
Size: 9390 bytes
Desc: not available
Url : http://bestpractical.com/pipermail/rt-devel/attachments/20041221/3114a845/LDAP1.0_RT3.tar-0001.tar

More information about the Rt-devel mailing list