[Rt-devel] How to make LDAP authentication in RT3
Alexander Finger
af at syd.de
Mon Jan 31 10:56:57 EST 2005
> Could anyone post the procedure, file, ... to enable LDAP authentication
> against an external LDAP^server, with RT3 in linux.
>
> I know that is possible to authenticate users against an external LDAP
> server, I had been googling and searching in mail-lists, and I had found a
> lot of different references, too much references, but not very clear, and
> most of them refering to RT2, I wonder that it could be the same for RT3.
> This is the mainly reason of my request.
I switched it on on my testbox
Accept REMOTE_USER as authenticated:
in RT_SiteConfig.pm:
Set($WebExternalAuth , 1);
#Set($WebFallbackToInternalAuth , 1);
#If the user does not exist, create him:
Set($WebExternalAuto , 1);
//
And then in httpd.conf:
AuthName "Please type your [firstname.lastname] and your
[mail-passwd] to acc ess RT"
AuthType Basic
AuthLDAPURL ldap://ldap.server.com:389/o=my-company?login?sub?(mail= *)
require valid-user
mod_auth_ldap is required, of course.
The user can then type his "login" attribute to login and can only login
if a mail-attribute is present and filled in his user data.
You could set this to "accessrt=yes" to make sure only people with an
"accessrt"-Attribute of "yes" could access rt. You'd have to manage that
attribute, though (create, maintain..).
I did not do any modifications on rt itself.
cheers
Alex
--
Alexander Finger
callto://ch.eurospot.af
mailto:af at syd.de
More information about the Rt-devel
mailing list