[Rt-devel] How to make LDAP authentication in RT3

Alexander Finger af at syd.de
Mon Jan 31 10:56:57 EST 2005

> Could anyone post the procedure, file, ... to enable LDAP authentication 
> against an external LDAP^server, with RT3 in linux.
> I know that is possible to authenticate users against an external LDAP 
> server, I had been googling and searching in mail-lists, and I had found a 
> lot of different references, too much references, but not very clear, and 
> most of them refering to RT2, I wonder that it could be the same for RT3. 
> This is the mainly reason of my request.

I switched it on on my testbox

Accept REMOTE_USER as authenticated:

in RT_SiteConfig.pm:

Set($WebExternalAuth , 1);
#Set($WebFallbackToInternalAuth , 1);

#If the user does not exist, create him:

Set($WebExternalAuto , 1);


And then in httpd.conf:

    AuthName "Please type your [firstname.lastname] and your 
[mail-passwd] to acc ess  RT"
    AuthType Basic
    AuthLDAPURL ldap://ldap.server.com:389/o=my-company?login?sub?(mail= *)
    require valid-user

mod_auth_ldap is required, of course.

The user can then type his "login" attribute to login and can only login 
if a mail-attribute is present and filled in his user data.

You could set this to "accessrt=yes" to make sure only people with an 
"accessrt"-Attribute of "yes" could access rt. You'd have to manage that 
attribute, though (create, maintain..).

I did not do any modifications on rt itself.


Alexander Finger
mailto:af at syd.de

More information about the Rt-devel mailing list