[rt-users] LDAP auth: should I still create the users in RT even if I use WebExternalAuth?
Stanislav Sinyagin
ssinyagin at yahoo.com
Wed Dec 18 06:59:07 EST 2002
--- Carl Makin <carl at xena.IPAustralia.gov.au> wrote:
> Here is what I'm playing with at the moment. I use
> Apache::AuthenNetLDAP in Apache to authenticate against our LDAP server.
> my $filter = "(uid=" . $username . ")";
> $RT::Logger->debug("LookupExternalUserInfo: First search filter ",
> "'$filter'\n");
> $mesg = $ldap->search(base => LDAP_BASE,
> filter => $filter,
> attrs => [ LDAP_EMAIL, LDAP_CN, LDAP_UID,
> "mobile", "departmentNumber", "extensionNumber", "givenName" ]);
Two things missing here:
In your filter, you hardcoded "uid" attribute. This will not work
in some setups, like MS Active Directory. Because it uses
"sAMAccountName" for that purpose.
Again, you hardcoded mapping 'extensionNumber' and "departmentNumber", and
this will work in some specific setups only.
Thus, I still prefer my own script :)
Stan
More information about the rt-users
mailing list