[rt-users] LDAP solution that works

Robert Paskowitz rpaskowitz at michener.ca
Wed Aug 11 20:30:38 EDT 2004

I am trying to use that overlay file, but am having some issues. Based on my understanding of that file, it just deals with the password authentication portion, and therefore requires the user to be pre-existing in the RT database. 

We use Novell here and want to authenticate against the eDirectory LDAP server(something we do often). Ideally, we would want a user to be able to sign in with the novell name/password, have RT create a user with the given name, leave the password blank, and use the e-mail adress which can be grabbed from LDAP as well. A nice bonus would be the ability to have a user send an e-mail in, and if it is not associated with an account, perform an LDAP lookup for that address, and proceed with the same account creation described above.

This sounds roughly like what you said you have going, so I'd be interested to know what you have done, code or configuration wise aside from just that overlay file. Thanks,


>>> Carl Makin <carl at xena.IPAustralia.gov.au> 08/10/04 21:31 PM >>>
Hi Tomas,

Tomas A. P. Olaj wrote:

>1) LDAP for authentication. New users will be created automatically by RT
>   with their username. Of course, new users sending e-mail to RT will be
>   created by their e-mail address. That's not wanted, and we are
>   wondering how others deal with that.
We use LDAP authentication here, but not through Apache.  We use an LDAP 
user authentication overlay which handles both logging in and email user 
creation.  There are links to it in the "Extensions" part of the 
Contributions wiki page at


It works a treat, except for autogenerating accounts for CCs on an 
inbound email.  We can live with that for the moment.



Be sure to check out the RT wiki at http://wiki.bestpractical.com

More information about the rt-users mailing list