[rt-users] LDAP solution that works
Carl Makin
carl at xena.IPAustralia.gov.au
Thu Aug 12 00:31:11 EDT 2004
Hi Robert,
Robert Paskowitz wrote:
>We use Novell here and want to authenticate against the eDirectory LDAP server(something we do often). Ideally, we would want a user to be able to sign in with the novell name/password, have RT create a user with the given name, leave the password blank, and use the e-mail adress which can be grabbed from LDAP as well. A nice bonus would be the ability to have a user send an e-mail in, and if it is not associated with an account, perform an LDAP lookup for that address, and proceed with the same account creation described above.
>
>
The system we have works the other way around. Users are automatically
created with data from the LDAP server by an inbound email. Once they
are created, then they can log in. We use the LDAPMail.pm file
(attached) in the <site>/rt3/lib/RT/Interface/Email/Auth directory to do
the LDAP based auto user creation. I got that off this list, but I
can't remember who from. :( LDAPMail.pm associated with
<site>/rt3/local/lib/RT/User_Local.pm (attached) and this snippet in the
RT_SiteConfig.pm file do it all for us.
# LDAP Authentication
$LDAPExternalAuth = 1;
$LdapServer="your.directory.server";
$LdapUser="";
$LdapPass="";
$LdapBase="dc=your,dc=directory,dc=serverbase";
$LdapUidAttr="uid";
$LdapFilter="(objectclass=inetOrgPerson)";
# LDAP entry from mail.
@RT::MailPlugins = (
"Auth::LDAPMail",
"Auth::MailFrom"
);
At some point I hope to find the time to dive in and make the
"ParseNewMessageForTicketCcs" function use LDAP data as well.
Unfortunately this might all go out the window here as my management are
keen on using a single "Service Desk" based system across the whole
organisation, and the peope in charge of that are only interested in
commercial packages. <sigh>
Hope this helps.
Carl.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: LDAPMail.pm
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20040812/eaf56d85/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: User_Local.pm
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20040812/eaf56d85/attachment-0001.ksh>
More information about the rt-users
mailing list