[rt-users] LDAP solution that works

Carl Makin carl at xena.IPAustralia.gov.au
Thu Aug 12 00:31:11 EDT 2004


Hi Robert,

Robert Paskowitz wrote:

>We use Novell here and want to authenticate against the eDirectory LDAP server(something we do often). Ideally, we would want a user to be able to sign in with the novell name/password, have RT create a user with the given name, leave the password blank, and use the e-mail adress which can be grabbed from LDAP as well. A nice bonus would be the ability to have a user send an e-mail in, and if it is not associated with an account, perform an LDAP lookup for that address, and proceed with the same account creation described above.
>  
>
The system we have works the other way around.  Users are automatically 
created with data from the LDAP server by an inbound email.  Once they 
are created, then they can log in.  We use the LDAPMail.pm file 
(attached) in the <site>/rt3/lib/RT/Interface/Email/Auth directory to do 
the LDAP based auto user creation.  I got that off this list, but I 
can't remember who from. :(  LDAPMail.pm associated with 
<site>/rt3/local/lib/RT/User_Local.pm (attached) and this snippet in the 
RT_SiteConfig.pm file do it all for us.

# LDAP Authentication
$LDAPExternalAuth = 1;
$LdapServer="your.directory.server";
$LdapUser="";
$LdapPass="";
$LdapBase="dc=your,dc=directory,dc=serverbase";
$LdapUidAttr="uid";
$LdapFilter="(objectclass=inetOrgPerson)";

# LDAP entry from mail.
@RT::MailPlugins = (
        "Auth::LDAPMail",
        "Auth::MailFrom"
  );

At some point I hope to find the time to dive in and make the 
"ParseNewMessageForTicketCcs" function use LDAP data as well. 

Unfortunately this might all go out the window here as my management are 
keen on using a single "Service Desk" based system across the whole 
organisation, and the peope in charge of that are only interested in 
commercial packages. <sigh> 

Hope this helps.
Carl.

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: LDAPMail.pm
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20040812/eaf56d85/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: User_Local.pm
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20040812/eaf56d85/attachment-0001.ksh>


More information about the rt-users mailing list