[rt-users] ldap users
steve
steve at n2sw.com
Mon Dec 20 13:31:10 EST 2004
hi all, i have all my users authenticating via ldap, and when they log
in they see everything, including the configuration tab on the left
side, which means that they can see that there is an account called
superuser etc..., while they can not modify any of this info i would
like for all users except those specified to not be able to see the
configuration tab on the left.
is this possible, if so how do i go about doing this,
also for those of you that need to authenticate via ldap here is how to
do it in 3 steps,
add this to RT_Site_config.pm
$LDAPExternalAuth = 1;
$LdapServer="ldap.mydomain.com";
$LdapUser="cn=DADDY,o=MAMA";
$LdapPass="PASS";
$LdapBase="";
$LdapUidAttr="uid";
$LdapFilter="(objectclass=*)";
$LdapTLS = 0;
$LdapGroup ="cn=NY-Everyone,ou=Groups,ou=NY,ou=YOYO,ou=MAMA";
$LdapGroupAttribute = 'member';
then in httpd.conf
ServerName rt.mydomain.com
DocumentRoot /usr/local/rt3/share/html
AddDefaultCharset UTF-8
PerlModule Apache::DBI
PerlRequire /usr/local/rt3/bin/webmux.pl
<Location />
SetHandler perl-script
PerlHandler RT::Mason
AuthName "RT Web Users"
AuthType Basic
AuthLDAPAuthoritative off
AuthLDAPurl ldap://ldap.mydomain.com/?cn?sub
require valid-user
</Location>
</VirtualHost>
you must install auth_ldap first, and in freebsd this is not mod_ldap
but auth_ldap and is located in /usr/ports/www/auth_ldap
-------------- next part --------------
A non-text attachment was scrubbed...
Name: steve.vcf
Type: text/x-vcard
Size: 774 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20041220/0b3e559b/attachment.vcf>
More information about the rt-users
mailing list