[rt-users] ldap users
Todd Chapman
rt at chaka.net
Mon Dec 20 13:21:36 EST 2004
http://wiki.bestpractical.com/index.cgi?HideConfigurationTab
On Mon, Dec 20, 2004 at 01:31:10PM -0500, steve wrote:
> hi all, i have all my users authenticating via ldap, and when they log
> in they see everything, including the configuration tab on the left
> side, which means that they can see that there is an account called
> superuser etc..., while they can not modify any of this info i would
> like for all users except those specified to not be able to see the
> configuration tab on the left.
>
> is this possible, if so how do i go about doing this,
>
> also for those of you that need to authenticate via ldap here is how to
> do it in 3 steps,
>
> add this to RT_Site_config.pm
> $LDAPExternalAuth = 1;
> $LdapServer="ldap.mydomain.com";
> $LdapUser="cn=DADDY,o=MAMA";
> $LdapPass="PASS";
> $LdapBase="";
> $LdapUidAttr="uid";
> $LdapFilter="(objectclass=*)";
> $LdapTLS = 0;
> $LdapGroup ="cn=NY-Everyone,ou=Groups,ou=NY,ou=YOYO,ou=MAMA";
> $LdapGroupAttribute = 'member';
>
>
> then in httpd.conf
>
> ServerName rt.mydomain.com
> DocumentRoot /usr/local/rt3/share/html
> AddDefaultCharset UTF-8
> PerlModule Apache::DBI
> PerlRequire /usr/local/rt3/bin/webmux.pl
> <Location />
> SetHandler perl-script
> PerlHandler RT::Mason
> AuthName "RT Web Users"
> AuthType Basic
> AuthLDAPAuthoritative off
> AuthLDAPurl ldap://ldap.mydomain.com/?cn?sub
> require valid-user
> </Location>
> </VirtualHost>
>
>
> you must install auth_ldap first, and in freebsd this is not mod_ldap
> but auth_ldap and is located in /usr/ports/www/auth_ldap
>
>
>
>
>
>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Be sure to check out the RT wiki at http://wiki.bestpractical.com
More information about the rt-users
mailing list