[rt-users] Can't find in docs: how users check ticket status?
Maloney, Michael
Michael_Maloney at nyce.net
Mon Jan 5 12:09:50 EST 2004
I'm using RT strictly as an internal application, on my intranet. My site
is not publicly accessible, and I don't have a problem with my users looking
at any ticket. If all autocreated users are by default "Non-Privileged",
then isn't RT still secure? I'm not allowing them to change tickets, just
view them.
It might be nice to have something in RT_SiteConfig, to allow/not allow
"default" autocreated passwords and be able to set that password.
In the meantime, I'll try and locate the thread about random passwords (any
ideas about the month?).
-Mike M.
-----Original Message-----
From: Ruslan U. Zakirov [mailto:cubic at acronis.ru]
Sent: Monday, January 05, 2004 11:54 AM
To: Maloney, Michael
Cc: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] Can't find in docs: how users check ticket status?
Maloney, Michael wrote:
> Same problem here. When a new autocreated user gets added to the
> database, their password is set to "*NO PASSWORD*", however, the "STAFF"
> user passwords have been hashed (MD5???) and are scrambled. So I think
> the problem is that the autocreated passwords are in the database in
> clear text, but should be hashed. I don't care if an autocreated user's
> password is set to "password" or whatever, just as long as I don't have
> to do any manual steps to correct the password.
As I've understood you want specify password for autocreated users. I don't
know way to do it. It's just wrong and insecure. There was threads on the
list about generating random passwords for new
users, you have to read them.
Good luck. Ruslan.
>
>
> -----Original Message-----
> From: Michael Marziani [mailto:marziani at oasis.com]
> Sent: Monday, January 05, 2004 11:30 AM
> To: rt-users at lists.bestpractical.com
> Subject: RE: [rt-users] Can't find in docs: how users check ticket
> status?
>
>
> Ok, I am attempting to log into the self-service as an unprivileged
> (autocreated) user, but it will not allow this without a password. Is
> there a default password set up for autocreated users? Thanks!
>
> -Michael
>
>
> ----------------------------------------------------------------------
> --
>
> _______________________________________________
> rt-users mailing list
> rt-users at lists.bestpractical.com
> http://lists.bestpractical.com/mailman/listinfo/rt-users
>
> Have you read the FAQ? The RT FAQ Manager lives at
> http://fsck.com/rtfm
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20040105/d8834287/attachment.htm>
More information about the rt-users
mailing list