[rt-users] SOLVED? LDAP_INVALID_CREDENTIALS error with 'ExternalAuth' extension

Kenneth Crocker KFCrocker at lbl.gov
Fri Apr 11 12:50:41 EDT 2008

Mike, Pedro,

	We use LDAP as well and the same setting (Set($AutoCreate, {Privileged 
=> 1});) and it works well as far as getting the new user into the DB. 
All I have to do after that is put them in the appropriate group the 
they will HAVE some privileges. We don't grant many GLOBAL privileges so 
if someo wants to do something other than reply to email on their own 
ticket or see their own ticket, they have to be in a group.
	The problem I'm having with autocreate is that when an email address is 
added to some correspondence in the CC field, then RT adds the entire 
email address as a privleged user instead of unprivileged. Once that 
happens, they show up in a lot of drop-downs for watcher and then I have 
this unrelated "privileged" email address being offered as a possible 
USER ID for watchers and many of my regular users don't know which of 
the two IDs to select for that one person. It gets irritating and now 
I'm considering using SQL to get rid of them. Any ideas on a better 
setting for adding email addresses as "unprivileged"? Thanks


On 4/11/2008 5:03 AM, Mike Peachey wrote:
> Pedro Lobo S. da Rocha wrote:
>> Right, I think I got it. But there's one thing. When I go to 
>> Configuration -> Groups -> "Select one group" -> Members, the 
>> auto-created user doesn't appears in the user's list so I can add him as 
>> a member. Do you know why this is happening?
> I'm guessing that you are not using:
> Set($AutoCreate, {Privileged => 1});
> which means that by default your new users are unprivileged.
> By default, lists of user in RT only include privileged users. This 
> means that you will need to search for the user and then, in the user's 
> information page, tick the "Allow this user to be granted privileges" 
> box. They should then show up in the groups selection list.

More information about the rt-users mailing list