[rt-users] Import Users from NIS or radius??
Mike Peachey
mike.peachey at jennic.com
Fri Feb 22 04:11:03 EST 2008
Greg Evans wrote:
> Hello,
>
> Not sure if this made it to the list last time, so I am resending, I
> apologize in advance if it already got to many of you and it is a duplicate.
> We may have been/are having email server issues, so if this is now a
> triplicate, I offer my sincere apologies.
>
> Hello Mike and everyone else,
>
> I wanted to follow-up on our conversation below regarding users, etc.
>
> I obviously don't want massive data duplication so it would seem that the
> best way to do this would be to import all of our internet customers into RT
> as users with basically no permissions, set them up in a group and all of
> that normal business.
>
> All of my users are in our radius file and accessible via NIS, which is
> great and I am pretty sure that I can figure out how to import them from
> that using standard myself syntax and a exported .csv or similar file.
>
> The problem that was brought to my attention is that I would need to do this
> daily. Is there a way that you or someone would know of that would allow me
> to import only the new data each day? My boss thought that using NIS would
> be better, and I think that I would agree with that.
You are going to be better off doing direct authentication off your NIS
or RADIUS platforms rather than doing a daily data import.
If your RADIUS is providing a standard LDAP interface, then you can use
Jim Meyer's LDAP User Overlay (http://wiki.bestpractical.org/LDAP),
alternatively, Graeme Fowler did some work on a PAM interface that would
let you authenticate off of any information with a PAM module, for any
system running PAM.
Alternatively, if your RADIUS server can be converted to store its
information inside a database rather than flat files, you could use my
ExternalDB authentication overlay which will be released soon.
Alternatively, you can make Apache do the authentication. Any
authentication method that Apache supports will work because you can
just tell RT to trust Apache. And while it doesn't seem palatable, it
seems feasible to write some custom cron scripts that convert your
radius data into .htaccess files.
Just a few things to consider...
--
Kind Regards,
__________________________________________________
Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com
__________________________________________________
More information about the rt-users
mailing list