[rt-users] eDirectory authentication and groups question
Scott Melot
SMelot at lmusd.org
Fri Dec 4 19:35:57 EST 2009
Hello:
I've been working on migrating my school district from an MS Access based work order system to RT. I have been able to get it up and running with Ubuntu 8.04, MySQL 5, RT 3.8.6, ExternalAuth 0.08 and RTFM 2.4.2. But I am having some problems
What I would like to do is have general staff be able to log in and have an account created, then for a support staff to be able to manually (automatically would be better but I'll take manual) add them to a custom group within RT if they need more permissions than to submit a trouble ticket to the support queue.
Currently I am able to authenticate to my eDirectory through LDAP and ExternalAuth as an unpriveleged user but I haven't been able to figure out the rest. Any help or suggestions would be appreciated. I am including my RT_SiteConfig (modified to protect some information) below.
# THE BASICS:
Set($rtname, 'server.name');
Set($Organization, 'LMUSD');
Set($CorrespondAddress , 'removed');
Set($CommentAddress , 'removed');
Set($Timezone , 'US/PACIFIC'); # obviously choose what suits you
# THE DATABASE:
Set($DatabaseType, 'mysql'); # e.g. Pg or mysql
# These are the settings we used above when creating the RT database,
# you MUST set these to what you chose in the section above.
Set($DatabaseUser , 'removed');
Set($DatabasePassword , 'removed');
Set($DatabaseName , 'removed');
# THE WEBSERVER:
Set($WebDomain, 'localhost' );
Set($WebPath , "");
Set($WebBaseURL , "http://removed");
# THE PLUGINS
Set(@Plugins,qw(
RT::FM
RT::Authen::ExternalAuth
));
# LDAP Authentication
Set($ExternalAuthPriority, [ 'My_LDAP', ] );
Set($ExternalInfoPriority, [ 'My_LDAP' ] );
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 0);
Set($ExternalSettings, { 'My_LDAP' => { 'type' => 'ldap',
'server' => 'removed',
'base' => 'o=<context>',
'filter' => '(objectClass=Person)',
'd_filter' => '(objectClass=Computer)',
'tls' => 0,
'ssl_version' => 3,
'net_ldap_args' => [ version => 3 ],
#'group' => 'RT_Users',
#'group_attr' => 'groupmembersattribute',
#
'attr_match_list' => [ 'Name',
'EmailAddress',
],
#
'attr_map' => { 'Name' => 'uid',
'EmailAddress' => 'mail',
}
},
}
);
1;
Scott Melot
Personal Computer Network Specialist III, Information Technology Services
Lucia Mar Unified School District
Phone: (805) 474-3000 ext 1016
More information about the rt-users
mailing list