[rt-users] RT Question on adding users

Thu May 14 09:53:40 EDT 2009

I read the rt-users mailing list, its ok to send mail to just the list,
rather than CCing me

On May 13, 2009, at 5:18 PM, Ken Crocker wrote:
>
>     Thank you so much for answering. I looked through our  
> RT_Config.pm file and did not see any reference to either  
> "RT::User::CanonicalizeUserInfo"

This is a method on the RT::User where you can customize what RT does  
on user creation,
you'll need to override and tweak it.

It should already be overridden in User_Vendor.pm by the LDAP overlay  
you're
using and you could add changes there.

> or "RT::Authen::ExternalAuth". Where do I find them and how do I set  
> them?

This is a perl module that implements LDAP auth, since you didn't tell  
us your
RT version or how you were doing LDAP I had to do some guessing
It appears you're using the older overlay method (probably with 3.6)

>
>     Our current applicable LDAP settings (in RT_SiteConfig.pm) are  
> as follows:
> 	• Set($AuthMethods, ['LDAP', 'Internal']);
> 	• Set($LdapExternalAuth, 1);
> 	• Set($LdapExternalInfo, 1);

This variable change name slightly between the Overlay and the
formal extension

> 	• Set($LdapAutoCreateNonLdapUsers, 0);

Try changing it to 1, it should let you create users that
aren't in LDAP

-kevin

> 	•
> Set($LdapAttrMap, {'Name' => 'uid',
>
>                    'EmailAddress' => 'mail',
>
>                    'Organization' => 'o',
>
>                    'RealName' => 'cn',
>
>                    'ExternalContactInfoId' => 'dn',
>
>                    'ExternalAuthId' => 'lblempnum',
>
>                    'Gecos' => 'uid',
>
>                    'WorkPhone' => 'telephonenumber',
>
>                    'Address1' => 'lblmailstop',
>
>                    'Address2' => 'postaladdress'}
>
>          );
> 	• Set($LdapRTAttrMatchList, ['ExternalContactInfoId', 'Name',  
> 'EmailAddress',  'RealName', 'ExternalAuthId', 'WorkPhone',  
> 'Address2']);
> 	• Set($LdapEmailAttrMatchList, ['uid']);
> 	• Set($LdapEmailAttrMatchPrefix, [''] );
> 	• Set($LdapTLS, 1);
> 	• Set($LdapSSLVersion, 3);
>     Do I have all the LDAP settings I need? Do I need to add one?  
> Change one?
>
>     THANK you!
>
> Kenn
> LBNL
>
> On 5/13/2009 1:12 PM, Kevin Falcone wrote:
>>
>> On May 13, 2009, at 12:48 PM, Ken Crocker wrote:
>>
>>
>>> To any and all,
>>>
>>>
>>>     I've asked this question before, but perhaps I didn't word it so
>>> it made any sense. When we add a 'CC' on any correspondance thru a
>>> ticket, we find that if the user is not an RT User, as long as they
>>> pass the LDAP test, they get added, with their email address as
>>> their Id (NAME field). First question is:
>>>
>>>     How do we get RT to drop the '@xxx.xxx' from the Id is uses for
>>> "NAME" on the USER Table.
>>>
>> You can use RT::User::CanonicalizeUserInfo to munge the Name,  
>> assuming
>> you're
>> not using RT::Authen::ExternalAuth which already overrides this.
>>
>>
>>>     Secondly, how do we get RT to add a 'CC' to the USER table as an
>>> "unprivileged" user if they do NOT pass the LDAP test?
>>>
>> You don't say how you're doing LDAP auth so answering this is hard.
>>
>> If you're using RT::Authen::ExternalAuth you want to check your
>> setting of
>> AutoCreateNonExternalUsers
>>
>> -kevin
>>
>> _______________________________________________
>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>>
>> Community help: http://wiki.bestpractical.com
>> Commercial support: sales at bestpractical.com
>>
>>
>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
>> Buy a copy at http://rtbook.bestpractical.com
>>
>>