[rt-users] RT Question on adding users

Ken Crocker kfcrocker at lbl.gov
Fri May 15 12:39:07 EDT 2009


Kevin,

    Yes, I am using LDAP and yes, we are on 3.6.4. I tried turning that 
switch on "Set($LdapAutoCreateNonLdapUsers, 1);" and it didn't work. 
Earlier in this thread, User_Vendor.pm was mentioned and I went looking 
for some of this stuff. I tried to find "

/opt/rt3/local/html/Callbacks/ExternalAuth/autohandler/Auth" and could not. What I found was:
-bash-3.00$ cd Callbacks
-bash-3.00$ ls -l
total 16
drwxr-xr-x   3 rt     rt     4096 Feb  6  2008 LDAP
drwxr-xr-x   4 rt     rt     4096 Jan 29  2008 RTx-RightsMatrix


   I DID find Auth here:"opt/rt3/local/html/Callbacks/LDAP/autohandler/".

   Am I missing some software that I need to change or refer to?

   Thanks.


Kenn
LBNL



On 5/14/2009 6:53 AM, Kevin Falcone wrote:
> I read the rt-users mailing list, its ok to send mail to just the list,
> rather than CCing me
>
> On May 13, 2009, at 5:18 PM, Ken Crocker wrote:
>   
>>     Thank you so much for answering. I looked through our  
>> RT_Config.pm file and did not see any reference to either  
>> "RT::User::CanonicalizeUserInfo"
>>     
>
> This is a method on the RT::User where you can customize what RT does  
> on user creation,
> you'll need to override and tweak it.
>
> It should already be overridden in User_Vendor.pm by the LDAP overlay  
> you're
> using and you could add changes there.
>
>   
>> or "RT::Authen::ExternalAuth". Where do I find them and how do I set  
>> them?
>>     
>
> This is a perl module that implements LDAP auth, since you didn't tell  
> us your
> RT version or how you were doing LDAP I had to do some guessing
> It appears you're using the older overlay method (probably with 3.6)
>
>   
>>     Our current applicable LDAP settings (in RT_SiteConfig.pm) are  
>> as follows:
>> 	• Set($AuthMethods, ['LDAP', 'Internal']);
>> 	• Set($LdapExternalAuth, 1);
>> 	• Set($LdapExternalInfo, 1);
>>     
>
> This variable change name slightly between the Overlay and the
> formal extension
>
>   
>> 	• Set($LdapAutoCreateNonLdapUsers, 0);
>>     
>
> Try changing it to 1, it should let you create users that
> aren't in LDAP
>
> -kevin
>
>
>   
>>>> Set($LdapAttrMap, {'Name' => 'uid',
>>
>>                    'EmailAddress' => 'mail',
>>
>>                    'Organization' => 'o',
>>
>>                    'RealName' => 'cn',
>>
>>                    'ExternalContactInfoId' => 'dn',
>>
>>                    'ExternalAuthId' => 'lblempnum',
>>
>>                    'Gecos' => 'uid',
>>
>>                    'WorkPhone' => 'telephonenumber',
>>
>>                    'Address1' => 'lblmailstop',
>>
>>                    'Address2' => 'postaladdress'}
>>
>>          );
>> 	• Set($LdapRTAttrMatchList, ['ExternalContactInfoId', 'Name',  
>> 'EmailAddress',  'RealName', 'ExternalAuthId', 'WorkPhone',  
>> 'Address2']);
>> 	• Set($LdapEmailAttrMatchList, ['uid']);
>> 	• Set($LdapEmailAttrMatchPrefix, [''] );
>> 	• Set($LdapTLS, 1);
>> 	• Set($LdapSSLVersion, 3);
>>     Do I have all the LDAP settings I need? Do I need to add one?  
>> Change one?
>>
>>     THANK you!
>>
>> Kenn
>> LBNL
>>
>> On 5/13/2009 1:12 PM, Kevin Falcone wrote:
>>     
>>> On May 13, 2009, at 12:48 PM, Ken Crocker wrote:
>>>
>>>
>>>       
>>>> To any and all,
>>>>
>>>>
>>>>     I've asked this question before, but perhaps I didn't word it so
>>>> it made any sense. When we add a 'CC' on any correspondance thru a
>>>> ticket, we find that if the user is not an RT User, as long as they
>>>> pass the LDAP test, they get added, with their email address as
>>>> their Id (NAME field). First question is:
>>>>
>>>>     How do we get RT to drop the '@xxx.xxx' from the Id is uses for
>>>> "NAME" on the USER Table.
>>>>
>>>>         
>>> You can use RT::User::CanonicalizeUserInfo to munge the Name,  
>>> assuming
>>> you're
>>> not using RT::Authen::ExternalAuth which already overrides this.
>>>
>>>
>>>       
>>>>     Secondly, how do we get RT to add a 'CC' to the USER table as an
>>>> "unprivileged" user if they do NOT pass the LDAP test?
>>>>
>>>>         
>>> You don't say how you're doing LDAP auth so answering this is hard.
>>>
>>> If you're using RT::Authen::ExternalAuth you want to check your
>>> setting of
>>> AutoCreateNonExternalUsers
>>>
>>> -kevin
>>>
>>> _______________________________________________
>>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>>>
>>> Community help: http://wiki.bestpractical.com
>>> Commercial support: sales at bestpractical.com
>>>
>>>
>>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
>>> Buy a copy at http://rtbook.bestpractical.com
>>>
>>>
>>>       
>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales at bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
> Buy a copy at http://rtbook.bestpractical.com
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20090515/585b38be/attachment.htm>


More information about the rt-users mailing list