[rt-users] REALLY Confused about RT Extension ExternalAuth and LDAP
Ken Crocker
kfcrocker at lbl.gov
Mon Nov 16 14:46:55 EST 2009
To list,
I'm not an internals/Unix Admin or tech. I've been the Admin for "User
Support" for our RT 3.6.4 installation. We successfully use LDAP
Authentication.
I've just been given the responsibility to install 3.8.6 in VM (RHEL 5.3).
I have some Unix help. However, I have to tell my guy what to
download/install.
So, as I have been reading past Emails about using the plugin
RT::Extension::ExteranlAuth, I have become quite confused. For example,
when I look at the BestPractical Wiki site for extensions I saw this
comment:
Once installed, you should view the file:
3.4/3.6 $RTHOME/local/etc/ExternalAuth/RT_SiteConfig.pm
3.8 $RTHOME/local/plugins/RT-Auth-ExternalAuth/etc/RT_SiteConfig.pm
I went to our 3.6.4 directories and didn't see anything in /local/etc at all.
So, if I have been using LDAP successfully with my 3.6.4 version, what do I need to do in order to have it work in my 3.8.6 installation?
Do I even need the "ExternalAuth" extension?
If so, what files do I move over from my 3.6.4 files, if anything?
My 3.6.4 RT_SiteConfig "Auth" settings show the following:
Set($AuthMethods, ['LDAP', 'Internal']);
Set($LdapExternalAuth, 1); # enable LDAP authentication/lookups
Set($LdapExternalInfo, 1);
Set($LdapAutoCreateNonLdapUsers, 0);
So, for 3.8.6 I set up my RT_SiteConfig settings to this:
# Now what follows are the settings for LDAP Authorization
Set($AuthMethods, ['My_LDAP', 'Internal']);
Set($ExternalAuthPriority, ['My_LDAP']);
Set($ExternalInfoPriority, ['My_LDAP']);
Set($LdapExternalAuth, 1); # enable LDAP authentication/lookups
Set($LdapAutoCreateNonLdapUsers, 0);
Set($CanonicalizeOnCreate , 0);
Set($LdapTLS, 1);
Set($LdapSSLVersion, 3);
And my Plugin array to this:
Set(@Plugins,(qw(Extension::QuickDelete RT::FM RTx::Calendar RT::Extension::Timeline
RT::Authen::ExternalAuth RT::Extension::CommandByMail RT::Extension::ExtractCustomFieldValues
RT::Extension::SearchResults::XLS)));
I saw some bug reports on ExternalAuth v.08. Is that fixed yet?
Do I even need it if I'm using LDAP?
Also, for each Plugin in my array, what corresponding files do I need and where do I put them?
I know this is a lot to ask, but I really need the help or I go nowhere from here.
Thanks.
Kenn
LBNL
More information about the rt-users
mailing list