[rt-users] REALLY Confused about RT Extension ExternalAuth and LDAP

Ken Crocker kfcrocker at lbl.gov
Mon Nov 16 14:46:55 EST 2009 

To list,

I'm not an internals/Unix Admin or tech. I've been the Admin for "User 
Support" for our RT 3.6.4 installation. We successfully use LDAP 
Authentication.
I've just been given the responsibility to install 3.8.6 in VM (RHEL 5.3).

I have some Unix help. However, I have to tell my guy what to 
download/install.

So, as I have been reading past Emails about using the plugin 
RT::Extension::ExteranlAuth, I have become quite confused. For example, 
when I look at the BestPractical Wiki site for extensions I saw this 
comment:

Once installed, you should view the file:
    
3.4/3.6    $RTHOME/local/etc/ExternalAuth/RT_SiteConfig.pm
3.8        $RTHOME/local/plugins/RT-Auth-ExternalAuth/etc/RT_SiteConfig.pm

I went to our 3.6.4 directories and didn't see anything in /local/etc at all.

So, if I have been using LDAP successfully with my 3.6.4 version, what do I need to do in order to have it work in my 3.8.6 installation?

Do I even need the "ExternalAuth" extension?

If so, what files do I move over from my 3.6.4 files, if anything?

My 3.6.4 RT_SiteConfig "Auth" settings show the following:

Set($AuthMethods, ['LDAP', 'Internal']);
Set($LdapExternalAuth, 1); # enable LDAP authentication/lookups
Set($LdapExternalInfo, 1);
Set($LdapAutoCreateNonLdapUsers, 0);

So, for 3.8.6 I set up my RT_SiteConfig settings to this:

# Now what follows are the settings for LDAP Authorization
Set($AuthMethods, ['My_LDAP', 'Internal']);
Set($ExternalAuthPriority, ['My_LDAP']);
Set($ExternalInfoPriority, ['My_LDAP']);
Set($LdapExternalAuth, 1); # enable LDAP authentication/lookups
Set($LdapAutoCreateNonLdapUsers, 0);
Set($CanonicalizeOnCreate , 0);
Set($LdapTLS, 1);
Set($LdapSSLVersion, 3);

  And my Plugin array to this:

Set(@Plugins,(qw(Extension::QuickDelete RT::FM RTx::Calendar RT::Extension::Timeline
RT::Authen::ExternalAuth RT::Extension::CommandByMail RT::Extension::ExtractCustomFieldValues
RT::Extension::SearchResults::XLS)));

I saw some bug reports on ExternalAuth v.08. Is that fixed yet?
Do I even need it if I'm using LDAP?

Also, for each Plugin in my array, what corresponding files do I need and where do I put them?

I know this is a lot to ask, but I really need the help or I go nowhere from here.

Thanks.

Kenn
LBNL

More information about the rt-users mailing list