[rt-users] Active Directory LDAP attributes and permissions
Kevin Falcone
falcone at bestpractical.com
Wed Oct 14 09:06:45 EDT 2009
On Tue, Oct 13, 2009 at 04:29:54PM -0700, M Brennan wrote:
> We have RT authenticating to our Active Directory, M$ 2003. I am using the ExternalAuth
> functionality. When users login via LDAP, they initially had no permissions. I fixed this by
> modifying the Everyone group and allowing those users to create/edit/etc. I would like to
> tighter control over perms.
>
> Questions:
>
> 1) Can I map an Active Directory LDAP attribute to a new RT group that I create, so that users
> can inheriate perms w/o having to use the default 'Everyone' group? If so, how is this done?
>
> 2) Is there another way of having LDAP auth'd users inherite permissions?
RT-Authen-ExternalAuth does not currently support adding users to
groups. You can use the AutoCreate config var in your
RT_SiteConfig.pm so that users are created Privileged and then you'll
be able to hand permissions just to your Privileged users.
-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20091014/710e29fb/attachment.sig>
More information about the rt-users
mailing list