[rt-users] Assigning rights to ExternalAuth users

Kevin Falcone falcone at bestpractical.com
Mon Dec 27 13:41:30 EST 2010


On Sun, Dec 26, 2010 at 08:15:29AM -0800, Jonathan Salomon wrote:
>    I've configured ExternalAuth to authenticate against our AD and this works well, i.e. any user
>    in our AD can login to RT3 as an unprivileged user and create tickets to specific queues. I
>    also see in the MySQL backend that a user record is created when an AD user logs in for the
>    first time.
> 
>    My problem is that these users don't show up in the Configuration`aUsers list (even when I
>    check the include disabled users checkbox as someone suggested in some post I read).
>    Consequently I cannot assign these users to any groups nor

RT doesn't allow assigning unprivileged users to groups in the group
rights UI (since it is quite possible to have tens of thousands of
unprivileged users).  They don't show up on Configuration -> Users by
default for the same reason.  Searching for them in the Configuration
-> Users UI (or constructing a search that matches all users) will let
you find them there and then use the Memberships tab to manage their
group membership.

>    In addition: is it good practice to have the normal users be unprivileged (they only need to
>    be able to open and track their own tickets) or should I make sure every user becomes
>    privileged when he logs in for the first time?

You can just grant rights to Unprivileged users as a whole, it doesn't
sound like these users really want to be Privileged.

-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20101227/847fdc23/attachment.sig>


More information about the rt-users mailing list