[rt-users] RT::Authen::ExternalAuth to use LDAP for different groups
Kevin Falcone
falcone at bestpractical.com
Thu Feb 17 17:35:41 EST 2011
On Thu, Feb 17, 2011 at 04:19:28PM -0500, marthter wrote:
> I have successfully set up the LDAP authentication against my Active Directory server, and
> testing it with my own Windows user and password, and that is working and letting me log in
> that way. However I get only a very restricted menu and navigation structure. Presumably
> this is the non-privileged user's view of things (I'm new to this so I'm somewhat guessing
> here).
You can change this with the $AutoCreate config, read more about it in
RT_Config.pm. For now you probably want to log in as root and make
your user privileged.
> My question is, how do I use RT::Authen::ExternalAuth with LDAP to my Active Directory, such
> that some users (who are in group Blah in the Active Directory) are in the privileged group,
> and the rest of the users are in the non-privileged group.
There isn't a way to configure who is privileged and who isn't at a
group level in the RT-Authen-ExternalAuth level
I suspect you want to use RT-Extension-LDAPImporter to bulk import
users, set up your privileged users and then let
RT-Authen-ExternalAuth manage passwords and future info updates.
You'd need to handle any new users who should be privileged manually,
but I'm not sure how often that would happen for you
-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110217/4855d09f/attachment.sig>
More information about the rt-users
mailing list