[rt-users] RES: Re: RES: Re: RES: Re: RT External Auth and uid problem

Luciano Ernesto da Silva luciano at cpd.ufrgs.br
Mon Oct 3 14:38:53 EDT 2011


Hello,

I worked in a solution, modifying the file ExternalAuth.pm in
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ and seems
to work fine.
In this case, only work with local auth and LDAP with UID. It prefix the
uid number with letter a, and remove it where is necessary.

Here's the mofifications if someone need it in future: 

http://pastebin.com/4qZ5vbsM 

If you want, I can post in the wikia page too.

Tks

Luciano






-----Mensagem original-----
De: rt-users-bounces at lists.bestpractical.com
[mailto:rt-users-bounces at lists.bestpractical.com] Em nome de Kevin
Falcone
Enviada em: quarta-feira, 24 de agosto de 2011 14:52
Para: rt-users at lists.bestpractical.com
Assunto: [*****SPAM*****] Re: [rt-users] RES: Re: RES: Re: RT External
Auth and uid problem

On Wed, Aug 24, 2011 at 02:22:35PM -0300, Luciano Ernesto da Silva
wrote:
> I will try prefix the numeric username with a character. I don't know 
> where start. Can you tell me what functions are involved in user 
> creation?

As I said earlier

>> In the past, people have prefixed numeric usernames with a character,

>> but since I've never had to do that, I do not know the best way to do

>> it.

-kevin

> I think I would have to map the authentication, including a character 
> "a" internally before the number and "a" on creation.
> 
> Luciano
> 
> -----Mensagem original-----
> De: rt-users-bounces at lists.bestpractical.com
> [mailto:rt-users-bounces at lists.bestpractical.com] Em nome de Kevin 
> Falcone Enviada em: quarta-feira, 24 de agosto de 2011 13:42
> Para: rt-users at lists.bestpractical.com
> Assunto: Re: [rt-users] RES: Re: RT External Auth and uid problem
> 
> On Wed, Aug 24, 2011 at 12:26:26PM -0300, Luciano Ernesto da Silva
> wrote:
> > Kevin,
> > 
> > Ok, I understand, I will not touch the extension. But is there a way

> > to overlay creation of privileged users and allow 'Name' with 
> > numeric field? We have many services that use LDAP and users just 
> > use the
> 
> RT does not support numeric usernames.
> Changing that would require significant code churn.
> 
> -kevin
> 
> > uid(numeric) and password. 
> > Would be more friendly keep the same method. 
> > The last option would use Name = > 'mail' in 'attr_map', but I don't

> > think this a good solution.
> > 
> > 
> > -----Mensagem original-----
> > De: rt-users-bounces at lists.bestpractical.com
> > [mailto:rt-users-bounces at lists.bestpractical.com] Em nome de Kevin 
> > Falcone Enviada em: quarta-feira, 24 de agosto de 2011 11:13
> > Para: rt-users at lists.bestpractical.com
> > Assunto: Re: [rt-users] RT External Auth and uid problem
> > 
> > On Wed, Aug 24, 2011 at 10:54:22AM -0300, Luciano Ernesto da Silva
> > wrote:
> > >
> > 'attr_match_list'           => [
> > >    'Name',  'EmailAddress',  'RealName'],
> > > 
> > >                                                            # The
> > mapping of RT attributes on to
> > >    LDAP attributes
> > > 
> > >
> 'attr_map'
> > =>  {
> > >    'Name' => 'uid', 'EmailAddress' => 'mail',  'RealName' => 'cn',

> > > 'ExternalAuthId' => 'uid' }
> > > 
> > > 
> > > 
> > >    In the extension ExternalAuth I changed all  the strings "Name"

> > > for
> > "NickName" and seems work,
> > >    but I still cant't create users.
> > 
> > Do you meant you literally replaced all occurrences of Name with 
> > NickName in the extension?  That will never work.
> > 
> > If you have a non-numeric field, just fix attr_map so that Name => 
> > 'non_numeric_ldap_field'
> > 
> > Also, you almost certainly don't want attr_match_list to consider 
> > RealName to be unique.  That would mean that you can't have two 
> > users in RT with the name Kevin Falcone since the extension will try

> > to resolve them to the same AD user.
> > 
> > -kevin
> > 
> > > 
> > > 
> > > 
> > >    I thought a solution creating a local/lib overlay for create a 
> > > user
> > with NickName to use as
> > >    uid number, and keep RealName for cn, and EmailAdddress for
mail.
> > > 
> > > 
> > > 
> > >    What function in lib is used to create the users? Can you give 
> > > me
> > some tips?
> > > 
> > > 
> > > 
> > >    Thanks for your help,
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > >    Luciano Silva
> > > 
> > >    [1]Luciano at cpd.ufrgs.br
> > > 
> > > References
> > > 
> > >    Visible links
> > >    1. mailto:Luciano at cpd.ufrgs.br
> > 
> > > --------
> > > RT Training Sessions
> > > (http://bestpractical.com/services/training.html)
> > > *  Chicago, IL, USA ? September 26 & 27, 2011
> > > *  San Francisco, CA, USA ? October 18 & 19, 2011
> > > *  Washington DC, USA ? October 31 & November 1, 2011
> > > *  Melbourne VIC, Australia ? November 28 & 29, 2011
> > > *  Barcelona, Spain ? November 28 & 29, 2011
> > 
> > --------
> > RT Training Sessions 
> > (http://bestpractical.com/services/training.html)
> > *  Chicago, IL, USA  September 26 & 27, 2011
> > *  San Francisco, CA, USA  October 18 & 19, 2011
> > *  Washington DC, USA  October 31 & November 1, 2011
> > *  Melbourne VIC, Australia  November 28 & 29, 2011
> > *  Barcelona, Spain  November 28 & 29, 2011
> --------
> RT Training Sessions (http://bestpractical.com/services/training.html)
> *  Chicago, IL, USA  September 26 & 27, 2011
> *  San Francisco, CA, USA  October 18 & 19, 2011
> *  Washington DC, USA  October 31 & November 1, 2011
> *  Melbourne VIC, Australia  November 28 & 29, 2011
> *  Barcelona, Spain  November 28 & 29, 2011



More information about the rt-users mailing list