[rt-users] RES: Re: RES: Re: RES: Re: RT External Auth and uid problem
Kevin Falcone
falcone at bestpractical.com
Mon Oct 3 14:46:06 EDT 2011
On Mon, Oct 03, 2011 at 03:38:53PM -0300, Luciano Ernesto da Silva wrote:
> Hello,
>
> I worked in a solution, modifying the file ExternalAuth.pm in
> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ and seems
> to work fine.
> In this case, only work with local auth and LDAP with UID. It prefix the
> uid number with letter a, and remove it where is necessary.
>
> Here's the mofifications if someone need it in future:
>
> http://pastebin.com/4qZ5vbsM
>
> If you want, I can post in the wikia page too.
It'd be great if you sent a diff of this to the relevant bug queue so
it could be looked at and possibly made into an optional config.
https://rt.cpan.org/Public/Bug/Report.html?Queue=RT-Authen-ExternalAuth
-kevin
> -----Mensagem original-----
> De: rt-users-bounces at lists.bestpractical.com
> [mailto:rt-users-bounces at lists.bestpractical.com] Em nome de Kevin
> Falcone
> Enviada em: quarta-feira, 24 de agosto de 2011 14:52
> Para: rt-users at lists.bestpractical.com
> Assunto: [*****SPAM*****] Re: [rt-users] RES: Re: RES: Re: RT External
> Auth and uid problem
>
> On Wed, Aug 24, 2011 at 02:22:35PM -0300, Luciano Ernesto da Silva
> wrote:
> > I will try prefix the numeric username with a character. I don't know
> > where start. Can you tell me what functions are involved in user
> > creation?
>
> As I said earlier
>
> >> In the past, people have prefixed numeric usernames with a character,
>
> >> but since I've never had to do that, I do not know the best way to do
>
> >> it.
>
> -kevin
>
> > I think I would have to map the authentication, including a character
> > "a" internally before the number and "a" on creation.
> >
> > Luciano
> >
> > -----Mensagem original-----
> > De: rt-users-bounces at lists.bestpractical.com
> > [mailto:rt-users-bounces at lists.bestpractical.com] Em nome de Kevin
> > Falcone Enviada em: quarta-feira, 24 de agosto de 2011 13:42
> > Para: rt-users at lists.bestpractical.com
> > Assunto: Re: [rt-users] RES: Re: RT External Auth and uid problem
> >
> > On Wed, Aug 24, 2011 at 12:26:26PM -0300, Luciano Ernesto da Silva
> > wrote:
> > > Kevin,
> > >
> > > Ok, I understand, I will not touch the extension. But is there a way
>
> > > to overlay creation of privileged users and allow 'Name' with
> > > numeric field? We have many services that use LDAP and users just
> > > use the
> >
> > RT does not support numeric usernames.
> > Changing that would require significant code churn.
> >
> > -kevin
> >
> > > uid(numeric) and password.
> > > Would be more friendly keep the same method.
> > > The last option would use Name = > 'mail' in 'attr_map', but I don't
>
> > > think this a good solution.
> > >
> > >
> > > -----Mensagem original-----
> > > De: rt-users-bounces at lists.bestpractical.com
> > > [mailto:rt-users-bounces at lists.bestpractical.com] Em nome de Kevin
> > > Falcone Enviada em: quarta-feira, 24 de agosto de 2011 11:13
> > > Para: rt-users at lists.bestpractical.com
> > > Assunto: Re: [rt-users] RT External Auth and uid problem
> > >
> > > On Wed, Aug 24, 2011 at 10:54:22AM -0300, Luciano Ernesto da Silva
> > > wrote:
> > > >
> > > 'attr_match_list' => [
> > > > 'Name', 'EmailAddress', 'RealName'],
> > > >
> > > > # The
> > > mapping of RT attributes on to
> > > > LDAP attributes
> > > >
> > > >
> > 'attr_map'
> > > => {
> > > > 'Name' => 'uid', 'EmailAddress' => 'mail', 'RealName' => 'cn',
>
> > > > 'ExternalAuthId' => 'uid' }
> > > >
> > > >
> > > >
> > > > In the extension ExternalAuth I changed all the strings "Name"
>
> > > > for
> > > "NickName" and seems work,
> > > > but I still cant't create users.
> > >
> > > Do you meant you literally replaced all occurrences of Name with
> > > NickName in the extension? That will never work.
> > >
> > > If you have a non-numeric field, just fix attr_map so that Name =>
> > > 'non_numeric_ldap_field'
> > >
> > > Also, you almost certainly don't want attr_match_list to consider
> > > RealName to be unique. That would mean that you can't have two
> > > users in RT with the name Kevin Falcone since the extension will try
>
> > > to resolve them to the same AD user.
> > >
> > > -kevin
> > >
> > > >
> > > >
> > > >
> > > > I thought a solution creating a local/lib overlay for create a
> > > > user
> > > with NickName to use as
> > > > uid number, and keep RealName for cn, and EmailAdddress for
> mail.
> > > >
> > > >
> > > >
> > > > What function in lib is used to create the users? Can you give
> > > > me
> > > some tips?
> > > >
> > > >
> > > >
> > > > Thanks for your help,
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Luciano Silva
> > > >
> > > > [1]Luciano at cpd.ufrgs.br
> > > >
> > > > References
> > > >
> > > > Visible links
> > > > 1. mailto:Luciano at cpd.ufrgs.br
> > >
> > > > --------
> > > > RT Training Sessions
> > > > (http://bestpractical.com/services/training.html)
> > > > * Chicago, IL, USA ? September 26 & 27, 2011
> > > > * San Francisco, CA, USA ? October 18 & 19, 2011
> > > > * Washington DC, USA ? October 31 & November 1, 2011
> > > > * Melbourne VIC, Australia ? November 28 & 29, 2011
> > > > * Barcelona, Spain ? November 28 & 29, 2011
> > >
> > > --------
> > > RT Training Sessions
> > > (http://bestpractical.com/services/training.html)
> > > * Chicago, IL, USA September 26 & 27, 2011
> > > * San Francisco, CA, USA October 18 & 19, 2011
> > > * Washington DC, USA October 31 & November 1, 2011
> > > * Melbourne VIC, Australia November 28 & 29, 2011
> > > * Barcelona, Spain November 28 & 29, 2011
> > --------
> > RT Training Sessions (http://bestpractical.com/services/training.html)
> > * Chicago, IL, USA September 26 & 27, 2011
> > * San Francisco, CA, USA October 18 & 19, 2011
> > * Washington DC, USA October 31 & November 1, 2011
> > * Melbourne VIC, Australia November 28 & 29, 2011
> > * Barcelona, Spain November 28 & 29, 2011
> --------
> RT Training Sessions (http://bestpractical.com/services/training.html)
> * San Francisco, CA, USA October 18 & 19, 2011
> * Washington DC, USA October 31 & November 1, 2011
> * Melbourne VIC, Australia November 28 & 29, 2011
> * Barcelona, Spain November 28 & 29, 2011
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20111003/fdbf291e/attachment.sig>
More information about the rt-users
mailing list