This is working as designed as it is possible for the LDAP server to provide email address information for a user. The call to the LDAP server can be prevented by setting an ar.conf parameter called External-Authentication-Return-Data-Capabilities: (check the exact name please as I don't have a copy of the config manual handy). Setting this to a value of 31 should prevent all calls to LDAP other than those for authentication purposes.
Mark ________________________________ From: Action Request System discussion list(ARSList) [arsl...@arslist.org] On Behalf Of Shyam Attavar [atta...@sbcglobal.net] Sent: 11 June 2010 18:15 To: arslist@ARSLIST.ORG Subject: Notify Action - authenticates against LDAP when user name specified is an email address ** We are seeing an unusual behavior, which we identified inadvertently and I am trying to identify if this behavior is expected. Here's the scenario: The OOB notification events in ITSM 7.1 have been configured to set the default notification mechanism to be blank. Hence the notification sent out is based on the users’ preference setting in the User form. For this scenario, the filter invoked on NTE:Notifier form has a notify action with the notification mechanism specified as “User Default” and a Remedy Login ID is specified for the user name. The email engine does not authenticate the users' account (the one that is receiving the notification) against LDAP. The custom notification event records we have defined have the default notification mechanism as Email, since we want these to be going out as email notifications. So, when the notification is sent out from the NTE:Notifier form, the filter that is being invoked for sending notifications is setting the notification mechanism to “Email” and an internet email address is specified for the user name. This in turn authenticates the email address against LDAP -- this behavior does not make sense to me. Why should the email engine authenticate against LDAP when sending out email notifications to users? I would like to hear if anyone has any insight on this behavior and how to avoid the authentication when the default notification mechanism is specified as Email and an email address is specified as the user name in the notify filter action. Thanks, -- Shyam _attend WWRUG10 www.wwrug.com ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: "Where the Answers Are"
