On Wed, Sep 01, 2010 at 02:28:32PM -0400, Jason Ledford wrote: > I think this is what you need > http://search.cpan.org/dist/RT-Extension-LDAPImport/ > RT-Extension-LDAPImport (in case the url gets stripped). > > It's what I use along with the externalauth, that way I import all > the users. I then run the script nightly to import changes. The > external auth plugin will also update the details when the login.
LDAPImport is what I often recommend for folks, there is current work in the git repo that should be looked at if you're missing features. > But you can't assign permissions to a user that's never logged in. If you run LDAPImport, that user should be there to find and make privileged so you can grant them rights -kevin > -----Original Message----- > From: rt-users-boun...@lists.bestpractical.com > [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Dan Stilts > Sent: Wednesday, September 01, 2010 2:16 PM > To: rt-users@lists.bestpractical.com > Subject: Re: [rt-users] RT::Authen::ExternalAuth > > As far as I know, this only gets updated when the user goes to login. > However, I'm sure it's also very easily scriptable to pull rt3.Users and > then pull the users from LDAP (AD) and update the user via sql in > rt3.Users. Whether this would end up breaking anything, I'm not sure as > this is just off the top of my head thinking, but I wouldn't think so. > > Just a thought. > > -Dan > > > On 9/1/10 8:21 AM, Peter Barton wrote: > > Thanks a bunch Dan!! That did the trick perfectly! I am now able to > > authenticate successfully from AD and from the local system. > > > > Since it was so easy for you to spot my problem maybe you can help me > > with one more request. Like I said at the end of my last email I have > > run the "rt_logins_email2ldap" script and everyone has appropriate > > usernames to match AD. Is there a way to have RT go through and > > populate all the user information for each of the users that already > > exist in my system? Or is this supposed to be a dynamic step? When I > > open a ticket that existed prior to the installation of > > RT::Authen::ExternalAuth the user information is not populated with > > anything. > > > > Any direction you can give would be greatly appreciated. > > > > Thanks in advance, > > > > ---------- > > Peter Barton > > > > -----Original Message----- > > From: rt-users-boun...@lists.bestpractical.com > > [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Dan > > Stilts > > Sent: Tuesday, August 31, 2010 5:38 PM > > To: rt-users@lists.bestpractical.com > > Subject: Re: [rt-users] RT::Authen::ExternalAuth > > > > Peter, > > > > Looks like you have two plugin lines: > > > > Set(@Plugins, qw(RT::Authen::ExternalAuth)); > > Set(@Plugins, qw(RTx::Calendar)); > > > > Try: > > Set(@Plugins,(qw(RT::Authen::ExternalAuth RTx::Calendar))); > > > > Your second plugin line is overwriting the first one. > > > > -Dan > > > > On 8/31/10 3:05 PM, Peter Barton wrote: > >> I have been searching all day long and I am having some issues getting > >> this running. Here is a quick copy of my RT_SiteConfig.pm: > >> > >> Set(@Plugins, qw(RT::Authen::ExternalAuth)); > >> > >> Set(@Plugins, qw(RTx::Calendar)); > >> > >> Set($LogToFile,'debug'); > >> > >> Set($TrustHTMLAttachments, 1); > >> > >> Set($ExternalAuthPriority, [ 'My_LDAP' > >> > >> ] > >> > >> ); > >> > >> Set($ExternalInfoPriority, [ 'My_LDAP' > >> > >> ] > >> > >> ); > >> > >> Set($ExternalServiceUsesSSLorTLS, 0); > >> > >> Set($AutoCreateNonExternalUsers, 0); > >> > >> Set($ExternalSettings, { # AN EXAMPLE DB SERVICE > >> > >> 'My_MySQL' => { ## GENERIC SECTION > >> > >> 'type' => 'mysql', > >> > >> 'server' => 'localhost', > >> > >> 'database' => 'rt3', > >> > >> 'table' => 'USERS_TABLE', > >> > >> 'user' => 'rt_user', > >> > >> 'pass' => 'blahblah', > >> > >> 'port' => '3306', > >> > >> 'dbi_driver' => 'mysql', > >> > >> 'u_field' => 'username', > >> > >> 'p_field' => 'password', > >> > >> 'p_enc_pkg' => 'Crypt::MySQL', > >> > >> 'p_enc_sub' => 'password', > >> > >> 'd_field' => 'disabled', > >> > >> 'd_values' => ['0'], > >> > >> 'attr_match_list' => [ 'Gecos', > >> > >> 'Name' > >> > >> ], > >> > >> 'attr_map' => { 'Name' => 'username', > >> > >> 'EmailAddress' => 'email', > >> > >> 'ExternalAuthId' => 'username', > >> > >> 'Gecos' => 'userID' > >> > >> } > >> > >> }, > >> > >> # AN EXAMPLE LDAP SERVICE > >> > >> 'My_LDAP' => { ## GENERIC SECTION > >> > >> 'type' => 'ldap', > >> > >> 'server' => 'iesicorp.tf.prv', > >> > >> 'user' => 'cn=user,dc=tf,dc=prv', > >> > >> 'pass' => 'blahblah', > >> > >> 'base' => 'dc=tf,dc=prv', > >> > >> 'filter' => '(objectClass=user)', > >> > >> 'd_filter' => '(objectClass=FooBarBaz)', > >> > >> 'tls' => 0, > >> > >> 'ssl_version' => 3, > >> > >> 'net_ldap_args' => [ version => 3 ], > >> > >> # 'group' => 'Domain Users', > >> > >> # 'group_attr' => 'memberof', > >> > >> 'attr_match_list' => [ 'Name', > >> > >> 'EmailAddress', > >> > >> 'RealName', > >> > >> 'WorkPhone', > >> > >> 'Address2' > >> > >> ], > >> > >> # The mapping of RT attributes on to LDAP attributes > >> > >> 'attr_map' => { 'Name' => 'sAMAccountName', > >> > >> 'EmailAddress' => 'mail', > >> > >> 'Organization' => 'physicalDeliveryOfficeName', > >> > >> 'RealName' => 'cn', > >> > >> 'ExternalAuthId' => 'sAMAccountName', > >> > >> 'Gecos' => 'sAMAccountName', > >> > >> 'WorkPhone' => 'telephoneNumber', > >> > >> 'Address1' => 'streetAddress', > >> > >> 'City' => 'l', > >> > >> 'State' => 'st', > >> > >> 'Zip' => 'postalCode', > >> > >> 'Country' => 'co' > >> > >> } > >> > >> }, > >> > >> When I restart apache2 everything works fine. I see no errors. Yet > > when > >> I log into the web page I get this: > >> > >> [Tue Aug 31 21:44:27 2010] [info]: Successful login for pbarton from > >> 192.168.10.60 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:430) > >> > >> I check the "System Configuration" and I see no reference to > >> RT::Authen::ExternalAuth anywhere in there. From all the logs it does > >> not even appear that I am loading this plugin. > >> > >> BTW, I am running Ubuntu 8.0.4 LTS and RT version 3.8.6 and I > > installed > >> RT::Authen::ExternalAuth from cpan version 0.08. > >> > >> I have successfully run the "rt_logins_email2ldap" script and was able > >> to make all the necessary changes to accomoodate the change from local > >> user auth to LDAP auth. Any help anyone > >> > >> Can provide I would be greatly appreciative. > >> > >> Thanks, > >> > >> ---------- > >> > >> Peter Barton > >> > >> > >> > >> > >> RT Training in Washington DC, USA on Oct 25& 26 2010 > >> Last one this year -- Learn how to get the most out of RT! > > > > RT Training in Washington DC, USA on Oct 25& 26 2010 > > Last one this year -- Learn how to get the most out of RT! > > > > RT Training in Washington DC, USA on Oct 25& 26 2010 > > Last one this year -- Learn how to get the most out of RT! > > RT Training in Washington DC, USA on Oct 25 & 26 2010 > Last one this year -- Learn how to get the most out of RT! > > RT Training in Washington DC, USA on Oct 25 & 26 2010 > Last one this year -- Learn how to get the most out of RT!
pgp59ZkJWWW3E.pgp
Description: PGP signature
RT Training in Washington DC, USA on Oct 25 & 26 2010 Last one this year -- Learn how to get the most out of RT!