On Tue, Jun 12, 2012 at 5:38 AM, Asif Iqbal <vad...@gmail.com> wrote: > I am using external authentication against our corporate AD server > successfully, using the RT::Authen::ExternalAuth. > > But I like the authorization done against internal db for user account. > > Just because a user has a valid AD credential is not enough for him/her to > be able to login to our RT. We like > to manage the login by creating the user account into internal db using the > Web UI. > > So we still like the user to use their AD credential and no need to remember > another password, and at the same time > only be able to login if the same username is available in internal db. > > Is that possible? Any suggestion/tip is appreciated.
Yes, it is possible, but not like you want it to be. As far as I can see users need AD record anyway, just mark them somehow in AD and use this marking in ExternalAuth filter. > -- > Asif Iqbal > PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > > -- Best regards, Ruslan.