Re: [rt-users] RT External Authen/LDAP import with AD user names as numeric
Kevin, If i could Prefix a string,can i use AD authentication ?Can you guide me with that hack ?thanks in advance Murugan On Mon, Mar 26, 2012 at 7:15 PM, Kevin Falcone falc...@bestpractical.comwrote: On Sat, Mar 24, 2012 at 03:59:27PM +0530, Murugan wrote: I am new to RT and installed RT4.05 in Ubuntu 11.10 with RT External authentication.Active Directory users whose login ID is numeric(say 0001234 which will be their employee id ) cannot log in in RT(user names not created in RT). All others whose AD Login ID are alphabet/alphanumeric(like b001) can log in (user name created in RT). I tried LDAP import also and it fails fails with messages like [warning]: Skipping user '0003503', as it is numeric (/opt/rt4/local/plugins/RT-Extension-LDAPImport/lib/RT/Extension/LDAPImport.pm:969) Is there any way to authenticate or import users from LDAP without changing AD user names? If you search the list archives, you'll find people who've hacked up RT-Authen-ExternalAuth or LDAPImporter to handle number usernames by prefixing a string. RT does not allow numeric usernames, so this is a required workaround. I don't think we've received a patch to make that feature core in RT-Authen-ExternalAuth or the LDAPImporter. -kevin This is my RT External Auth Config file Set($ExternalAuthPriority, [ 'My_LDAP' ] ); Set($ExternalInfoPriority, [ 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS, 0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'My_LDAP' = { 'type' = 'ldap', 'server' = '[1]serverr.domain.com', 'user' = 'cn=RT,ou=ouname,dc=example,dc=com', 'pass' = 'Welcome123', 'base' = 'dc=example,dc=com', 'filter' = '((ObjectCategory=User)(ObjectClass=Person))', 'd_filter' = '(userAccountControl:1.2.840.113556.1.4.803:=2)', 'tls' = 0, # 'ssl_version' = 3, 'net_ldap_args' = [ version = 3 ], # 'group' = 'cn=RT Users,dc=sps,dc=co,dc=in', # 'group_attr' = 'member', 'attr_match_list' = [ 'Name','EmailAddress' ], 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'Organization' = 'physicalDeliveryOfficeName', 'RealName' = 'cn', 'ExternalAuthId' = 'AMAccountName', 'Gecos' = 'sAMAccountName', 'WorkPhone' = 'telephoneNumber', 'Address1' = 'streetAddress', 'City' = 'l', 'State' = 'st', 'Zip' = 'postalCode', 'Country' = 'co' } In RT_Site Config.PM Set(@Plugins, qw(RT::Authen::ExternalAuth RTx::Calendar RT::Extension::JSGantt RT::Extension::QuickCalls RT::Extension::SLA RTx::TicketlistTransactions RT::Extension::Utils RTx::WorkflowBuilder RT::Extension::NotifyOwners)); require /opt/rt4/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm; Set($AutoCreate, {Privileged = 1}); Am i missing something ? Regards Murugan References Visible links 1. http://serverr.domain.com/
Re: [rt-users] RT External Authen/LDAP import with AD user names as numeric
On Tue, Mar 27, 2012 at 03:21:38PM +0530, Murugan wrote: If i could Prefix a string,can i use AD authentication ?Can you guide me with that hack ?thanks in advance You'll need to search the mailing list archives, I've not configured RT like this so I'm not sure what you'll need to do. -kevin On Mon, Mar 26, 2012 at 7:15 PM, Kevin Falcone [1]falc...@bestpractical.com wrote: On Sat, Mar 24, 2012 at 03:59:27PM +0530, Murugan wrote: I am new to RT and installed RT4.05 in Ubuntu 11.10 with RT External authentication.Active Directory users whose login ID is numeric(say 0001234 which will be their employee id ) cannot log in in RT(user names not created in RT). All others whose AD Login ID are alphabet/alphanumeric(like b001) can log in (user name created in RT). I tried LDAP import also and it fails fails with messages like [warning]: Skipping user '0003503', as it is numeric (/opt/rt4/local/plugins/RT-Extension-LDAPImport/lib/RT/Extension/LDAPImport.pm:969) Is there any way to authenticate or import users from LDAP without changing AD user names? If you search the list archives, you'll find people who've hacked up RT-Authen-ExternalAuth or LDAPImporter to handle number usernames by prefixing a string. RT does not allow numeric usernames, so this is a required workaround. I don't think we've received a patch to make that feature core in RT-Authen-ExternalAuth or the LDAPImporter. -kevin This is my RT External Auth Config file Set($ExternalAuthPriority, [ 'My_LDAP' ] ); Set($ExternalInfoPriority, [ 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS, 0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'My_LDAP' = { 'type' = 'ldap', 'server' = '[1][2]serverr.domain.com', 'user' = 'cn=RT,ou=ouname,dc=example,dc=com', 'pass' = 'Welcome123', 'base' = 'dc=example,dc=com', 'filter' = '((ObjectCategory=User)(ObjectClass=Person))', 'd_filter' = '(userAccountControl:1.2.840.113556.1.4.803:=2)', 'tls' = 0, # 'ssl_version' = 3, 'net_ldap_args' = [ version = 3 ], # 'group' = 'cn=RT Users,dc=sps,dc=co,dc=in', # 'group_attr' = 'member', 'attr_match_list' = [ 'Name','EmailAddress' ], 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'Organization' = 'physicalDeliveryOfficeName', 'RealName' = 'cn', 'ExternalAuthId' = 'AMAccountName', 'Gecos' = 'sAMAccountName', 'WorkPhone' = 'telephoneNumber', 'Address1' = 'streetAddress', 'City' = 'l', 'State' = 'st', 'Zip' = 'postalCode', 'Country' = 'co' } In RT_Site Config.PM Set(@Plugins, qw(RT::Authen::ExternalAuth RTx::Calendar RT::Extension::JSGantt RT::Extension::QuickCalls RT::Extension::SLA RTx::TicketlistTransactions RT::Extension::Utils RTx::WorkflowBuilder RT::Extension::NotifyOwners)); require /opt/rt4/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm; Set($AutoCreate, {Privileged = 1}); Am i missing something ? Regards Murugan References pgpCWs3a1HE9q.pgp Description: PGP signature
Re: [rt-users] RT External Authen/LDAP import with AD user names as numeric
On Sat, Mar 24, 2012 at 03:59:27PM +0530, Murugan wrote: I am new to RT and installed RT4.05 in Ubuntu 11.10 with RT External authentication.Active Directory users whose login ID is numeric(say 0001234 which will be their employee id ) cannot log in in RT(user names not created in RT). All others whose AD Login ID are alphabet/alphanumeric(like b001) can log in (user name created in RT). I tried LDAP import also and it fails fails with messages like [warning]: Skipping user '0003503', as it is numeric (/opt/rt4/local/plugins/RT-Extension-LDAPImport/lib/RT/Extension/LDAPImport.pm:969) Is there any way to authenticate or import users from LDAP without changing AD user names? If you search the list archives, you'll find people who've hacked up RT-Authen-ExternalAuth or LDAPImporter to handle number usernames by prefixing a string. RT does not allow numeric usernames, so this is a required workaround. I don't think we've received a patch to make that feature core in RT-Authen-ExternalAuth or the LDAPImporter. -kevin This is my RT External Auth Config file Set($ExternalAuthPriority, [ 'My_LDAP' ] ); Set($ExternalInfoPriority, [ 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS, 0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'My_LDAP' = { 'type' = 'ldap', 'server' = '[1]serverr.domain.com', 'user' = 'cn=RT,ou=ouname,dc=example,dc=com', 'pass' = 'Welcome123', 'base' = 'dc=example,dc=com', 'filter' = '((ObjectCategory=User)(ObjectClass=Person))', 'd_filter' = '(userAccountControl:1.2.840.113556.1.4.803:=2)', 'tls' = 0, # 'ssl_version' = 3, 'net_ldap_args' = [ version = 3 ], # 'group' = 'cn=RT Users,dc=sps,dc=co,dc=in', # 'group_attr' = 'member', 'attr_match_list' = [ 'Name','EmailAddress' ], 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'Organization' = 'physicalDeliveryOfficeName', 'RealName' = 'cn', 'ExternalAuthId' = 'AMAccountName', 'Gecos' = 'sAMAccountName', 'WorkPhone' = 'telephoneNumber', 'Address1' = 'streetAddress', 'City' = 'l', 'State' = 'st', 'Zip' = 'postalCode', 'Country' = 'co' } In RT_Site Config.PM Set(@Plugins, qw(RT::Authen::ExternalAuth RTx::Calendar RT::Extension::JSGantt RT::Extension::QuickCalls RT::Extension::SLA RTx::TicketlistTransactions RT::Extension::Utils RTx::WorkflowBuilder RT::Extension::NotifyOwners)); require /opt/rt4/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm; Set($AutoCreate, {Privileged = 1}); Am i missing something ? Regards Murugan References Visible links 1. http://serverr.domain.com/ pgpOpPnRsogel.pgp Description: PGP signature