Adding users

Hello,

I have to add about 80 users to RT. These will be unprivileged users that
will use the SelfService link to create tickets. I have succesfully
imported the users directly into MySQL on a test system with phpMyAdmin.
However I can’t find where to “Allow this user to access RT” in any of the
db fields. Does anybody know how I can achieve this?

Regards, Jim

That would probably be in Principals, with the ‘Disabled’ field set to ‘0’.

That being said, you should probably use the API to create users en-masse. It would avoid minor problems like this.

StuartFrom: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Jim T
Sent: Monday, 7 November 2011 11:11 AM
To: rt-users@lists.bestpractical.com
Subject: [rt-users] Adding users

Hello,

I have to add about 80 users to RT. These will be unprivileged users that will use the SelfService link to create tickets. I have succesfully imported the users directly into MySQL on a test system with phpMyAdmin. However I can’t find where to “Allow this user to access RT” in any of the db fields. Does anybody know how I can achieve this?

Regards, Jim

Hi Stuart,

Thanks for the reply, I’d just managed to figure it it out. Never used the
API, but sounds like I should should. Can you offer any pointers?

Regards, JimOn Mon, Nov 7, 2011 at 12:45 AM, Stuart Browne < stuart.browne@ausregistry.com.au> wrote:

That would probably be in Principals, with the ‘Disabled’ field set to ‘0’.



That being said, you should probably use the API to create users
en-masse. It would avoid minor problems like this.****


Stuart****


From: rt-users-bounces@lists.bestpractical.com [mailto:
rt-users-bounces@lists.bestpractical.com] On Behalf Of Jim T
Sent: Monday, 7 November 2011 11:11 AM
To: rt-users@lists.bestpractical.com
Subject: [rt-users] Adding users
**


Hello,

I have to add about 80 users to RT. These will be unprivileged users that
will use the SelfService link to create tickets. I have succesfully
imported the users directly into MySQL on a test system with phpMyAdmin.
However I can’t find where to “Allow this user to access RT” in any of the
db fields. Does anybody know how I can achieve this?

Regards, Jim****

Sorry, was trying to dig up some example code for you, but the system I have it on crashed :-/ boo.

This thread has the basics of it though: http://www.mail-archive.com/rt-users@lists.bestpractical.com/msg26316.htmlFrom: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Jim T
Sent: Monday, 7 November 2011 12:45 PM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Adding users

Hi Stuart,

Thanks for the reply, I’d just managed to figure it it out. Never used the API, but sounds like I should should. Can you offer any pointers?

Regards, Jim

Hello,

I have to add about 80 users to RT. These will be unprivileged users that will use the SelfService link to create tickets. I have succesfully imported the users directly into MySQL on a test system with phpMyAdmin. However I can’t find where to “Allow this user to access RT” in any of the db fields. Does anybody know how I can achieve this?

Regards, Jim

Do it using one of the APIs rather than interfacing with the DB
directly. It’s generally a bad idea to do this unless you have a full
understanding of the schema, and it sounds in this case like you
don’t.

I can share some code examples if needed.

Richard Clark
richard@fohnet.co.uk

Hi Stuart,

Thanks for the reply, I’d just managed to figure it it out. Never used the API, but sounds like I should should. Can you offer any pointers?

Regards, Jim

Here’s a script that I wrote a while ago:

git://gist.github.com/1344505.git

Richard Clark
richard@fohnet.co.uk

Thank you both Richard and Stuart.On Mon, Nov 7, 2011 at 9:08 AM, Richard Clark noc@fohnet.co.uk wrote:

On 7 Nov 2011, at 01:45, Jim T jimmers.inbox@gmail.com wrote:

Hi Stuart,

Thanks for the reply, I’d just managed to figure it it out. Never used
the API, but sounds like I should should. Can you offer any pointers?

Regards, Jim

Here’s a script that I wrote a while ago:

git://gist.github.com/1344505.git


Richard Clark
richard@fohnet.co.uk

RT Training Sessions (http://bestpractical.com/services/training.html)

  • Barcelona, Spain November 28 & 29, 2011

I have to add about 80 users to RT. These will be unprivileged users
that will use the SelfService link to create tickets. I have succesfully
imported the users directly into MySQL on a test system with phpMyAdmin.
However I can’t find where to “Allow this user to access RT” in any of
the db fields. Does anybody know how I can achieve this?

As others have said, but I want to stress: don’t users directly in the
DB. Besides flags like Disabled, you’ll also probably miss the acl
equivalence group, group membership records, cached group membership
records, etc. Things will behave very poorly with that information
missing. If you’ve already done this on a production system where you
can back out the changes, please run rt-validator which may be able to
fix some of the problems.

Thomas

I have a question then regarding this. We are at the point now we are ready to move our 3.8.6 database to our 4.0.2 installation. I am using LDAP authentication in the new install, but it was not being used in the 3.8.6 install. At some point in the past, the group here imported ALL LDAP users into MySQL so that accounts would already be created for them. I had planned to go in and run a sql script I have put together to delete all MySQL local users (except for a few in IT, and the needed Nobody, RT_System, root, etc.) directly. Can someone point me in a ‘better’ way to do this using the API? These are all unprivileged users, and maintaining history correlation for the accounts in which I will remove is not an issue (e.g. it is ok that old tickets will not have an owner associated with them).-----Original Message-----
From: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Thomas Sibley
Sent: Monday, November 07, 2011 8:46 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Adding users

On 11/06/2011 07:11 PM, Jim T wrote:

I have to add about 80 users to RT. These will be unprivileged users
that will use the SelfService link to create tickets. I have succesfully
imported the users directly into MySQL on a test system with phpMyAdmin.
However I can’t find where to “Allow this user to access RT” in any of
the db fields. Does anybody know how I can achieve this?

As others have said, but I want to stress: don’t users directly in the
DB. Besides flags like Disabled, you’ll also probably miss the acl
equivalence group, group membership records, cached group membership
records, etc. Things will behave very poorly with that information
missing. If you’ve already done this on a production system where you
can back out the changes, please run rt-validator which may be able to
fix some of the problems.

Thomas
RT Training Sessions (http://bestpractical.com/services/training.html)

  • Barcelona, Spain November 28 & 29, 2011

I have a question then regarding this. We are at the point now we
are ready to move our 3.8.6 database to our 4.0.2 installation. I am
using LDAP authentication in the new install, but it was not being
used in the 3.8.6 install. At some point in the past, the group here
imported ALL LDAP users into MySQL so that accounts would already be
created for them. I had planned to go in and run a sql script I have
put together to delete all MySQL local users (except for a few in IT,
and the needed Nobody, RT_System, root, etc.) directly. Can someone
point me in a ‘better’ way to do this using the API? These are all
unprivileged users, and maintaining history correlation for the
accounts in which I will remove is not an issue (e.g. it is ok that
old tickets will not have an owner associated with them).

Why do you want to remove the users?

If you must, shredder is the way to go and will handle database integrity.

Thomas

I want to remove them because somehow, they ended up with really odd permissions which enable them as privileged. I can’t see this via the UI, but it is confirmed when I look at the schema in mysql. So it has been decided to remove them. I have tried the Shredder and even after doing that, the user still exists. The old database was duct taped so much I am unsure of why some things happen the way they do, but they do. I’m just the cleaner. =)-----Original Message-----
From: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Thomas Sibley
Sent: Monday, November 07, 2011 9:25 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Adding users

On 11/07/2011 09:52 AM, Izz Abdullah wrote:

I have a question then regarding this. We are at the point now we
are ready to move our 3.8.6 database to our 4.0.2 installation. I am
using LDAP authentication in the new install, but it was not being
used in the 3.8.6 install. At some point in the past, the group here
imported ALL LDAP users into MySQL so that accounts would already be
created for them. I had planned to go in and run a sql script I have
put together to delete all MySQL local users (except for a few in IT,
and the needed Nobody, RT_System, root, etc.) directly. Can someone
point me in a ‘better’ way to do this using the API? These are all
unprivileged users, and maintaining history correlation for the
accounts in which I will remove is not an issue (e.g. it is ok that
old tickets will not have an owner associated with them).

Why do you want to remove the users?

If you must, shredder is the way to go and will handle database integrity.

Thomas
RT Training Sessions (http://bestpractical.com/services/training.html)

  • Barcelona, Spain November 28 & 29, 2011

I want to remove them because somehow, they ended up with really odd
permissions which enable them as privileged. I can’t see this via
the UI, but it is confirmed when I look at the schema in mysql. So
it has been decided to remove them. I have tried the Shredder and
even after doing that, the user still exists. The old database was
duct taped so much I am unsure of why some things happen the way they
do, but they do. I’m just the cleaner. =)

It sounds like they were added improperly the first time, however they
were imported. Have you looked at the individual admin user pages at
"Let this user be granted rights" checkbox?

Shredder reports success even though the user still exists? Can you
send details?

Thomas

There is NOT a check on the individual user admin page for ‘Let this user be granted rights’.
What details would you like about the Shredder? Basically, I go to the Shredder, input the object as user, pull up the user and shred. Then if I query the shredder again, the account is still there and I am able to click on the user account to get to the user admin page.-----Original Message-----
From: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Thomas Sibley
Sent: Monday, November 07, 2011 9:37 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Adding users

On 11/07/2011 10:31 AM, Izz Abdullah wrote:

I want to remove them because somehow, they ended up with really odd
permissions which enable them as privileged. I can’t see this via
the UI, but it is confirmed when I look at the schema in mysql. So
it has been decided to remove them. I have tried the Shredder and
even after doing that, the user still exists. The old database was
duct taped so much I am unsure of why some things happen the way they
do, but they do. I’m just the cleaner. =)

It sounds like they were added improperly the first time, however they
were imported. Have you looked at the individual admin user pages at
“Let this user be granted rights” checkbox?

Shredder reports success even though the user still exists? Can you
send details?

Thomas
RT Training Sessions (http://bestpractical.com/services/training.html)

  • Barcelona, Spain November 28 & 29, 2011

I should be more specific about users still being ‘privileged’:
The user is not “fully privileged” but somehow they remain a member of some odd group (not user created, not on purpose anyway, nor system) to where they are able to bypass security measures to view tickets outside of the General queue and create tickets outside of the General Queue. If I remove the check from ‘let user be granted rights’ then MOST rights are revoked, but there is some queue setting in a group deep inside of mysql that allows them to do things they should not be able to do. If it is a new user (post-previous import) then everything works as I have coded it.
As for the Shredder, I could have been wrong by not knowing the ins and outs. I have had to up the dependencies in the site config file to 100,000 to allow for some users to be removed. I think this will work, but I have 800+ users I will need to do this to, and the first user I tried this on in test is taking, still in progress, over 5 minutes. I was receiving ‘dependency limit has been reached’, which by the way there is a typo in the spelling on the webUI. =)
After increasing the dependency value a few times, finally to 100,000, it is running, but slow to complete, if not hung.From: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Izz Abdullah
Sent: Monday, November 07, 2011 9:46 AM
To: ‘Thomas Sibley’; rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Adding users

There is NOT a check on the individual user admin page for ‘Let this user be granted rights’.
What details would you like about the Shredder? Basically, I go to the Shredder, input the object as user, pull up the user and shred. Then if I query the shredder again, the account is still there and I am able to click on the user account to get to the user admin page.

Hello list,

i’d like advice on the following method i’ve implemented wich is working
99%, just missing the last step.
I’ve added a new Priority ColumnMap called PriorityArrows for our manager
to be able to modify priorities rapidly while looking at a Dashboard
during a meeting, without need to enter into ticket details.
It is looking like this (other icons are working well already) :

The arrows are href link pointing to an html page doing the priority
modification, and this is working.
In this html page, i’ve added a javascript method to go back one page to
the dashboardn this is working too.
BUT the dashboard has not been “refreshed” with the new value, as the page
is cached (inside the browser?masoncache?).

So now i’d like to know if someone would have a hint to force refresh of
dashboard page after back(), or any other idea.

I’m using RT 3.8, and here are the codes i’ve written :

PriorityArrows => {
title => ‘Priority’, # loc
attribute => ‘Priority’,
value => sub {
my $Ticket = shift;
my $currentpriority = $Ticket->Priority;
my @result;
my $base_url = RT->Config->Get(‘WebPath’);
my $img_url = $base_url . ‘/NoAuth/images/’;
my $targetpriorityup = $currentpriority - 1;
my $targetprioritydown = $currentpriority + 1;

        push (@result, \"<center>");
        if ($currentpriority>1) {
            push (@result, \"<a href=\"", $base_url, 

“/Ticket/MovePriority.html?id=”, $Ticket->id, “&sens=moins”>", “<img
src=”", $img_url, “arrowup.gif”, “”> “, “
”);
}
push (@result, $currentpriority, “
”);
push (@result, “<a href=””, $base_url,
"/Ticket/MovePriority.html?id=", $Ticket->id, “&sens=plus”>", “<img
src=”", $img_url, “arrowdown.gif”, “”> ", “
”);
return @result;
}

and the MovePriority.html page is as follows :

<%INIT>
my $Ticket = LoadTicket($id);
my $currentpriority = $Ticket->Priority;
my $targetpriority = 0;
if ($sens eq “plus”) {
$targetpriority = $currentpriority + 1;
}
elsif ($sens eq “moins”) {
$targetpriority = $currentpriority -1;
}
$Ticket->SetPriority($targetpriority);
</%INIT>

<%ARGS>
$id => undef
$sens => undef
$origin => undef
</%ARGS>

Rapha�l MOUNEYRES
" Ce courriel et les documents qui lui sont joints peuvent contenir des
informations confidentielles ou ayant un caract�re priv�. S’ils ne vous sont
pas destin�s, nous vous signalons qu’il est strictement interdit de les
divulguer, de les reproduire ou d’en utiliser de quelque mani�re que ce
soit le contenu. Si ce message vous a �t� transmis par erreur, merci d’en
informer l’exp�diteur et de supprimer imm�diatement de votre syst�me
informatique ce courriel ainsi que tous les documents qui y sont attach�s."

" This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, you are
notified that any dissemination, copying of this e-mail and any attachments
thereto or use of their contents by any means whatsoever is strictly
prohibited. If you have received this e-mail in error, please advise the
sender immediately and delete this e-mail and all attached documents
from your computer system."

replying to myself, but i’ve just noticed it is working with IE8, i mean
the page is auto refreshing, but not with Mozilla Firefox 8.0
any hint is still welcome

Rapha�l MOUNEYRES

Rapha�l MOUNEYRES raphael.mouneyres@sagemcom.com
Envoy� par : rt-users-bounces@lists.bestpractical.com
08/11/2011 10:00

A
rt-users@lists.bestpractical.comrt-users@lists.bestpractical.com
cc

Objet
[rt-users] auto refresh dashboard after back in history

Hello list,

i’d like advice on the following method i’ve implemented wich is working
99%, just missing the last step.
I’ve added a new Priority ColumnMap called PriorityArrows for our manager
to be able to modify priorities rapidly while looking at a Dashboard
during a meeting, without need to enter into ticket details.
It is looking like this (other icons are working well already) :

The arrows are href link pointing to an html page doing the priority
modification, and this is working.
In this html page, i’ve added a javascript method to go back one page to
the dashboardn this is working too.
BUT the dashboard has not been “refreshed” with the new value, as the page
is cached (inside the browser?masoncache?).

So now i’d like to know if someone would have a hint to force refresh of
dashboard page after back(), or any other idea.

I’m using RT 3.8, and here are the codes i’ve written :

" Ce courriel et les documents qui lui sont joints peuvent contenir des
informations confidentielles ou ayant un caract�re priv�. S’ils ne vous sont
pas destin�s, nous vous signalons qu’il est strictement interdit de les
divulguer, de les reproduire ou d’en utiliser de quelque mani�re que ce
soit le contenu. Si ce message vous a �t� transmis par erreur, merci d’en
informer l’exp�diteur et de supprimer imm�diatement de votre syst�me
informatique ce courriel ainsi que tous les documents qui y sont attach�s."

" This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, you are
notified that any dissemination, copying of this e-mail and any attachments
thereto or use of their contents by any means whatsoever is strictly
prohibited. If you have received this e-mail in error, please advise the
sender immediately and delete this e-mail and all attached documents
from your computer system."

I want to remove them because somehow, they ended up with really odd permissions which enable them as privileged. I can’t see this via the UI, but it is confirmed when I look at the schema in mysql. So it has been decided to remove them. I have tried the Shredder and even after doing that, the user still exists. The old database was duct taped so much I am unsure of why some things happen the way they do, but they do. I’m just the cleaner. =)

-----Original Message-----
From: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Thomas Sibley
Sent: Monday, November 07, 2011 9:25 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Adding users

I have a question then regarding this. We are at the point now we
are ready to move our 3.8.6 database to our 4.0.2 installation. I am
using LDAP authentication in the new install, but it was not being
used in the 3.8.6 install. At some point in the past, the group here
imported ALL LDAP users into MySQL so that accounts would already be
created for them. I had planned to go in and run a sql script I have
put together to delete all MySQL local users (except for a few in IT,
and the needed Nobody, RT_System, root, etc.) directly. Can someone
point me in a ‘better’ way to do this using the API? These are all
unprivileged users, and maintaining history correlation for the
accounts in which I will remove is not an issue (e.g. it is ok that
old tickets will not have an owner associated with them).

Why do you want to remove the users?

If you must, shredder is the way to go and will handle database integrity.

Thomas

Sounds like you may have issues in your DB related to operating directly
on it rather than using the API. Generally speaking, users in RT are
never deleted, only disabled.
I have an issue myself in that we went through a re-brand, resulting in
users mail addresses changing so creating duplicate users. I was going to
use the MergeUsers extension to correct this, but last time I checked it
hadn’t been updated to work with RT4, and I haven’t got the spare
bandwidth to work on a patch for it atm.
Current workaround for the few affected users is to rename and disable
the old user, then run a search for the old user’s tickets and change
requestor/ownership to the new user.

Richard Clark
richard@fohnet.co.uk

signature.asc (198 Bytes)