Assigning rights to ExternalAuth users

Hi all,

I’ve configured ExternalAuth to authenticate against our AD and this works well, i.e. any user in our AD can login to RT3 as an unprivileged user and create tickets to specific queues. I also see in the MySQL backend that a user record is created when an AD user logs in for the first time.

My problem is that these users don’t show up in the Configuration–>Users list (even when I check the include disabled users checkbox as someone suggested in some post I read). Consequently I cannot assign these users to any groups nor

In addition: is it good practice to have the normal users be unprivileged (they only need to be able to open and track their own tickets) or should I make sure every user becomes privileged when he logs in for the first time?

Thanks in advance!
Jonathan Salomon

I’ve configured ExternalAuth to authenticate against our AD and this works well, i.e. any user
in our AD can login to RT3 as an unprivileged user and create tickets to specific queues. I
also see in the MySQL backend that a user record is created when an AD user logs in for the
first time.

My problem is that these users don’t show up in the Configuration`aUsers list (even when I
check the include disabled users checkbox as someone suggested in some post I read).
Consequently I cannot assign these users to any groups nor

RT doesn’t allow assigning unprivileged users to groups in the group
rights UI (since it is quite possible to have tens of thousands of
unprivileged users). They don’t show up on Configuration -> Users by
default for the same reason. Searching for them in the Configuration
-> Users UI (or constructing a search that matches all users) will let
you find them there and then use the Memberships tab to manage their
group membership.

In addition: is it good practice to have the normal users be unprivileged (they only need to
be able to open and track their own tickets) or should I make sure every user becomes
privileged when he logs in for the first time?

You can just grant rights to Unprivileged users as a whole, it doesn’t
sound like these users really want to be Privileged.

-kevin