AutoGeneratedPassword and LDAP

RT Users
1

I have this installed as a template and really like the way it will work
for people outside of the company…

http://wiki.bestpractical.com/view/AutogeneratedPassword

But, there is something that I’m not sure how to do. If the user is a
first time user, and submits a ticket via email, a password will be
generated for them, even if they are in Active Directory. Is there a
check that can be done in the template to check if the user is an LDAP
user and not generate a password for them? I want my local users to be
AD, and remote users to have a password in RT3.

Thanks!

-Mark

CONFIDENTIALITY NOTICE: The information contained in this email message, including any attachments, may be
privileged, confidential and otherwise protected from disclosure. If the reader of this message is not the
intended recipient, you are hereby notified that any use, dissemination, distribution or copying of this
message, including any attachments, is strictly prohibited. If you have received this email message in
error, please notify the sender by reply email and delete/destroy the email message, including attachments,
and any copies thereof. Although we have taken precautions to minimize the risk of transmitting viruses via
email and attachments thereto, we do not guarantee that either is virus-free, and we accept no liability for
any damages sustained as a result of any such viruses.

2

that can be done in the template to check if the user is an LDAP user and
not generate a password for them? I want my local users to be AD, and
remote users to have a password in RT3.
Can’t you just add a condition on the password generation that skips
it if the requestor domain is the same as yours?

Cambridge Energy Alliance: Save money. Save the planet.

3

That’s exactly what I was just thinking.

How in the template can I check to see if it is coming from @domain.com, and skip the generation?-----Original Message-----
From: Jerrad Pierce [mailto:jpierce@cambridgeenergyalliance.org]
Sent: Friday, June 18, 2010 11:24 AM
To: Mark Jenks
Cc: rt-users
Subject: Re: [rt-users] AutoGeneratedPassword and LDAP

that can be done in the template to check if the user is an LDAP user and
not generate a password for them? I want my local users to be AD, and
remote users to have a password in RT3.
Can’t you just add a condition on the password generation that skips
it if the requestor domain is the same as yours?

Cambridge Energy Alliance: Save money. Save the planet.

CONFIDENTIALITY NOTICE: The information contained in this email message, including any attachments, may be
privileged, confidential and otherwise protected from disclosure. If the reader of this message is not the
intended recipient, you are hereby notified that any use, dissemination, distribution or copying of this
message, including any attachments, is strictly prohibited. If you have received this email message in
error, please notify the sender by reply email and delete/destroy the email message, including attachments,
and any copies thereof. Although we have taken precautions to minimize the risk of transmitting viruses via
email and attachments thereto, we do not guarantee that either is virus-free, and we accept no liability for
any damages sustained as a result of any such viruses.

4

I’m not a programmer anymore (Gave it up 15 years ago), but I do some scripting now and then… But this is what I came up with.

Does it look right?

I just changed:
if (($Transaction->CreatorObj->id != $RT::Nobody->id) &&
(!$Transaction->CreatorObj->Privileged) &&
($Transaction->CreatorObj->__Value(‘Password’) eq ‘NO-PASSWORD’)
)

if (($Transaction->CreatorObj->id != $RT::Nobody->id) &&
($RT::RequestorAddresses !~ m/domain.com/i) &&
(!$Transaction->CreatorObj->Privileged) &&
($Transaction->CreatorObj->__Value(‘Password’) eq ‘NO-PASSWORD’)
)-----Original Message-----
From: Jerrad Pierce [mailto:jpierce@cambridgeenergyalliance.org]
Sent: Friday, June 18, 2010 11:24 AM
To: Mark Jenks
Cc: rt-users
Subject: Re: [rt-users] AutoGeneratedPassword and LDAP

that can be done in the template to check if the user is an LDAP user and
not generate a password for them? I want my local users to be AD, and
remote users to have a password in RT3.
Can’t you just add a condition on the password generation that skips
it if the requestor domain is the same as yours?

Cambridge Energy Alliance: Save money. Save the planet.

CONFIDENTIALITY NOTICE: The information contained in this email message, including any attachments, may be
privileged, confidential and otherwise protected from disclosure. If the reader of this message is not the
intended recipient, you are hereby notified that any use, dissemination, distribution or copying of this
message, including any attachments, is strictly prohibited. If you have received this email message in
error, please notify the sender by reply email and delete/destroy the email message, including attachments,
and any copies thereof. Although we have taken precautions to minimize the risk of transmitting viruses via
email and attachments thereto, we do not guarantee that either is virus-free, and we accept no liability for
any damages sustained as a result of any such viruses.

5

Should it be:

($Ticket->RequestorAddresses !~ m/domain.com$/i) &&

Or

($RT::RequestorAddresses !~ m/domain.com$/i) &&

Other than that, I think I got it. Might even add it to the wiki?

Thanks!

-MarkFrom: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Mark Jenks
Sent: Friday, June 18, 2010 12:17 PM
To: Jerrad Pierce
Cc: rt-users
Subject: Re: [rt-users] AutoGeneratedPassword and LDAP

I’m not a programmer anymore (Gave it up 15 years ago), but I do some scripting now and then… But this is what I came up with.

Does it look right?

I just changed:
if (($Transaction->CreatorObj->id != $RT::Nobody->id) &&
(!$Transaction->CreatorObj->Privileged) &&
($Transaction->CreatorObj->__Value(‘Password’) eq ‘NO-PASSWORD’)
)

if (($Transaction->CreatorObj->id != $RT::Nobody->id) &&
($RT::RequestorAddresses !~ m/domain.com/i) &&
(!$Transaction->CreatorObj->Privileged) &&
($Transaction->CreatorObj->__Value(‘Password’) eq ‘NO-PASSWORD’)
)