I’m using RT 2.1.14 and 2.1.15.
WebExternalAuth = 1 (Apache and LDAP)
How can I change the auto creation behavior?
Using the email address for the username is fine by itself but when a
user successfully authenticates via LDAP using just “rthompson” RT will
complain that the user is not authorized.
The code snippet you refer to is for 2.0.x, the current stable branch
of rt. 2.1.x is the development branch, also known as 3.0. I believe
everyhting in 2.0.x should be the same (muck with the autohandler),
3.0.x should do it on it’s own, but I don’t know the details.
Where is the auto creation handled? I might be able to hack a
solution from there.
by default RT 2.0.x doesn’t have anything that will do autocreation
for web users. The code snippets you refer to add it to autohandler,
which is the right place for it.
by default RT 2.0.x doesn’t have anything that will do autocreation
for web users.
Not an issue. We’ll be using e-mail most of the time.
The code snippets you refer to add it to autohandler,
which is the right place for it.
I looked through it but didn’t see where users would be auto created.
I’ll look again. Maybe I won’t be able to hack it after all.
Although I am pretty stubborn.
I’m confused about what you’re
asking. I’m going to make a guess, and ask various questions.
What version of RT are you asking about?
You’re original mail said you were using WebExternalAuth, but that
users created via email auto create couldn’t log in? This is because
the autocreated users’s username includes the domain portion. so the
user is “rthompson@interpublic.com” and when apache hands RT
“rthompson” it doesn’t match.
There are 2 ways to fix that. You can set the email autocreation to no
append domain for interpublic.com users (and only those, not appending
domains for all users would be baaaad). Or you can get the get RT to
append interpublic.com to all webauthenticated things. When I had to
solve this, I went the latter route, and you can find my method (for
rt 2.0.x) at http://lists.fsck.com/pipermail/rt-devel/2002-May/002349.html
If you want to frob the email auto create, I believe you can find it
by tracing rt-mailgate. autohandler is a web thing.
This means that you’ll have to look at LookupExternalUserInfo(), which
is in etc/config.pm:
I just added the line marked with *:
#Name is the RT username you want to use for this user.
$Name = $EmailAddress;
$Name =~ s/@.*$//;
$params{‘Name’} = $Name;
As Steph correctly stated, this is ‘baaad’. But in our environment
where only users from specific domains are allowed to send email to
the queue (and their user part is unique), it’s acceptable.
Regards,
Torsten
Harald Wagener * FCB/Wilkens * An der Alster 42 * 20099 Hamburg