Help! RT::Authen::ExternalAuth -- can't create Privileged users

Al_Joslin · September 3, 2014, 3:45pm

I installed and configured: RT::Authen::ExternalAuth

I’ve got the login via LDAP working ok – but it won’t create Privileged users

I had to turn on: AutoCreateNonExternalUsers -- which seemed odd as I want to create only those users who are SUCCESSFULLY authenticated via LDAP

I added a:  Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
-- but i think that's ignored as it's from another [conflicting] plugin
-- -- and anyway I grepped the code and it's in there 

hrm...

I need these users to be Privileged

this is my config for that extension

Plugin( “RT::Authen::ExternalAuth” );

Set( $ExternalAuthPriority, [ ‘My_LDAP’ ]);

Set( $ExternalInfoPriority, [ ‘My_LDAP’ ]);

Set( $ExternalSettings, {
My_LDAP => {
‘type’ => ‘ldap’,

    'server'                    =>  'freeipa02.epc-instore.com',
    'user'                      =>  '',
    'pass'                      =>  '',

    'base'                      =>  'cn=users,cn=accounts,dc=epc-instore,dc=com',
    'filter'                    =>  '(objectClass=*)',
    'd_filter'                  =>  '(FILTER_STRING)',

    'group'                     =>  '',
    'group_attr'                =>  '',

    'tls'                       =>  0,
    'ssl_version'               =>  3,

    'net_ldap_args'             => [    version =>  3   ],

    'attr_match_list' => [
        'uid',
    ]

,
‘attr_map’ => {
‘Name’ => ‘uid’,
‘EmailAddress’ => ‘mail’,
‘Gecos’ => ‘mail’,
‘RealName’ => ‘displayName’,
‘ExternalAuthId’ => ‘uid’
},
},
} );

Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
Set( $AutoCreateNonExternalUsers, 1);

Kevin_Falcone · September 3, 2014, 9:01pm

I installed and configured: RT::Authen::ExternalAuth

I’ve got the login via LDAP working ok – but it won’t create Privileged users

I had to turn on: AutoCreateNonExternalUsers – which seemed odd as I want to create only those users who are SUCCESSFULLY authenticated via LDAP

This sounds wrong.

I added a: Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
– but i think that’s ignored as it’s from another [conflicting] plugin
– – and anyway I grepped the code and it’s in there

What conflicting plugin?
That’s a core config option.

Also, I wonder how you grepped the code, since while
RT-Authen-ExternalAuth documents that you should set the 4.2
compatible config variable, when those docs were added the code wasn’t
updated to match.

A bug should be filed in the RT::Authen::ExternalAuth config.

Until then, you could set the antiquated $AutoCreate to {Privileged =>
1} and just ignore the warning and it should work.

-kevin