I’m only in the early analysis stage of trying to figure out if RT is a good fit for us. We currently use Trac for our ticketing
system, which is workable, but not universally liked (being more of an appropriate solution for an ongoing open-source project
than it is for a small college IT helpdesk). Anyhow, I have a test instance of RT+AssetTracker up and running on an old
underpowered VM, but I’m definitely only scratching the surface (I have the RT Essentials book but I haven’t yet read it all the
way through). My question is about how to leverage our LDAP directory in order to allow end-users to create tickets. We have a
small enough staff that creating local RT users for our admin personnel is not a problem (I have no requirement to also sync this
information from LDAP as it’s easily manageable as an independent data silo (living within the RT database backend I presume)).
But what is the canonical solution for allowing our users to login to the web interface (using their existing usernames/passwords
which we already have set in LDAP (for their email accounts among other uses))? Do I want to be leveraging the HTTP-auth stuff
from apache (I believe this is how we solve this issue with Trac currently), or is there a way to have RT directly query a
specific PAM layer that’s been configured correctly (to back against our LDAP) on the RT server? Or maybe there’s a different way
to accomplish what I want. I made it into the beginning of the chapter on scrips last night, so I have no doubt that (given more
perl coding chops than I currently possess) there are definitely enough tools available to solve this problem, but it seemed worth
asking for direction (as I can’t imagine I’m the first person to want to do this).
thanks so much in advance for any information, ~c