Ldap users

hi all, i have all my users authenticating via ldap, and when they log
in they see everything, including the configuration tab on the left
side, which means that they can see that there is an account called
superuser etc…, while they can not modify any of this info i would
like for all users except those specified to not be able to see the
configuration tab on the left.

is this possible, if so how do i go about doing this,

also for those of you that need to authenticate via ldap here is how to
do it in 3 steps,

add this to RT_Site_config.pm
$LDAPExternalAuth = 1;
$LdapServer=“ldap.mydomain.com”;
$LdapUser=“cn=DADDY,o=MAMA”;
$LdapPass=“PASS”;
$LdapBase="";
$LdapUidAttr=“uid”;
$LdapFilter="(objectclass=*)";
$LdapTLS = 0;
$LdapGroup =“cn=NY-Everyone,ou=Groups,ou=NY,ou=YOYO,ou=MAMA”;
$LdapGroupAttribute = ‘member’;

then in httpd.conf

ServerName rt.mydomain.com
DocumentRoot /usr/local/rt3/share/html
AddDefaultCharset UTF-8
PerlModule Apache::DBI
PerlRequire /usr/local/rt3/bin/webmux.pl

SetHandler perl-script
PerlHandler RT::Mason
AuthName "RT Web Users"
AuthType Basic
AuthLDAPAuthoritative off
AuthLDAPurl ldap://ldap.mydomain.com/?cn?sub
require valid-user

you must install auth_ldap first, and in freebsd this is not mod_ldap
but auth_ldap and is located in /usr/ports/www/auth_ldap

steve.vcf (774 Bytes)

http://wiki.bestpractical.com/index.cgi?HideConfigurationTabOn Mon, Dec 20, 2004 at 01:31:10PM -0500, steve wrote:

hi all, i have all my users authenticating via ldap, and when they log
in they see everything, including the configuration tab on the left
side, which means that they can see that there is an account called
superuser etc…, while they can not modify any of this info i would
like for all users except those specified to not be able to see the
configuration tab on the left.

is this possible, if so how do i go about doing this,

also for those of you that need to authenticate via ldap here is how to
do it in 3 steps,

add this to RT_Site_config.pm
$LDAPExternalAuth = 1;
$LdapServer=“ldap.mydomain.com”;
$LdapUser=“cn=DADDY,o=MAMA”;
$LdapPass=“PASS”;
$LdapBase="";
$LdapUidAttr=“uid”;
$LdapFilter="(objectclass=*)";
$LdapTLS = 0;
$LdapGroup =“cn=NY-Everyone,ou=Groups,ou=NY,ou=YOYO,ou=MAMA”;
$LdapGroupAttribute = ‘member’;

then in httpd.conf

ServerName rt.mydomain.com
DocumentRoot /usr/local/rt3/share/html
AddDefaultCharset UTF-8
PerlModule Apache::DBI
PerlRequire /usr/local/rt3/bin/webmux.pl

SetHandler perl-script
PerlHandler RT::Mason
AuthName "RT Web Users"
AuthType Basic
AuthLDAPAuthoritative off
AuthLDAPurl ldap://ldap.mydomain.com/?cn?sub
require valid-user

you must install auth_ldap first, and in freebsd this is not mod_ldap
but auth_ldap and is located in /usr/ports/www/auth_ldap


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Be sure to check out the RT wiki at http://wiki.bestpractical.com