LDAP with ExternalAuth, adding autocreated users to groups

Ivan_Voras · November 16, 2009, 3:33pm

Hi,

I’m trying to configure RT3.8 to authenticate via LDAP - which
apprently goes well, but the users from LDAP are autocreated in rt3
without some useful properties.

I’d like them to:

Automatically be assigned to a specific group
That the new user gets whatever the “Let this user be granted
rights” checkbox does in user management

Is there a way to do this?

Matthew_Seaman · November 16, 2009, 4:12pm

Ivan Voras wrote:

Hi,

I’m trying to configure RT3.8 to authenticate via LDAP - which
apprently goes well, but the users from LDAP are autocreated in rt3
without some useful properties.

I’d like them to:

Automatically be assigned to a specific group

That the new user gets whatever the “Let this user be granted
rights” checkbox does in user management

Is there a way to do this?

Not without writing code I’m afraid. This is something there have been
a number of enquiries about, but as far as I am aware there hasn’t been a
really good solution posted anywhere.

This is part of what you want: see the CurrentUser_Local.pm section in
http://wiki.bestpractical.com/view/AutoCreateAndCanonicalizeUserInfo

Cheers,

Matthew

Dr Matthew Seaman The Bunker, Ash Radar Station
PGP: 0x60AE908C on servers Marshborough Rd
Tel: +44 1304 814890 Sandwich
Fax: +44 1304 814899 Kent, CT13 0PL, UK

signature.asc (259 Bytes)

Mike_Peachey · November 16, 2009, 4:56pm

Ivan Voras wrote:

Hi,

I’m trying to configure RT3.8 to authenticate via LDAP - which
apprently goes well, but the users from LDAP are autocreated in rt3
without some useful properties.

I’d like them to:

Automatically be assigned to a specific group

Not currently possible unless you write the extra code.

That the new user gets whatever the “Let this user be granted
rights” checkbox does in user management

This is done with:

Set($AutoCreate, {Privileged => 1});

Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England

Ivan_Voras · November 16, 2009, 5:31pm

Ivan Voras wrote:

Hi,

I’m trying to configure RT3.8 to authenticate via LDAP - which
apprently goes well, but the users from LDAP are autocreated in rt3
without some useful properties.

I’d like them to:

Automatically be assigned to a specific group

Not currently possible unless you write the extra code.

Heh, I thought so. Somehow I don’t think I’d be the only one to notice
rt3 is somewhat convoluted and unmodular

That the new user gets whatever the “Let this user be granted
rights” checkbox does in user management

This is done with:

Set($AutoCreate, {Privileged => 1});

Ok, it’s a start. With this I could just add the default properties to
the “Privileged” user group - are there any unforseen consequences to
this?

Kevin_Falcone · November 20, 2009, 7:26pm

Ivan Voras wrote:

Hi,

I’m trying to configure RT3.8 to authenticate via LDAP - which
apprently goes well, but the users from LDAP are autocreated in rt3
without some useful properties.

I’d like them to:

Automatically be assigned to a specific group

Not currently possible unless you write the extra code.

Adding them all to a configured group would be about 10 lines of code
stolen from RT-Extension-LDAPImport

Importing your groups from AD and mirroring memberships in RT is
very complicated and special and would require a ton of work

-kevin