LDAP with ExternalAuth, adding autocreated users to groups

Hi,

I’m trying to configure RT3.8 to authenticate via LDAP - which
apprently goes well, but the users from LDAP are autocreated in rt3
without some useful properties.

I’d like them to:

  • Automatically be assigned to a specific group
  • That the new user gets whatever the “Let this user be granted
    rights” checkbox does in user management

Is there a way to do this?

Ivan Voras wrote:

Hi,

I’m trying to configure RT3.8 to authenticate via LDAP - which
apprently goes well, but the users from LDAP are autocreated in rt3
without some useful properties.

I’d like them to:

  • Automatically be assigned to a specific group
  • That the new user gets whatever the “Let this user be granted
    rights” checkbox does in user management

Is there a way to do this?

Not without writing code I’m afraid. This is something there have been
a number of enquiries about, but as far as I am aware there hasn’t been a
really good solution posted anywhere.

This is part of what you want: see the CurrentUser_Local.pm section in
http://wiki.bestpractical.com/view/AutoCreateAndCanonicalizeUserInfo

Cheers,

Matthew

Dr Matthew Seaman The Bunker, Ash Radar Station
PGP: 0x60AE908C on servers Marshborough Rd
Tel: +44 1304 814890 Sandwich
Fax: +44 1304 814899 Kent, CT13 0PL, UK

signature.asc (259 Bytes)

Ivan Voras wrote:

Hi,

I’m trying to configure RT3.8 to authenticate via LDAP - which
apprently goes well, but the users from LDAP are autocreated in rt3
without some useful properties.

I’d like them to:

  • Automatically be assigned to a specific group

Not currently possible unless you write the extra code.

  • That the new user gets whatever the “Let this user be granted
    rights” checkbox does in user management

This is done with:

Set($AutoCreate, {Privileged => 1});

Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com

Ivan Voras wrote:

Hi,

I’m trying to configure RT3.8 to authenticate via LDAP - which
apprently goes well, but the users from LDAP are autocreated in rt3
without some useful properties.

I’d like them to:

  • Automatically be assigned to a specific group

Not currently possible unless you write the extra code.

Heh, I thought so. Somehow I don’t think I’d be the only one to notice
rt3 is somewhat convoluted and unmodular :slight_smile:

  • That the new user gets whatever the “Let this user be granted
    rights” checkbox does in user management

This is done with:

Set($AutoCreate, {Privileged => 1});

Ok, it’s a start. With this I could just add the default properties to
the “Privileged” user group - are there any unforseen consequences to
this?

Ivan Voras wrote:

Hi,

I’m trying to configure RT3.8 to authenticate via LDAP - which
apprently goes well, but the users from LDAP are autocreated in rt3
without some useful properties.

I’d like them to:

  • Automatically be assigned to a specific group

Not currently possible unless you write the extra code.

Adding them all to a configured group would be about 10 lines of code
stolen from RT-Extension-LDAPImport

Importing your groups from AD and mirroring memberships in RT is
very complicated and special and would require a ton of work

-kevin