New Install: User creation, System config questions

New rt-2.0.14 installation.

I need to add many-many users to the system and I’m finding the web user
creation more than a little tedious.

  1. Is it possible to add users via RT-CLI commands? If so, where do I
    find info on the proper syntax? The install and admin docs seem scanty
    on doing anything NOT involving using the webUI.

  2. What about keywords? Is it likewise possible to create a keyword
    heirarchy via the commandline - perhaps parsing a text file into
    many-many SQL INSERTS rather than via the webUI?

  3. I’ve got to add @150 users - not all of whom will be active on the
    system, but need to use it from time to time. I’d like to be able to
    create a ticket as each user gets added to the system with a scrip
    action like

‘OnCreateUser’ ‘NotifyNewUserToModifySelf’. [set password to something
other than the default I setup, update contact info, etc.]

Has anyone done anything like this?

TIA

Drew M. Mooney

Drew Mooney wrote:

New rt-2.0.14 installation.

I need to add many-many users to the system and I’m finding the web user
creation more than a little tedious.

  1. Is it possible to add users via RT-CLI commands? If so, where do I
    find info on the proper syntax? The install and admin docs seem scanty
    on doing anything NOT involving using the webUI.

Use the ‘rtadmin’ cli command. path to rt2>/bin/rtadmin --help will give
You info on basic usage. If You have an LDAP user database, there are
scipts and add ons in the contrib download directory that might help You
as well.

  1. What about keywords? Is it likewise possible to create a keyword
    heirarchy via the commandline - perhaps parsing a text file into
    many-many SQL INSERTS rather than via the webUI?

Use the ‘rt’ cli command. /bin/rt --help will give You info
on basic usage.

  1. I’ve got to add @150 users - not all of whom will be active on the
    system, but need to use it from time to time. I’d like to be able to
    create a ticket as each user gets added to the system with a scrip
    action like

‘OnCreateUser’ ‘NotifyNewUserToModifySelf’. [set password to something
other than the default I setup, update contact info, etc.]

AFAIK, password generation is not part of RT 2.0, but You sould hack it
in Yourself. Alternatively, if You use LDAP, You can get this
information from Your ldap directory and authenticate against that (see
contrib stuff again).

Has anyone done anything like this?

Yes (-: . It’s easy with LDAP, and manageable with every other setup. If
You want to do perl stuff and ldap, I’d recommend Net::LDAP, as it
doesn’t rely on the C LDAP SDK, which is a pain to work with.

Regards,
Harald


rt-users mailing list
rt-users@lists.fsck.com
http://lists.fsck.com/mailman/listinfo/rt-users

Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm

Harald WagenerAn der Alster 4220099 Hamburg*http://www.fcb-wilkens.com

Harald Wagener wrote:

> > Use the 'rtadmin' cli command. path to rt2>/bin/rtadmin --help will give > You info on basic usage. If You have an LDAP user database, there are > scipts and add ons in the contrib download directory that might help You > as well.

Thanks for the cli info. Did I miss something in the RTFM? IIRC, the
only CLI docs in the RTFM deal with ticket creation…I’ll check out the
rtadmin help in a bit…

‘OnCreateUser’ ‘NotifyNewUserToModifySelf’. [set password to something
other than the default I setup, update contact info, etc.]

AFAIK, password generation is not part of RT 2.0, but You sould hack it in Yourself. Alternatively, if You use LDAP, You can get this information from Your ldap directory and authenticate against that (see contrib stuff again).

Harald, I think I phrased my question poorly. My goal is to automate
creation of a ticket owned by the new-user at every user-creation event.
The ticket would ‘require’ that the new user: login to RT; change
his/her password; and update contact info. With the 150+ userbase at my
site, this would be a HUGE time saver for our RT admins.

The alternatives? Tracking newuser password changes piecemeal, and
maintaining user-related email threads offline from RT. This scheme
would keep everything RT-related on RT. It’s probably of limited
utility after the up-front flood of user-creations required by deploying
RT, but still a worthwhile endeavor I think.

Sounds like I need to study LDAP… :slight_smile:

Drew Mooney wrote:

The alternatives? Tracking newuser password changes piecemeal, and
maintaining user-related email threads offline from RT. This scheme
would keep everything RT-related on RT. It’s probably of limited
utility after the up-front flood of user-creations required by deploying
RT, but still a worthwhile endeavor I think.

Why not script something /outside/ RT? Since you’re probably
going to use the CLI to create users and assign their passwords,
why not wrap the RT CLI commands in a script that also sends the
details to the user?
Phil Homewood, Systems Janitor, www.SnapGear.com
pdh@snapgear.com Ph: +61 7 3435 2810 Fx: +61 7 3891 3630
SnapGear - Custom Embedded Solutions and Security Appliances

Funny you should ask Phil… :slight_smile:

I did just that yesterday after being enlightened on the capabilities of
the RT CLI. But I observed an interesting behavior - more Unix than RT
related, but it confused the crap out of my users [and me for a moment].

I’m using ‘amanda’ as a backup utility on our RT box. I had a shell
session going as user ‘amanda’ and did ‘su -’ to run the cli script.
You’d think that would at least make stuff run with the ‘root’ user
environment, wouldn’t you?

I ran an RT CLI something like this:

#!/bin/ksh -x

for user in $(< userList)
do
rt --create --owner=$user <…etc…>
sendmail $user@mydomain.com < userNotification.txt
done

The wierdness?

I ran this with the ‘-x’ flag on the shell invocation - and as all the
script output flitted by, I noticed that ‘sendmail’ was being invoked by
user ‘amanda’ - not ‘root’.

So the From: line in the email all the users received said “Amanda
Backup Utility” [the comment I made in the ‘amanda’ useradd] and of
course the message text had absolutely nothing to do with ‘amanda’. Just
a tad embarrassing - but I quickly sent an update email explaining the
fiasco to the users. When I see my inbox at the office this morning I’ll
have a better idea how well received THAT was… :slight_smile:

So whattayathink?

Best regards,

Drew M. Mooney
Motorola Professional Services

Phil Homewood wrote:

Drew Mooney wrote:

The alternatives? Tracking newuser password changes piecemeal, and
maintaining user-related email threads offline from RT. This scheme
would keep everything RT-related on RT. It’s probably of limited
utility after the up-front flood of user-creations required by deploying
RT, but still a worthwhile endeavor I think.

Why not script something /outside/ RT? Since you’re probably
going to use the CLI to create users and assign their passwords,
why not wrap the RT CLI commands in a script that also sends the
details to the user?

Drew Mooney wrote:

So the From: line in the email all the users received said “Amanda
Backup Utility” [the comment I made in the ‘amanda’ useradd] and of
course the message text had absolutely nothing to do with ‘amanda’. Just

Sendmail uses logname() (or perhaps $LOGNAME) if I recall correctly.
Workarounds:

  1. Don’t log in as generic accounts and send mail
  2. use the “-f” arg to sendmail to set the sender address
  3. Don’t use sendmail.

And no, #3 does not mean “use {exim,qmail,postfix}”. /bin/mail
or any one of many other end-user mail user agents is often a
better choice than invoking your MTA in "generate a message"
mode.
Phil Homewood, Systems Janitor, www.SnapGear.com
pdh@snapgear.com Ph: +61 7 3435 2810 Fx: +61 7 3891 3630
SnapGear - Custom Embedded Solutions and Security Appliances