hi,
I managed to setup 5.0.4 with apache and mod_auth_openidc to authenticate against Azuread and create new users.
Setup:
vhost.conf:
<VirtualHost *:80>
ServerName tickets.example.de:80
LimitRequestFieldSize 32768
AddDefaultCharset UTF-8
DocumentRoot /opt/rt5/share/html
Alias /NoAuth/images/ /opt/rt5/share/html/NoAuth/images/
ScriptAlias / /opt/rt5/sbin/rt-server.fcgi/
OIDCProviderMetadataURL https://sts.windows.net/<tenant_id>/.well-known/openid-configuration
OIDCRedirectURI https://tickets.example.de/login
OIDCClientID <Application_id>
OIDCClientSecret <Application_secret>
OIDCCryptoPassphrase <local_secret>
OIDCRemoteUserClaim upn
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
<Location />
AuthType openid-connect
Require valid-user
AllowOverride Authconfig Limit
Order allow,deny
Allow from all
Options +ExecCGI
AddHandler fcgid-script fcgi
</Location>
<Location /REST/1.0/NoAuth/mail-gateway>
Require local
</Location>
</VirtualHost>
RT5_Siteconfig:
Set($WebRemoteUserAuth, 1);
Set($WebFallbackToRTLogin, 1);
Set($WebRemoteUserContinuous, 1);
Set($WebRemoteUserAutocreate, 1);
Now i have two problems:
- Can’t login anymore with local users
- The new users don’t have the field email address set.