Eric Doutreleau wrote:
Hi
I have just installed rt on my RH9 machine and i have some probleme to
manage my user.
As they already exist in my ldap database i would like to use it
I have set the following value in my config file and it works quite
nice.
Set($WebExternalAuth,1); Set($WebExternalAuto , 1);
Nevertheless i have two little problems.
All my user are privileged. How can i make rt create these users as
non privileged?
I would like to get some information from my ldap server to the rt
database like the real name of user and the email adress.
It would be nice if it was been at the creation of the account.
Does someone know how to do that?
Here are the modifications I made to html/autohandler to support LDAP
lookups into our Active Directory system.
sub LookupLdapUserInfo {
use Net::LDAP;
use Net::LDAP::Constant qw(LDAP_SUCCESS);
use constant LDAP => q(<your LDAP server);
use constant LDAP_PORT => q(389);
use constant LDAP_BASE => q();
use constant LDAP_UID => q();
use constant LDAP_CN => q(cn);
my ($user) = @_;
my $ldap = new Net::LDAP(LDAP, port => LDAP_PORT)
or return undef;
my $mesg = $ldap->bind(, password => );
return undef unless $mesg->code == LDAP_SUCCESS;
my $filter = “@{[ LDAP_UID ]}=$user”;
$mesg = $ldap->search(base => LDAP_BASE,
filter => $filter,
attrs => [ LDAP_CN ]);
return undef unless ($mesg->code == LDAP_SUCCESS);
if ($mesg->count != 1 ||
($mesg->first_entry->get_value(LDAP_CN))[0] eq ‘’) {
return undef;
}
my $cn = $mesg->first_entry->get_value(LDAP_CN);
$mesg = $ldap->unbind();
return $cn;
}
now find the block that starts with:
If RT is configured for external auth, let’s get REMOTE_USER
elsif ($RT::WebExternalAuth and length($ENV{‘REMOTE_USER’})) {
there is a chunk that looks like:
if ($val) {
$UserObj->SetPrivileged(1);
set the 1 to 0 and people default to unprivileged.
Inside this if block you add the call to the LookupLdapUserInfo().
For maintenance, you can place any modified file in local/html instead
of share/html. The Mason looks in local first then in share for any file.