RES: Re: RES: Re: RES: Re: RT External Auth and uid problem

Hello,

I worked in a solution, modifying the file ExternalAuth.pm in
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ and seems
to work fine.
In this case, only work with local auth and LDAP with UID. It prefix the
uid number with letter a, and remove it where is necessary.

Here’s the mofifications if someone need it in future:

If you want, I can post in the wikia page too.

Tks

Luciano

-----Mensagem original-----
[mailto:rt-users-bounces@lists.bestpractical.com] Em nome de Kevin
FalconeEnviada em: quarta-feira, 24 de agosto de 2011 14:52
Para: rt-users@lists.bestpractical.com
Assunto: [SPAM] Re: [rt-users] RES: Re: RES: Re: RT External
Auth and uid problem

I will try prefix the numeric username with a character. I don’t know
where start. Can you tell me what functions are involved in user
creation?

As I said earlier

In the past, people have prefixed numeric usernames with a character,

but since I’ve never had to do that, I do not know the best way to do

it.

-kevin

I think I would have to map the authentication, including a character
“a” internally before the number and “a” on creation.

Luciano

-----Mensagem original-----
De: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] Em nome de Kevin
Falcone Enviada em: quarta-feira, 24 de agosto de 2011 13:42
Para: rt-users@lists.bestpractical.com
Assunto: Re: [rt-users] RES: Re: RT External Auth and uid problem

Kevin,

Ok, I understand, I will not touch the extension. But is there a way

to overlay creation of privileged users and allow ‘Name’ with
numeric field? We have many services that use LDAP and users just
use the

RT does not support numeric usernames.
Changing that would require significant code churn.

-kevin

uid(numeric) and password.
Would be more friendly keep the same method.
The last option would use Name = > ‘mail’ in ‘attr_map’, but I don’t

think this a good solution.

-----Mensagem original-----
De: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] Em nome de Kevin
Falcone Enviada em: quarta-feira, 24 de agosto de 2011 11:13
Para: rt-users@lists.bestpractical.com
Assunto: Re: [rt-users] RT External Auth and uid problem

‘attr_match_list’ => [

‘Name’, ‘EmailAddress’, ‘RealName’],

                                                       # The

mapping of RT attributes on to

LDAP attributes

‘attr_map’

=> {

‘Name’ => ‘uid’, ‘EmailAddress’ => ‘mail’, ‘RealName’ => ‘cn’,

‘ExternalAuthId’ => ‘uid’ }

In the extension ExternalAuth I changed all the strings “Name”

for
“NickName” and seems work,
but I still cant’t create users.

Do you meant you literally replaced all occurrences of Name with
NickName in the extension? That will never work.

If you have a non-numeric field, just fix attr_map so that Name =>
‘non_numeric_ldap_field’

Also, you almost certainly don’t want attr_match_list to consider
RealName to be unique. That would mean that you can’t have two
users in RT with the name Kevin Falcone since the extension will try

to resolve them to the same AD user.

-kevin

I thought a solution creating a local/lib overlay for create a
user
with NickName to use as
uid number, and keep RealName for cn, and EmailAdddress for
mail.

What function in lib is used to create the users? Can you give
me
some tips?

Thanks for your help,

Luciano Silva

[1]Luciano@cpd.ufrgs.br

References

Visible links

  1. mailto:Luciano@cpd.ufrgs.br

RT Training Sessions
(http://bestpractical.com/services/training.html)

  • Chicago, IL, USA ? September 26 & 27, 2011
  • San Francisco, CA, USA ? October 18 & 19, 2011
  • Washington DC, USA ? October 31 & November 1, 2011
  • Melbourne VIC, Australia ? November 28 & 29, 2011
  • Barcelona, Spain ? November 28 & 29, 2011

RT Training Sessions
(http://bestpractical.com/services/training.html)

  • Chicago, IL, USA September 26 & 27, 2011
  • San Francisco, CA, USA October 18 & 19, 2011
  • Washington DC, USA October 31 & November 1, 2011
  • Melbourne VIC, Australia November 28 & 29, 2011
  • Barcelona, Spain November 28 & 29, 2011

RT Training Sessions (http://bestpractical.com/services/training.html)

  • Chicago, IL, USA September 26 & 27, 2011
  • San Francisco, CA, USA October 18 & 19, 2011
  • Washington DC, USA October 31 & November 1, 2011
  • Melbourne VIC, Australia November 28 & 29, 2011
  • Barcelona, Spain November 28 & 29, 2011

Hello,

I worked in a solution, modifying the file ExternalAuth.pm in
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ and seems
to work fine.
In this case, only work with local auth and LDAP with UID. It prefix the
uid number with letter a, and remove it where is necessary.

Here’s the mofifications if someone need it in future:

ExternalAuth.pm mod for numeric LDAP uid - Pastebin.com

If you want, I can post in the wikia page too.

It’d be great if you sent a diff of this to the relevant bug queue so
it could be looked at and possibly made into an optional config.

https://rt.cpan.org/Public/Bug/Report.html?Queue=RT-Authen-ExternalAuth

-kevin

Kevin,

The patch is here:

I tried to get a bitcard account, but didn’t receive the confirmation.

Luciano

-----Mensagem original-----
[mailto:rt-users-bounces@lists.bestpractical.com] Em nome de Kevin
FalconeEnviada em: segunda-feira, 3 de outubro de 2011 15:46
Para: rt-users@lists.bestpractical.com
Assunto: [SPAM] Re: [rt-users] RES: Re: RES: Re: RES: Re: RT
External Auth and uid problem

Hello,

I worked in a solution, modifying the file ExternalAuth.pm in
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ and seems

to work fine.
In this case, only work with local auth and LDAP with UID. It prefix
the uid number with letter a, and remove it where is necessary.

Here’s the mofifications if someone need it in future:

ExternalAuth.pm mod for numeric LDAP uid - Pastebin.com

If you want, I can post in the wikia page too.

It’d be great if you sent a diff of this to the relevant bug queue so it
could be looked at and possibly made into an optional config.

https://rt.cpan.org/Public/Bug/Report.html?Queue=RT-Authen-ExternalAuth

-kevin

-----Mensagem original-----
De: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] Em nome de Kevin
Falcone Enviada em: quarta-feira, 24 de agosto de 2011 14:52
Para: rt-users@lists.bestpractical.com
Assunto: [SPAM] Re: [rt-users] RES: Re: RES: Re: RT External

Auth and uid problem

I will try prefix the numeric username with a character. I don’t
know where start. Can you tell me what functions are involved in
user creation?

As I said earlier

In the past, people have prefixed numeric usernames with a
character,

but since I’ve never had to do that, I do not know the best way to
do

it.

-kevin

I think I would have to map the authentication, including a
character “a” internally before the number and “a” on creation.

Luciano

-----Mensagem original-----
De: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] Em nome de Kevin
Falcone Enviada em: quarta-feira, 24 de agosto de 2011 13:42
Para: rt-users@lists.bestpractical.com
Assunto: Re: [rt-users] RES: Re: RT External Auth and uid problem

Kevin,

Ok, I understand, I will not touch the extension. But is there a
way

to overlay creation of privileged users and allow ‘Name’ with
numeric field? We have many services that use LDAP and users just
use the

RT does not support numeric usernames.
Changing that would require significant code churn.

-kevin

uid(numeric) and password.
Would be more friendly keep the same method.
The last option would use Name = > ‘mail’ in ‘attr_map’, but I
don’t

think this a good solution.

-----Mensagem original-----
De: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] Em nome de Kevin

Falcone Enviada em: quarta-feira, 24 de agosto de 2011 11:13
Para: rt-users@lists.bestpractical.com
Assunto: Re: [rt-users] RT External Auth and uid problem

‘attr_match_list’ => [

‘Name’, ‘EmailAddress’, ‘RealName’],

                                                       # The

mapping of RT attributes on to

LDAP attributes

‘attr_map’

=> {

‘Name’ => ‘uid’, ‘EmailAddress’ => ‘mail’, ‘RealName’ =>
‘cn’,

‘ExternalAuthId’ => ‘uid’ }

In the extension ExternalAuth I changed all the strings
“Name”

for
“NickName” and seems work,
but I still cant’t create users.

Do you meant you literally replaced all occurrences of Name with
NickName in the extension? That will never work.

If you have a non-numeric field, just fix attr_map so that Name =>

‘non_numeric_ldap_field’

Also, you almost certainly don’t want attr_match_list to consider
RealName to be unique. That would mean that you can’t have two
users in RT with the name Kevin Falcone since the extension will
try

to resolve them to the same AD user.

-kevin

I thought a solution creating a local/lib overlay for create
a user
with NickName to use as
uid number, and keep RealName for cn, and EmailAdddress for
mail.

What function in lib is used to create the users? Can you
give me
some tips?

Thanks for your help,

Luciano Silva

[1]Luciano@cpd.ufrgs.br

References

Visible links

  1. mailto:Luciano@cpd.ufrgs.br

RT Training Sessions
(http://bestpractical.com/services/training.html)

  • Chicago, IL, USA ? September 26 & 27, 2011
  • San Francisco, CA, USA ? October 18 & 19, 2011
  • Washington DC, USA ? October 31 & November 1, 2011
  • Melbourne VIC, Australia ? November 28 & 29, 2011
  • Barcelona, Spain ? November 28 & 29, 2011

RT Training Sessions
(http://bestpractical.com/services/training.html)

  • Chicago, IL, USA September 26 & 27, 2011
  • San Francisco, CA, USA October 18 & 19, 2011
  • Washington DC, USA October 31 & November 1, 2011
  • Melbourne VIC, Australia November 28 & 29, 2011
  • Barcelona, Spain November 28 & 29, 2011

RT Training Sessions
(http://bestpractical.com/services/training.html)

  • Chicago, IL, USA September 26 & 27, 2011
  • San Francisco, CA, USA October 18 & 19, 2011
  • Washington DC, USA October 31 & November 1, 2011
  • Melbourne VIC, Australia November 28 & 29, 2011
  • Barcelona, Spain November 28 & 29, 2011

RT Training Sessions (http://bestpractical.com/services/training.html)

  • San Francisco, CA, USA October 18 & 19, 2011
  • Washington DC, USA October 31 & November 1, 2011
  • Melbourne VIC, Australia November 28 & 29, 2011
  • Barcelona, Spain November 28 & 29, 2011

ExternalAuth.pm_patch_LDAP_uid.zip (1.97 KB)

The patch is here:

ExternalAuth.pm patch LDAP uid - Pastebin.com

I tried to get a bitcard account, but didn’t receive the confirmation.

You can use mail if that’s easier (just send mail to the address on
that rt.cpan.org page)

-kevin