RT-3.8.1 - How to generate LDAP users automatically before they login

Michael_Bieniek · October 29, 2008, 11:51am

Hello@all,
i have a problem. I want to generate LDAP users automatically. Thats
means that i want to code a few lines that read all LDAP users and
write them into the database. I want to do that because i didn’t want
that every user first have to login before i can edit his rights and
group permissions. LDAP auth with RT::Authen::ExternalAuth runs well.
Every unkown user that login gets a unprivileged account if LDAP auth
was successful (after i followed this post:
Carbon60: Cloud Consulting - Services and Solutions ).

But how can i create all users before they login?

I’ve tried to code a python script to fill in the database with users
but that is very tricky because it does not show the users in the
webpanel if i fill in the names and so on in the “Users” Table. The
LOG of postgresql is very difficult to read (see attachment).

Does anybody have an idea how to get all ldap users in the database
before they must login?

— In kürze auf deutsch

Ich habe das Problem das ich alle LDAP User anlegen will bevor die
sich zum ersten mal einloggen müssen. Ich will damit schon im Vorfeld
bestimmen wer in welche Gruppe kommt und welche Rechte hat. Die Firma
für die ich arbeite hat über 130 Mitarbeiter, und da sollte schon vor
dem ersten Login klar sein wer was für Rechte auf dem Ticketsystem
hat. Ich habe mir überlegt das ein Script User (Username und
Emailadressen) anlegt die es vorher aus dem LDAP abgefragt hat. Dann
könnte ich schon mit diesen arbeiten und Rechte verteilen. Wenn der
User sich dann per External-Auth anmeldet, wird die Anmeldung nur noch
den Datensatz des Users updaten müssen (Werte wie External Auth ID).

Leider klappt das nicht weil das SQL Logfile leider nur sagt das beim
erstellen über das Webinterface Werte wie “$1” in die Datenbank
geschrieben werden. Deshalb ist es für mich nicht nachvollziehbar wie
ich ein Script schreiben soll. Denn das alleinige Eintragen der User
in die Tabelle Users bringt in diesem Fall nichts…

Ich hoffe das mir hier jemand weiterhelfen kann.

With best regards / Grüße
Michael Bieniek

Kevin_Falcone · October 29, 2008, 6:21pm

Hello@all,
i have a problem. I want to generate LDAP users automatically. Thats
means that i want to code a few lines that read all LDAP users and
write them into the database. I want to do that because i didn’t want
that every user first have to login before i can edit his rights and
group permissions. LDAP auth with RT::Authen::ExternalAuth runs well.
Every unkown user that login gets a unprivileged account if LDAP auth
was successful (after i followed this post:
Carbon60: Managed Cloud Services ).

But how can i create all users before they login?

I’ve tried to code a python script to fill in the database with users
but that is very tricky because it does not show the users in the
webpanel if i fill in the names and so on in the “Users” Table. The
LOG of postgresql is very difficult to read (see attachment).

Does anybody have an idea how to get all ldap users in the database
before they must login?

Try RT-Extension-LDAPImport-0.36 - Import Users from an LDAP store - metacpan.org

It will do the right things for user creation, using python to
write data into the Users table won’t work unless you make
changes to all the other tables RT uses internally

-kevin

Michael_Bieniek · October 30, 2008, 9:21am

Hi,
i’ve installed this extension. Now i want to run the ldap import but
all i got back were these 4 lines:

rtinstall:/opt/rt3/local/lib/RT/Extension# perl LDAPImport.pm
Name “RT::LDAPGroupName” used only once: possible typo at
LDAPImport.pm line 340, line 275.
Name “RT::LDAPUpdateUsers” used only once: possible typo at
LDAPImport.pm line 276, line 275.
Name “RT::LDAPPassword” used only once: possible typo at LDAPImport.pm
line 54, line 275.

What i do wrong? My RT_SiteConfig.pm:

LDAP IMPORT SCRIPT (RT-Extension-LDAPImport)

Set($LDAPHost,‘172.30.76.167’);
Set($LDAPUser, ‘rtldap’);
Set($LDAPPassword, ‘******’);
Set($LDAPBase, ‘OU=Scanplus,DC=scanplus,DC=local’);
Set($LDAPUpdateUsers,1);
Set($LDAPFilter, ‘(&(sAMAccountName = *))’);
Set($LDAPMapping, {Name => ‘sAMAccountName’,
EmailAddress => ‘mail’,
RealName => ‘cn’,
WorkPhone => ‘telephoneNumber’,
Organization => ‘departmentName’});

What is wrong? Can anyone help me?

regards
Michael

Kevin_Falcone · October 30, 2008, 12:40pm

The README file discusses the rtldapimport script
which is what you need to run

-kevinOn Oct 30, 2008, at 5:21 AM, Michael Bieniek wrote:

Hi,
i’ve installed this extension. Now i want to run the ldap import but
all i got back were these 4 lines:

rtinstall:/opt/rt3/local/lib/RT/Extension# perl LDAPImport.pm
Name “RT::LDAPGroupName” used only once: possible typo at
LDAPImport.pm line 340, line 275.
Name “RT::LDAPUpdateUsers” used only once: possible typo at
LDAPImport.pm line 276, line 275.
Name “RT::LDAPPassword” used only once: possible typo at LDAPImport.pm
line 54, line 275.

What i do wrong? My RT_SiteConfig.pm:

LDAP IMPORT SCRIPT (RT-Extension-LDAPImport)

Set($LDAPHost,‘172.30.76.167’);
Set($LDAPUser, ‘rtldap’);
Set($LDAPPassword, ‘******’);
Set($LDAPBase, ‘OU=Scanplus,DC=scanplus,DC=local’);
Set($LDAPUpdateUsers,1);
Set($LDAPFilter, ‘(&(sAMAccountName = *))’);
Set($LDAPMapping, {Name => ‘sAMAccountName’,
EmailAddress => ‘mail’,
RealName => ‘cn’,
WorkPhone => ‘telephoneNumber’,
Organization => ‘departmentName’});

What is wrong? Can anyone help me?

regards
Michael

List info: The rt-devel Archives