Hello,
I just upgraded to 3.8.7 with RT::Authen::ExternalAuth v0.08
I’m trying to restrict RT users to LDAP users in one group. When I set:
‘group’ => ‘cn=group,ou=group,dc=my,dc=domain,dc=edu’
and
‘group_attr’ => ‘memberUid’
I see it query my LDAP server with
(memberUid=uid=user,ou=people,dc=my,dc=domain,dc=com) instead of
(memberUid=user).
Is there a way to have it use just the ‘username’ instead of the user’s
full dn without changind RT::Authen::ExternalAuth::LDAP?
If I comment out ‘group’ and ‘group_attr’ LDAP auth works fine, but any
valid LDAP user can log in.
Thanks!
-Ed
Hello,
I just upgraded to 3.8.7 with RT::Authen::ExternalAuth v0.08
I’m trying to restrict RT users to LDAP users in one group. When I set:
‘group’ => ‘cn=group,ou=group,dc=my,dc=domain,dc=edu’
and
‘group_attr’ => ‘memberUid’
I see it query my LDAP server with
(memberUid=uid=user,ou=people,dc=my,dc=domain,dc=com) instead of
(memberUid=user).
Is there a way to have it use just the ‘username’ instead of the user’s
full dn without changind RT::Authen::ExternalAuth::LDAP?
If I comment out ‘group’ and ‘group_attr’ LDAP auth works fine, but any
valid LDAP user can log in.
Unfortunately, the RT-Authen-ExternalAuth is coded to use the dn.
This seems to work for other people, although I’m not sure what
group_attr they’re using.
You’d have to make the right hand side of the filter into a
configuration option in order to change that
-kevin