I hate to be "that guy" (top posting, reposting.. how many more taboos can I break!) However, I'm hoping a Monday-morning post will get better attention than a Thursday evening one.
Anyone have ideas on the below? Thanks! On 3/22/12 4:10 PM, Steve Huston wrote: > I'm in the process of setting up a new RT instance which is going to be > used differently than the one I've been running for many years now. > Previously I only cared about the web interface for administrators, but > now it's desired to have web access for all users. > > We use a CAS-enabled virtualhost (so RT uses the REMOTE_USER varaible > with external authentication). This means a user logging in will have a > username such as 'huston'. However if they send an email, it would be > '[email protected]', so there's the possibility of having two users > created. OK, I need something that populates fields from LDAP. I found > a few ways to do this, but it looks like the "not outdated" method is > the aforementioned extension. I've downloaded it and am looking through > things, but I have some questions for people more intimately in tune > with the code: > > 1) Can I run this extension and continue to use the Apache-based > authentication, relying on ExternalAuth just for the LDAP glue? > > 2) Did I see right that any time a user logs in, this extension will > poll LDAP to see if their information matches what's in the RT user > database and updates accordingly? > > 3) Will the extension care if a user doesn't exist? We may have people > sending in emails that do not have an account in the LDAP server, and > this should be allowed - we will want an account autocreated just as it > is currently. > > 4) Will the extension poll LDAP on an incoming email, properly creating > the user account if it doesn't exist with the right UID returned from > the lookup? Or does this only work when logging in through the web > interface? > > 5) If a user is "created" as a watcher - say someone in the web > interface adds an email address as a CC to a ticket - will ExternalAuth > be hooked to look up that user's information in LDAP and populate the > uid & realname fields? > > Thanks! > -- Steve Huston - W2SRH - Unix Sysadmin, Astrophysical Sci & CSES/PICSciE Princeton University | ICBM Address: 40.346525 -74.651285 206 Peyton Hall |"On my ship, the Rocinante, wheeling through Princeton, NJ 08544 | the galaxies; headed for the heart of Cygnus, (267) 793-0852 | headlong into mystery." -Rush, 'Cygnus X-1'
