On Tue, Jun 12, 2012 at 1:57 PM, Ruslan Zakirov <[email protected]>wrote:
> On Tue, Jun 12, 2012 at 6:35 PM, Asif Iqbal <[email protected]> wrote: > > On Tue, Jun 12, 2012 at 5:51 AM, Ruslan Zakirov <[email protected]> > > wrote: > >> > >> On Tue, Jun 12, 2012 at 5:38 AM, Asif Iqbal <[email protected]> wrote: > >> > I am using external authentication against our corporate AD server > >> > successfully, using the RT::Authen::ExternalAuth. > >> > > >> > But I like the authorization done against internal db for user > account. > >> > > >> > Just because a user has a valid AD credential is not enough for > him/her > >> > to > >> > be able to login to our RT. We like > >> > to manage the login by creating the user account into internal db > using > >> > the > >> > Web UI. > >> > > >> > So we still like the user to use their AD credential and no need to > >> > remember > >> > another password, and at the same time > >> > only be able to login if the same username is available in internal > db. > >> > > >> > Is that possible? Any suggestion/tip is appreciated. > >> > >> Yes, it is possible, but not like you want it to be. > >> > >> As far as I can see users need AD record anyway, just mark them > >> somehow in AD and use this marking in ExternalAuth filter. > >> > > > > I have no access to AD. It belongs to corporate group and will not be > able > > to manage a group. > > > > There is no way to control the Authorization part locally? > > Not out of the box. Patch external auth module and add option to avoid > creation of new users. > > So I could just comment this section out to avoid user create as one option? I know, ugly. http://paste.ubuntu.com/1039210/ > >> > -- > >> > Asif Iqbal > >> > PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu > >> > A: Because it messes up the order in which people normally read text. > >> > Q: Why is top-posting such a bad thing? > >> > > >> > > >> > >> > >> > >> -- > >> Best regards, Ruslan. > > > > > > > > > > -- > > Asif Iqbal > > PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu > > A: Because it messes up the order in which people normally read text. > > Q: Why is top-posting such a bad thing? > > > > > > > > -- > Best regards, Ruslan. > -- Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
