On Wed, Jun 13, 2012 at 11:13 AM, Asif Iqbal <[email protected]> wrote:
> On Tue, Jun 12, 2012 at 1:57 PM, Ruslan Zakirov <[email protected]>wrote: > >> On Tue, Jun 12, 2012 at 6:35 PM, Asif Iqbal <[email protected]> wrote: >> > On Tue, Jun 12, 2012 at 5:51 AM, Ruslan Zakirov <[email protected]> >> > wrote: >> >> >> >> On Tue, Jun 12, 2012 at 5:38 AM, Asif Iqbal <[email protected]> wrote: >> >> > I am using external authentication against our corporate AD server >> >> > successfully, using the RT::Authen::ExternalAuth. >> >> > >> >> > But I like the authorization done against internal db for user >> account. >> >> > >> >> > Just because a user has a valid AD credential is not enough for >> him/her >> >> > to >> >> > be able to login to our RT. We like >> >> > to manage the login by creating the user account into internal db >> using >> >> > the >> >> > Web UI. >> >> > >> >> > So we still like the user to use their AD credential and no need to >> >> > remember >> >> > another password, and at the same time >> >> > only be able to login if the same username is available in internal >> db. >> >> > >> >> > Is that possible? Any suggestion/tip is appreciated. >> >> >> >> Yes, it is possible, but not like you want it to be. >> >> >> >> As far as I can see users need AD record anyway, just mark them >> >> somehow in AD and use this marking in ExternalAuth filter. >> >> >> > >> > I have no access to AD. It belongs to corporate group and will not be >> able >> > to manage a group. >> > >> > There is no way to control the Authorization part locally? >> >> Not out of the box. Patch external auth module and add option to avoid >> creation of new users. >> >> > So I could just comment this section out to avoid user create as one > option? I know, ugly. > > http://paste.ubuntu.com/1039210/ > > This seem to have worked. http://paste.ubuntu.com/1039233/ > >> >> > -- >> >> > Asif Iqbal >> >> > PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu >> >> > A: Because it messes up the order in which people normally read text. >> >> > Q: Why is top-posting such a bad thing? >> >> > >> >> > >> >> >> >> >> >> >> >> -- >> >> Best regards, Ruslan. >> > >> > >> > >> > >> > -- >> > Asif Iqbal >> > PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu >> > A: Because it messes up the order in which people normally read text. >> > Q: Why is top-posting such a bad thing? >> > >> > >> >> >> >> -- >> Best regards, Ruslan. >> > > > > -- > Asif Iqbal > PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > > > -- Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
