Re: [rt-users] Recommended method for autocreating users with Active Directory and Authen-ExternalAuth
On Wed, Jan 13, 2010 at 03:21:34PM +0100, L B wrote: Hi, My question is in the subject. I see many things (most of them outdated) in the wiki, but none looks like the one I want. My problem is simple and IMO should be part of the RT-Authen-ExternalAuth plugin. This plugin is nice to authenticate users against an AD, but my AD is huge and I want users to be created (unprivileged) on the fly, when added as watchers for example. The problem is that currently their login is the email address and I want the AD login instead. The problem is that RT-Authen-ExternalAuth isn't tweaking the Name when canonicalizing user info (it still looks you up by the email address) and its a bit of work to fix that. I believe Mike has said that it is the next thing he would like to do with the module, but he doesn't know when he will have time. If you do come up with a patch, please send it along so it can be considered for inclusion -kevin I think it's easy to do, I can develop it but I'm sure something already exist for this. How do you do this ? Is it planned to be (or is it already ?!) included in RT-Authen-ExternalAuth ? Thanks, PS: I think it's more or less this : http://www.zanfur.com/rt3-contrib/AutoCreateFromExternalUserInfo/CurrentUser_Local.pm, but using RT-Authen-ExternalAuth variables. pgpizRY4JaiTq.pgp Description: PGP signature ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com 2010 RT Training Sessions! San Francisco, CA, USA - Feb 22 23 Dublin, Ireland - Mar 15 16 Boston, MA, USA - April 5 6 Washington DC, USA - Oct 25 26 Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] Recommended method for autocreating users with Active Directory and Authen-ExternalAuth
I'm going to think about it, but the problem I see it that email addresses might not be unique (I mean we can have two AD accounts with the same email address). I have already done a script to mass-rename email addresses to AD logins, because we use AD authentication for a long time and we wanted to make the users use their AD login instead of their email address. This script is not linked to the plugin, but I think it might be useful for some admins. I can upload it on the wiki or maybe it can be part of an extras directory in the plugin package. I have to cleanup my code and make it generic, but it does the job, I already applied it successfully on many RT instances. Don't you think http://www.zanfur.com/rt3-contrib/AutoCreateFromExternalUserInfo/CurrentUser_Local.pm but using RT-Authen-ExternalAuth variables could do the on-the-fly job ? Maybe with some stuff to check duplicates etc... If you think it doesn't, can you or Mike point me into the good direction to (try to) develop it ? Thanks ! -- L.B. ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com 2010 RT Training Sessions! San Francisco, CA, USA - Feb 22 23 Dublin, Ireland - Mar 15 16 Boston, MA, USA - April 5 6 Washington DC, USA - Oct 25 26 Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] Recommended method for autocreating users with Active Directory and Authen-ExternalAuth
LB, This would be REALLY help for me. I've been doing this one user at a time whenever I get some frre time (which isn't ofetn). I'd love a copy of your code. Thanks. Kenn LBNL On 1/14/2010 10:34 AM, L B wrote: I'm going to think about it, but the problem I see it that email addresses might not be unique (I mean we can have two AD accounts with the same email address). I have already done a script to mass-rename email addresses to AD logins, because we use AD authentication for a long time and we wanted to make the users use their AD login instead of their email address. This script is not linked to the plugin, but I think it might be useful for some admins. I can upload it on the wiki or maybe it can be part of an extras directory in the plugin package. I have to cleanup my code and make it generic, but it does the job, I already applied it successfully on many RT instances. Don't you think http://www.zanfur.com/rt3-contrib/AutoCreateFromExternalUserInfo/CurrentUser_Local.pm but using RT-Authen-ExternalAuth variables could do the on-the-fly job ? Maybe with some stuff to check duplicates etc... If you think it doesn't, can you or Mike point me into the good direction to (try to) develop it ? Thanks ! ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com 2010 RT Training Sessions! San Francisco, CA, USA - Feb 22 23 Dublin, Ireland - Mar 15 16 Boston, MA, USA - April 5 6 Washington DC, USA - Oct 25 26 Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] Recommended method for autocreating users with Active Directory and Authen-ExternalAuth
On Thu, Jan 14, 2010 at 07:34:56PM +0100, L B wrote: I'm going to think about it, but the problem I see it that email addresses might not be unique (I mean we can have two AD accounts with the same email address). Yep, this is one of the complications. You'd have to canonicalize it back to the user currently in RT based on username I have already done a script to mass-rename email addresses to AD logins, because we use AD authentication for a long time and we wanted to make the users use their AD login instead of their email address. This script is not linked to the plugin, but I think it might be useful for some admins. I can upload it on the wiki or maybe it can be part of an extras directory in the plugin package. I have to cleanup my code and make it generic, but it does the job, I already applied it successfully on many RT instances. Don't you think http://www.zanfur.com/rt3-contrib/AutoCreateFromExternalUserInfo/CurrentUser_Local.pm but using RT-Authen-ExternalAuth variables could do the on-the-fly job ? Maybe with some stuff to check duplicates etc... I've not read this code enough to know how it would integrate with RT-Authen-ExternalAuth, and I'm not likely to have time to go digging through it anytime this month unfortunately :( -kevin pgp0c4nJ5NUwr.pgp Description: PGP signature ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com 2010 RT Training Sessions! San Francisco, CA, USA - Feb 22 23 Dublin, Ireland - Mar 15 16 Boston, MA, USA - April 5 6 Washington DC, USA - Oct 25 26 Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
