[rt-users] Help!! RT::Authen::ExternalAuth -- can't create Privileged users

2014-09-03 Thread Al Joslin 
I installed and configured: RT::Authen::ExternalAuth 

I've got  the login via LDAP working ok -- but it won't create Privileged users

I had to turn on: AutoCreateNonExternalUsers -- which seemed odd as I 
want to create only those users who are SUCCESSFULLY authenticated via LDAP

I added a:  Set( $UserAutocreateDefaultsOnLogin, { Privileged = 1 } );
-- but i think that's ignored as it's from another [conflicting] plugin
-- -- and anyway I grepped the code and it's in there 

hrm...

I need these users to be Privileged

this is my config for that extension

Plugin( RT::Authen::ExternalAuth );

Set( $ExternalAuthPriority,  [ 'My_LDAP' ]);

Set( $ExternalInfoPriority,  [ 'My_LDAP' ]);


Set( $ExternalSettings, {
My_LDAP = {
'type'  =  'ldap',

'server'=  'freeipa02.epc-instore.com',
'user'  =  '',
'pass'  =  '',

'base'  =  
'cn=users,cn=accounts,dc=epc-instore,dc=com',
'filter'=  '(objectClass=*)',
'd_filter'  =  '(FILTER_STRING)',

'group' =  '',
'group_attr'=  '',

'tls'   =  0,
'ssl_version'   =  3,

'net_ldap_args' = [version =  3   ],

'attr_match_list' = [
'uid',
]
,
'attr_map' = {
'Name' = 'uid',
'EmailAddress' = 'mail',
'Gecos' = 'mail',
'RealName' = 'displayName',
'ExternalAuthId' = 'uid'
},
},
} );

Set( $UserAutocreateDefaultsOnLogin, { Privileged = 1 } );
Set( $AutoCreateNonExternalUsers, 1);





-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training

Re: [rt-users] Help!! RT::Authen::ExternalAuth -- can't create Privileged users

2014-09-03 Thread Kevin Falcone 
On Wed, Sep 03, 2014 at 11:45:06AM -0400, Al Joslin wrote:
 I installed and configured: RT::Authen::ExternalAuth 
 
 I've got  the login via LDAP working ok -- but it won't create Privileged 
 users
 
   I had to turn on: AutoCreateNonExternalUsers -- which seemed odd as I 
 want to create only those users who are SUCCESSFULLY authenticated via LDAP

This sounds wrong.

   I added a:  Set( $UserAutocreateDefaultsOnLogin, { Privileged = 1 } );
   -- but i think that's ignored as it's from another [conflicting] plugin
   -- -- and anyway I grepped the code and it's in there 

What conflicting plugin?
That's a core config option.

Also, I wonder how you grepped the code, since while
RT-Authen-ExternalAuth documents that you should set the 4.2
compatible config variable, when those docs were added the code wasn't
updated to match.

A bug should be filed in the RT::Authen::ExternalAuth config.

Until then, you could set the antiquated $AutoCreate to {Privileged =
1} and just ignore the warning and it should work.

-kevin


pgpCsKbBR_OG8.pgp
Description: PGP signature
-- 
RT Training - Boston, September 9-10
http://bestpractical.com/training