This page contains out of date and possibly misleading information or instructions such as installation methods or configuration examples that no longer apply. Please consider this warning when reading the page below.
Automatic account generation from LDAP
NOTE: Please see LdapSummary for an overview of the latest available implementations
You should not use this LDAP extension with modern versions of RT. Please use RT-Authen-ExternalAuth. It is compatible with 3.6 3.8 and 4.0 (see the README for up tp date notes about version compatibility).
Do not use the extension described below unless you're running 3.4 or some other legacy version of RT. The IsPassword function defined is not compatible with modern versions of RT and will not allow local users to log in.
Download Overlay of CurrentUser here (zanfur.com).
This Overlay is useful if you want the following behavior:
- Whenever RT tries -- and fails -- to load a user from the RT user database, it queries an Ldap server for the account information and creates it on the fly (for both email lookups and web logins)
- RT behaves as though the account has always been there -- i.e. there is no reason to give "Everyone" the "Create Ticket" right, because the account has been there all along ...
- NO synchronization with the Ldap server once the account has been created, so any changes in RT stay in RT and any changes in Ldap stay in Ldap (unless you run some other script, of course)
To use, copy the contents of this CurrentUser_Local.pm into yours (create it if it doesn't exist), read the configuration directives in the comments at the top of the LookupExternalUserInfo function, and configure your RTSiteConfig.pm accordingly.
This overlay only creates the accounts, and does not authenticate. If you would like to authenticate using LDAP as well, use the LdapOverlay on the Contributions page, or use WebExternalAuth and mod_auth_ldap.