KenBrush
Microsoft Active Directory working with RT (email creation works with this as well):
@RT::MailPlugins = ("RT::Authen::ExternalAuth");
Set(@Plugins, qw(RT::Authen::ExternalAuth) );
Set($ExternalAuthPriority, [ 'Active_Directory'
]
);
Set($ExternalInfoPriority, [ 'Active_Directory'
]
);
Set($AutoCreateNonExternalUsers, 0);
Set($ExternalSettings, { 'Active_Directory' => { 'type' => 'ldap',
'auth' => 1,
'info' => 1,
'server' => 'mail-1.rf.lan',
'base' => 'OU=MyBusiness,DC=RF,DC=LAN',
# The filter to use to match RT-Users
'filter' => '(objectclass=person)',
# The filter that will only match disabled users
'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
# Should we try to use TLS to encrypt connections?
'tls' => 0,
# What other args should I pass to Net::LDAP->new($host,@args)?
'net_ldap_args' => [ version => 3 ],
# Does authentication depend on group membership? What group name?
#'group' => 'GROUP_NAME',
# What is the attribute for the group object that determines membership?
#'group_attr' => 'GROUP_ATTR',
## RT ATTRIBUTE MATCHING SECTION
# The list of RT attributes that uniquely identify a user
'attr_match_list' => [ 'ExternalAuthId','EmailAddress' ],
# The mapping of RT attributes on to LDAP attributes
'attr_map' => { 'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'Organization' => 'physicalDeliveryOfficeName',
'RealName' => 'displayName',
'ExternalAuthId' => 'sAMAccountName',
'Gecos' => 'sAMAccountName',
'WorkPhone' => 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => 'l',
'State' => 'st',
'Zip' => 'postalCode',
'Country' => 'co'
}
}
}
);