Skip to content

Instantly share code, notes, and snippets.

@trev71
Last active December 1, 2023 10:50
Show Gist options
  • Save trev71/5230c3b7cf44165b731e to your computer and use it in GitHub Desktop.
Save trev71/5230c3b7cf44165b731e to your computer and use it in GitHub Desktop.
Best Practical Request Tracker (RT) LDAP User Import and Authentication RT_SiteConfig.pm
# Any configuration directives you include here will override
# RT's default configuration file, RT_Config.pm
#
# To include a directive here, just copy the equivalent statement
# from RT_Config.pm and change the value. We've included a single
# sample value below.
#
# This file is actually a perl module, so you can include valid
# perl code, as well.
#
# The converse is also true, if this file isn't valid perl, you're
# going to run into trouble. To check your SiteConfig file, use
# this command:
#
# perl -c /path/to/your/etc/RT_SiteConfig.pm
#
# You must restart your webserver after making changes to this file.
# You must install Plugins on your own, this is only an example
# of the correct syntax to use when activating them.
# Plugin( "RT::Extension::QuickDelete" );
# Plugin( "RT::Extension::CommandByMail" );
Plugin( "RT::Extension::LDAPImport" );
# Uncomment for debug
#Set($LogToSyslog, 'debug');
Set( $DatabaseRequireSSL, '' );
Set( $DatabaseType, 'mysql' );
Set( $WebDomain, 'rt.domain_name.com' );
Set( $WebPort, '80' );
Set( $rtname, 'DOMAIN_NAME' ); # or whatever you plan to name the site
## Email
Set( $CommentAddress, 'rt-comments@domain_name.com' );
Set( $CorrespondAddress, 'rt-correspondance@domain_name.com' );
## DB config
Set( $DatabaseHost, 'localhost' );
Set( $DatabaseName, 'rt4' );
Set( $DatabasePassword, 'password' );
Set( $DatabasePort, '' );
Set( $DatabaseUser, 'db_user_name' );
Set( $Organization, '' );
Set( $OwnerEmail, 'email_address@domain_name.com' );
Set( $SendmailPath, '/usr/sbin/sendmail' );
# My server is running on port 443, leaving the port 80 lines as reference
# servername in my instance is 'jamie' with a cname of 'rt'
#Set(@ReferrerWhitelist, qw(rt:80 rt.domain_name.com:80));
Set(@ReferrerWhitelist, qw(rt.domain_name.com:443));
## LDAP Configurations
# LDAP Authentication
Set( @Plugins, qw(RT::Authen::ExternalAuth RT::Extension::LDAPImport));
## LDAP USER IMPORT
Set($LDAPCreatePrivileged, 1);
Set($LDAPUpdateUsers, 1);
Set($LDAPHost,'domain_name.com');
Set($LDAPUser,'domain_name\ldapreader');
Set($LDAPPassword,'your_ldapreader_password_here');
#my base OU for users, yours will probably differ
Set($LDAPBase,'ou=users,ou=services,dc=domain_name,dc=com');
Set($LDAPFilter, '(&(objectClass=person))');
Set($LDAPMapping, {
Name => 'sAMAccountName',
EmailAddress => 'mail',
Organization => 'department',
RealName => 'cn',
NickName => 'givenName',
ExternalAuthId => 'sAMAccountName',
Gecos => 'sAMAccountName',
WorkPhone => 'telephoneNumber',
MobilePhone => 'mobile',
Address1 => 'streetAddress',
City => 'l',
State => 'st',
Zip => 'postalCode',
Country => 'co'
});
## LDAP GROUP IMPORT AND MAPPINGS
Set($LDAPGroupMapping, {Name => 'cn',
Member_Attr => 'member',
Member_Attr_Value => 'dn'});
#OU/basedn location of groups
Set($LDAPGroupBase, 'ou=groups,dc=domain_name,dc=com');
# LDAP GROUP FILTERING, Below are 2 examples
#Set($LDAPGroupFilter, 'cn=Information Technology');
# 2 group import example
Set($LDAPGroupFilter, '(|(cn=Information Technology)(cn=Facilities))');
## LDAP Authentication
Set($ExternalAuthPriority, [ 'My_LDAP',
]
);
Set($ExternalInfoPriority, [ 'My_LDAP',
]
);
Set($ExternalSettings, {
'My_LDAP' => {
'type' => 'ldap',
'server' => 'ldap://domain_name.com',
'user' => 'domain_name\ldapreader',
'pass' => 'ldapreader_password',
'base' => 'ou=users,ou=services,dc=domain_name,dc=com',
'filter' => '(objectClass=person)',
'tls' => 0,
'attr_match_list' => [
'Name',
'EmailAddress',
'RealName',
],
'attr_map' => {
'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'Organization' => 'department',
'RealName' => 'cn',
'NickName' => 'givenName',
'ExternalAuthId'=> 'sAMAccountName',
'Gecos' => 'sAMAccountName',
'WorkPhone' => 'telephoneNumber',
'MobilePhone' => 'mobile',
'Address1' => 'streetAddress',
'City' => 'l',
'State' => 'st',
'Zip' => 'postalCode',
'Country' => 'co'
},
},
} );
1;
1;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment