I grabbed the LdapOverlay solution for using an LDAP server to authenticate against Request Tracker today in my continuing efforts to use LDAP for single sign-on for all Kineticode resources. It worked great, but I wanted a couple more things out of it, namely TLS communications with the LDAP server (so that all communications are encrypted), and authentication only for members of a certain LDAP group.
So I refactored LdapOverlay and added these features. You can download it from
here. Just set the
$LdapTLS variable in your
RT_SiteConfig module to a
true value to use TLS (but be sure that you also have Net::SSLeay installed!).
If you want to allow only members of a certain LDAP group to authenticate to RT,
set the DN of the group in the
$LdapGroup variable, and set the name of the
member attribute (usually “uniqueMember”) in the
Looking for the comments? Try the old layout.