Bugzilla identification

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Bugzilla identification

Renno Reinurm
Hi!
I had problems with Bugzilla identification. Currently unique identity
is users email address. I had situation where email is not good option
at all.

I'm using Kerberos authentication and LDAP (MS AD) for authorization.
If user is put into the Bugzilla users group in LDAP, then he/she can
access Bugzilla. If user goes to Bugzilla page, he/she will
automatically get new account according to mail attribute in LDAP if
it hasn't existed before.

But if users mail attribute has changed, then he/she will
automatically get new account or administrator has to change user
mail.

I think better way would be to use unique user attribute from LDAP for
user identification like saMAccountname from AD. And if user login to
Bugzilla, then every time will be checked if he/she mail address is
still same or needs it synchronize.

My problem was that every user got new email address in AD, what I
discovered some time later and I had to write a script to give
original account new email address.
_______________________________________________
dev-apps-bugzilla mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-apps-bugzilla
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=lists@...>
Reply | Threaded
Open this post in threaded view
|

Re: Bugzilla identification

Max Kanat-Alexander
On Fri, 18 Jul 2008 04:13:45 -0700 (PDT) Renno Reinurm
<[hidden email]> wrote:
> I think better way would be to use unique user attribute from LDAP for
> user identification like saMAccountname from AD.

        Bugzilla actually should already be doing that. I might have
only fixed it for 3.2, but it should be storing the LDAP ID in the
extern_id column in the profiles table.

        -Max
--
http://www.everythingsolved.com/
Competent, Friendly Bugzilla and Perl Services. Everything Else, too.
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=lists@...>
Reply | Threaded
Open this post in threaded view
|

Re: Bugzilla identification

Jochen Wiedmann
On Sat, Jul 19, 2008 at 2:01 AM, Max Kanat-Alexander
<[hidden email]> wrote:

>        Bugzilla actually should already be doing that. I might have
> only fixed it for 3.2, but it should be storing the LDAP ID in the
> extern_id column in the profiles table.

Might this be a reason to take some of the code from

    https://bugzilla.mozilla.org/show_bug.cgi?id=392482

For example, display and editing of the extern_id should make sense in
such an environment as well.


Jochen


--
Look, that's why there's rules, understand? So that you think before
you break 'em.

 -- (Terry Pratchett, Thief of Time)
-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=lists@...>
Reply | Threaded
Open this post in threaded view
|

Re: Bugzilla identification

autogbler

----- Original Message -----
From: "Jochen Wiedmann" <[hidden email]>
To: <[hidden email]>
Sent: Saturday, July 19, 2008 11:18 AM
Subject: Re: Bugzilla identification


> On Sat, Jul 19, 2008 at 2:01 AM, Max Kanat-Alexander
> <[hidden email]> wrote:
>
>>        Bugzilla actually should already be doing that. I might have
>> only fixed it for 3.2, but it should be storing the LDAP ID in the
>> extern_id column in the profiles table.
>
> Might this be a reason to take some of the code from
>
>    https://bugzilla.mozilla.org/show_bug.cgi?id=392482
>
> For example, display and editing of the extern_id should make sense in
> such an environment as well.
>
>
> Jochen
>
>
> --
> Look, that's why there's rules, understand? So that you think before
> you break 'em.
>
> -- (Terry Pratchett, Thief of Time)
> -
> To view or change your list settings, click here:
> <http://bugzilla.org/cgi-bin/mj_wwwusr?user=autogbler@...>

-
To view or change your list settings, click here:
<http://bugzilla.org/cgi-bin/mj_wwwusr?user=lists@...>