Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bugzilla, Active Directory and local accounts
287 views
Skip to first unread message
he...@hetz.biz
Feb 7, 2017, 7:03:27 PM2/7/17
to
Hi,
I have a bugzilla system which works fine and it has local users.
Lately I have been asked to switch from local users to AD (is there a plugin for this or the instructions remains the same as bugzilla 2.x/3.x?),
The challange that I have is that is this tasks request that I move all the users data (bugs, messages etc) from local accounts to the accounts with AD.
Is there a way to do such a thing?
Thanks
I have a bugzilla system which works fine and it has local users.
Lately I have been asked to switch from local users to AD (is there a plugin for this or the instructions remains the same as bugzilla 2.x/3.x?),
The challange that I have is that is this tasks request that I move all the users data (bugs, messages etc) from local accounts to the accounts with AD.
Is there a way to do such a thing?
Thanks
Thorsten Schöning
Feb 8, 2017, 2:51:24 AM2/8/17
to support-...@lists.mozilla.org
Guten Tag he...@hetz.biz,
am Mittwoch, 8. Februar 2017 um 01:03 schrieben Sie:
> I have a bugzilla system which works fine and it has local users.
> Lately I have been asked to switch from local users to AD (is there
> a plugin for this or the instructions remains the same as bugzilla 2.x/3.x?),
LDAP is built-in, you just need to install all necessary Perl modules,
which checksetup.pl should tell you about, and configure it.
https://bugzilla.readthedocs.io/en/5.0/administering/parameters.html#ldap
> The challange that I have is that is this tasks request that I move
> all the users data (bugs, messages etc) from local accounts to the accounts with AD.
You can't move bugs etc. to AD, those are always stored in the local
Bugzilla DB. AD/LDAP is only used for authentication purposes.
Mit freundlichen Grüßen,
Thorsten Schöning
--
Thorsten Schöning E-Mail: Thorsten....@AM-SoFT.de
AM-SoFT IT-Systeme http://www.AM-SoFT.de/
Telefon...........05151- 9468- 55
Fax...............05151- 9468- 88
Mobil..............0178-8 9468- 04
AM-SoFT GmbH IT-Systeme, Brandenburger Str. 7c, 31789 Hameln
AG Hannover HRB 207 694 - Geschäftsführer: Andreas Muchow
am Mittwoch, 8. Februar 2017 um 01:03 schrieben Sie:
> I have a bugzilla system which works fine and it has local users.
> Lately I have been asked to switch from local users to AD (is there
> a plugin for this or the instructions remains the same as bugzilla 2.x/3.x?),
which checksetup.pl should tell you about, and configure it.
https://bugzilla.readthedocs.io/en/5.0/administering/parameters.html#ldap
> The challange that I have is that is this tasks request that I move
> all the users data (bugs, messages etc) from local accounts to the accounts with AD.
Bugzilla DB. AD/LDAP is only used for authentication purposes.
Mit freundlichen Grüßen,
Thorsten Schöning
--
Thorsten Schöning E-Mail: Thorsten....@AM-SoFT.de
AM-SoFT IT-Systeme http://www.AM-SoFT.de/
Telefon...........05151- 9468- 55
Fax...............05151- 9468- 88
Mobil..............0178-8 9468- 04
AM-SoFT GmbH IT-Systeme, Brandenburger Str. 7c, 31789 Hameln
AG Hannover HRB 207 694 - Geschäftsführer: Andreas Muchow
het...@gmail.com
Feb 8, 2017, 11:54:00 AM2/8/17
to
> LDAP is built-in, you just need to install all necessary Perl modules,
> which checksetup.pl should tell you about, and configure it.
OK.
> which checksetup.pl should tell you about, and configure it.
> You can't move bugs etc. to AD, those are always stored in the local
> Bugzilla DB. AD/LDAP is only used for authentication purposes.
Lets say that I have a Bugzilla machine with user joe and that user is using bugzilla a lot to submit bugs, reply, escalate etc..
Now I'm connecting this bugzilla to AD, where I have a user which is called: joeAD.
All I want is that upon login using the AD with joeAD, it will point to the contect of the user joe (local user joe will not be used anymore).
Thorsten Schöning
Feb 8, 2017, 12:23:30 PM2/8/17
to support-...@lists.mozilla.org
Guten Tag het...@gmail.com,
am Mittwoch, 8. Februar 2017 um 17:53 schrieben Sie:
> I'll try to explain myself:
Unnecessary, I already understood what you want. ;-) Just do as the
linked docs say.
> [...](local user joe will not be used anymore).
Bugzilla always creates local users, in case of LDAP/AD with the data
from the LDAP/AD. So there will always be user data in the local
Bugzilla database, synced to the data of your AD for each user during
login.
That's the reason for the warning in the docs I linked:
> Warning Because the Bugzilla account is not created until the first
> time a user logs in, a user who has not yet logged is unknown to
> Bugzilla. This means they cannot be used as an assignee or QA
> contact (default or otherwise), added to any CC list, or any other
> such operation. One possible workaround is the bugzilla_ldapsync.rb
> script in the contrib directory. Another possible solution is fixing
> bug 201069.
https://bugzilla.readthedocs.io/en/5.0/administering/parameters.html#ldap
am Mittwoch, 8. Februar 2017 um 17:53 schrieben Sie:
> I'll try to explain myself:
linked docs say.
> [...](local user joe will not be used anymore).
Bugzilla always creates local users, in case of LDAP/AD with the data
from the LDAP/AD. So there will always be user data in the local
Bugzilla database, synced to the data of your AD for each user during
login.
That's the reason for the warning in the docs I linked:
> Warning Because the Bugzilla account is not created until the first
> time a user logs in, a user who has not yet logged is unknown to
> Bugzilla. This means they cannot be used as an assignee or QA
> contact (default or otherwise), added to any CC list, or any other
> such operation. One possible workaround is the bugzilla_ldapsync.rb
> script in the contrib directory. Another possible solution is fixing
> bug 201069.
https://bugzilla.readthedocs.io/en/5.0/administering/parameters.html#ldap
het...@gmail.com
Feb 8, 2017, 1:01:32 PM2/8/17
to
> Bugzilla always creates local users, in case of LDAP/AD with the data
> from the LDAP/AD. So there will always be user data in the local
> Bugzilla database, synced to the data of your AD for each user during
> login.
Ok, so lets say we have user joe (local) and joeAD (which bugzilla creates when I'm doing login with AD).
> from the LDAP/AD. So there will always be user data in the local
> Bugzilla database, synced to the data of your AD for each user during
> login.
How do I move the data from the user joe to the user joeAD?
Thorsten Schöning
Feb 8, 2017, 1:43:20 PM2/8/17
to support-...@lists.mozilla.org
Guten Tag het...@gmail.com,
am Mittwoch, 8. Februar 2017 um 19:01 schrieben Sie:
> How do I move the data from the user joe to the user joeAD?
My bad, seems I totally misunderstood your example. :-) I'm not using
LDAP myself, so be careful with what I'm saying...
Bugzilla uses mail addresses by default. If you enable LDAP, it tries
to authorize with whatever it gets as username, searches for mail
addresses afterwards and uses that as the internal username. If it
doesn't find any, the provided username is used.
So if you logged in with j...@example.org in the past and assign
j...@example.org to joeAD in your AD, you should be able to login with
joeAD, Bugzilla should retrieve j...@example.org internally and
wouldn't create a new account at all.
If you really logged in using joe only, it MIGHT work to assing joe as
mail address to joeAD as well and configure emailsuffix in Bugzilla's
admin ui. Which in such a setup should be configured already anyway I
guess...
What to use as Bugzilla mail address aka its internal username can be
configured in the LDAP settings in the admin ui. So it should be
possible to map old usernames of Bugzilla to your AD users even if
those already have some mail address otherwise. Maybe just create a
new field like "bz_username" or "bz_mail" or whatever.
You can easily test with some AD user by keeping DB in your
user_verify_class after LDAP.
Have a look at the source of Bugzilla::Auth::Verify::LDAP of how this
works. You don't need to be a developer to somewhat understand what
happens when.
am Mittwoch, 8. Februar 2017 um 19:01 schrieben Sie:
> How do I move the data from the user joe to the user joeAD?
LDAP myself, so be careful with what I'm saying...
Bugzilla uses mail addresses by default. If you enable LDAP, it tries
to authorize with whatever it gets as username, searches for mail
addresses afterwards and uses that as the internal username. If it
doesn't find any, the provided username is used.
So if you logged in with j...@example.org in the past and assign
j...@example.org to joeAD in your AD, you should be able to login with
joeAD, Bugzilla should retrieve j...@example.org internally and
wouldn't create a new account at all.
If you really logged in using joe only, it MIGHT work to assing joe as
mail address to joeAD as well and configure emailsuffix in Bugzilla's
admin ui. Which in such a setup should be configured already anyway I
guess...
What to use as Bugzilla mail address aka its internal username can be
configured in the LDAP settings in the admin ui. So it should be
possible to map old usernames of Bugzilla to your AD users even if
those already have some mail address otherwise. Maybe just create a
new field like "bz_username" or "bz_mail" or whatever.
You can easily test with some AD user by keeping DB in your
user_verify_class after LDAP.
Have a look at the source of Bugzilla::Auth::Verify::LDAP of how this
works. You don't need to be a developer to somewhat understand what
happens when.
0 new messages