[rt-users] NTLM + ldap overlay problem

Matt Ostiguy ostiguy at gmail.com
Fri Mar 17 11:26:32 EST 2006


Using this configuration method (
http://blank.org/memory/output/rt-ad-sso.html), it seems the NTLM part
works, but nothing gets pulled in via LDAP - the username created is the NT
username, but the email address does not get pulled in. A packet capture of
the LDAP session indicates that the search filter being used is

(&(mail=)(objectclass=user))

Which dooes not generate any results, which is not surprising because that
search filter looks remarkably suspect to me. RT should be searching on the
sAMAccountName (the windows username), but instead appears to be searching
on mail, but without a value. Any ideas?



Here is my relevant siteconfig :

Set($LdapAuthUidAttr,           'sAMAccountName');
Set($LdapAuthFilter,            '(objectClass=user)');
Set($LdapMailBase,              'dc=domain,dc=goeshere,dc=com');
Set($LdapMailFilter,            '(objectClass=user)');
Set($LdapMailScope,             'sub');
Set($LdapMailSearchAttr,        'mail');
%RT::LdapMailResultMap = (
        'sAMAccountName'        => 'Name',
        'mail'                  => 'EmailAddress',
        'cn'                    => 'RealName',
        );




Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20060317/6fd1628b/attachment.htm>


More information about the rt-users mailing list