[rt-users] External Authentication

Berny Stapleton berny at technology.net.au
Fri Apr 24 02:44:03 EDT 2009


The best way that I have found to do this is to run wireshark or
similar on the box itself and increase the debug output on the web
server.

The wireshark output though will give you all the LDAP details and
will show you what the server's response is. It will also show you how
you are putting together your bind strings, which is usually what's
wrong.

Also, take a look at the AD with ldp which is part of the support
tools package. You can use this to make sure that you have your DNs
correct.

Berny

2009/4/23 Jeff Lucas <jlucas at eagleinvsys.com>:
> I’ve configured a DEV instance of RT 3.8.2 to test AD authentication but am
> getting the following in my rt.log…
>
>
>
> [Thu Apr 23 19:37:58 2009] [error]: FAILED LOGIN for jeff from 10.x.x.x
> (/apps/rt-3.8.2-dev/share/html/autohandler:268)
>
>
>
> I do not admin and therefore do not have access to monitor things on the AD
> side.  Is there any way I can further debug the issue via log files, etc. on
> my RT server?
>
>
>
> I know AD is working as I can query it using ldapsearch, however, I’m unsure
> if I’ve configured my "RT_SiteConfig.pm" correctly based on the working
> query.
>
>
>
> My ldapsearch command uses the following flags…
>
> -D "CN=RT User,OU=Eagle Access,DC=eagleinvsys,DC=com" -w <password> -b
> "OU=Eagle Access,DC=eagleinvsys,DC=com"
>
>
>
> I’m unsure what my “base”  should be set to in RT_SiteConfig.pm since I’m
> using different settings for –D and –b.
>
>
>
> Also, does a user have to exist in RT (and have credentials) before the user
> can be authenticated via AD?
>
>
>
> Thanks.
>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales at bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
>



More information about the rt-users mailing list