[rt-users] Authenticate with multiple LDAP Domains

Ariel Saia ariel.saia at brandesassociates.com
Thu Jun 10 13:38:48 EDT 2010


Just wanted to post this as it may help someone. I needed to authenticate against multiple AD domains and in the archives someone had asked how to do this. Here is my ExternalAuth: RT_SiteConfig.pm file.


----------------------------------------------------------------------------------------------------------------------------


Set($ExternalAuthPriority,           [ 'My_LDAP', 'My_LDAP2' ] );
Set($ExternalInfoPriority,           [ 'My_LDAP', 'My_LDAP2' ] );
Set($ExternalServiceUsesSSLorTLS,    0);
Set($AutoCreateNonExternalUsers,     0);

Set($ExternalSettings,      {
                     'My_LDAP'               =>  {

                     'type'                  =>  'ldap',
                     'server'                =>  '192.168.0.1',
                     'user'                  =>  'CN=rt, OU=TEST-CO, DC=Domain1, DC=COM',
                     'pass'                  =>  'passowrd',
                     'base'                  =>  'DC=Domain1,DC=COM',

                     'filter'                =>  '(ObjectClass=*)',
#                    'd_filter'              =>  '(userAccountControl:1.2.840.113556.1.4.803:=2)',

                     'tls'                   =>  0,
#                    'ssl_version'           =>  3,

                     'net_ldap_args'         => [    version =>  3           ],
#                    'group'                 =>  'cn=RT Users,ou=Services,dc=internal,dc=local',
#                    'group_attr'            =>  'member',

                     'attr_match_list'       => [   'Name', 'EmailAddress'   ],
                     'attr_map'              => {   'Name' => 'sAMAccountName',
                                                    'EmailAddress' => 'mail',
                                                    'Organization' => 'physicalDeliveryOfficeName',
                                                    'RealName' => 'cn',
                                                    'ExternalAuthId' => 'sAMAccountName',
                                                    'Gecos' => 'sAMAccountName',
                                                    'WorkPhone' => 'telephoneNumber',
                                                    'Address1' => 'streetAddress',
                                                    'City' => 'l',
                                                    'State' => 'st',
                                                    'Zip' => 'postalCode',
                                                    'Country' => 'co'
                                                                                                }
                                                },

                                      'My_LDAP2'               =>  {

                     'type'                  =>  'ldap',
                     'server'                =>  '192.168.1.1',
                     'user'                  =>  'CN=rt, OU=TEST-CO, DC=Domain2, DC=COM',
                     'pass'                  =>  'password',
                     'base'                  =>  'DC=Domain2,DC=COM',

                     'filter'                =>  '(ObjectClass=*)',
#                    'd_filter'              =>  '(userAccountControl:1.2.840.113556.1.4.803:=2)',

                     'tls'                   =>  0,
#                    'ssl_version'           =>  3,

                     'net_ldap_args'         => [    version =>  3           ],
#                    'group'                 =>  'cn=RT Users,ou=Services,dc=internal,dc=local',
#                    'group_attr'            =>  'member',

                     'attr_match_list'       => [   'Name', 'EmailAddress'   ],
                     'attr_map'              => {   'Name' => 'sAMAccountName',
                                                    'EmailAddress' => 'mail',
                                                    'Organization' => 'physicalDeliveryOfficeName',
                                                    'RealName' => 'cn',
                                                    'ExternalAuthId' => 'sAMAccountName',
                                                    'Gecos' => 'sAMAccountName',
                                                    'WorkPhone' => 'telephoneNumber',
                                                    'Address1' => 'streetAddress',
                                                    'City' => 'l',
                                                    'State' => 'st',
                                                    'Zip' => 'postalCode',
                                                    'Country' => 'co'
                                                }
                                                                                                }

                            }
);

1;




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100610/8f75e7c9/attachment.htm>


More information about the rt-users mailing list