[rt-users] RT::Authen::ExternalAuth

Peter Barton PBarton at iesi.com
Wed Sep 1 11:21:20 EDT 2010


Thanks a bunch Dan!!  That did the trick perfectly!  I am now able to
authenticate successfully from AD and from the local system.

Since it was so easy for you to spot my problem maybe you can help me
with one more request.  Like I said at the end of my last email I have
run the "rt_logins_email2ldap" script and everyone has appropriate
usernames to match AD.  Is there a way to have RT go through and
populate all the user information for each of the users that already
exist in my system?  Or is this supposed to be a dynamic step?  When I
open a ticket that existed prior to the installation of
RT::Authen::ExternalAuth the user information is not populated with
anything.

Any direction you can give would be greatly appreciated.

Thanks in advance,

----------
Peter Barton

-----Original Message-----
From: rt-users-bounces at lists.bestpractical.com
[mailto:rt-users-bounces at lists.bestpractical.com] On Behalf Of Dan
Stilts
Sent: Tuesday, August 31, 2010 5:38 PM
To: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] RT::Authen::ExternalAuth

Peter,

Looks like you have two plugin lines:

Set(@Plugins, qw(RT::Authen::ExternalAuth));
Set(@Plugins, qw(RTx::Calendar));

Try:
Set(@Plugins,(qw(RT::Authen::ExternalAuth RTx::Calendar)));

Your second plugin line is overwriting the first one.

-Dan

On 8/31/10 3:05 PM, Peter Barton wrote:
> I have been searching all day long and I am having some issues getting
> this running. Here is a quick copy of my RT_SiteConfig.pm:
>
> Set(@Plugins, qw(RT::Authen::ExternalAuth));
>
> Set(@Plugins, qw(RTx::Calendar));
>
> Set($LogToFile,'debug');
>
> Set($TrustHTMLAttachments, 1);
>
> Set($ExternalAuthPriority, [ 'My_LDAP'
>
> ]
>
> );
>
> Set($ExternalInfoPriority, [ 'My_LDAP'
>
> ]
>
> );
>
> Set($ExternalServiceUsesSSLorTLS, 0);
>
> Set($AutoCreateNonExternalUsers, 0);
>
> Set($ExternalSettings, { # AN EXAMPLE DB SERVICE
>
> 'My_MySQL' => { ## GENERIC SECTION
>
> 'type' => 'mysql',
>
> 'server' => 'localhost',
>
> 'database' => 'rt3',
>
> 'table' => 'USERS_TABLE',
>
> 'user' => 'rt_user',
>
> 'pass' => 'blahblah',
>
> 'port' => '3306',
>
> 'dbi_driver' => 'mysql',
>
> 'u_field' => 'username',
>
> 'p_field' => 'password',
>
> 'p_enc_pkg' => 'Crypt::MySQL',
>
> 'p_enc_sub' => 'password',
>
> 'd_field' => 'disabled',
>
> 'd_values' => ['0'],
>
> 'attr_match_list' => [ 'Gecos',
>
> 'Name'
>
> ],
>
> 'attr_map' => { 'Name' => 'username',
>
> 'EmailAddress' => 'email',
>
> 'ExternalAuthId' => 'username',
>
> 'Gecos' => 'userID'
>
> }
>
> },
>
> # AN EXAMPLE LDAP SERVICE
>
> 'My_LDAP' => { ## GENERIC SECTION
>
> 'type' => 'ldap',
>
> 'server' => 'iesicorp.tf.prv',
>
> 'user' => 'cn=user,dc=tf,dc=prv',
>
> 'pass' => 'blahblah',
>
> 'base' => 'dc=tf,dc=prv',
>
> 'filter' => '(objectClass=user)',
>
> 'd_filter' => '(objectClass=FooBarBaz)',
>
> 'tls' => 0,
>
> 'ssl_version' => 3,
>
> 'net_ldap_args' => [ version => 3 ],
>
> # 'group' => 'Domain Users',
>
> # 'group_attr' => 'memberof',
>
> 'attr_match_list' => [ 'Name',
>
> 'EmailAddress',
>
> 'RealName',
>
> 'WorkPhone',
>
> 'Address2'
>
> ],
>
> # The mapping of RT attributes on to LDAP attributes
>
> 'attr_map' => { 'Name' => 'sAMAccountName',
>
> 'EmailAddress' => 'mail',
>
> 'Organization' => 'physicalDeliveryOfficeName',
>
> 'RealName' => 'cn',
>
> 'ExternalAuthId' => 'sAMAccountName',
>
> 'Gecos' => 'sAMAccountName',
>
> 'WorkPhone' => 'telephoneNumber',
>
> 'Address1' => 'streetAddress',
>
> 'City' => 'l',
>
> 'State' => 'st',
>
> 'Zip' => 'postalCode',
>
> 'Country' => 'co'
>
> }
>
> },
>
> When I restart apache2 everything works fine. I see no errors. Yet
when
> I log into the web page I get this:
>
> [Tue Aug 31 21:44:27 2010] [info]: Successful login for pbarton from
> 192.168.10.60 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:430)
>
> I check the "System Configuration" and I see no reference to
> RT::Authen::ExternalAuth anywhere in there. From all the logs it does
> not even appear that I am loading this plugin.
>
> BTW, I am running Ubuntu 8.0.4 LTS and RT version 3.8.6 and I
installed
> RT::Authen::ExternalAuth from cpan version 0.08.
>
> I have successfully run the "rt_logins_email2ldap" script and was able
> to make all the necessary changes to accomoodate the change from local
> user auth to LDAP auth. Any help anyone
>
> Can provide I would be greatly appreciative.
>
> Thanks,
>
> ----------
>
> Peter Barton
>
>
>
>
> RT Training in Washington DC, USA on Oct 25&  26 2010
> Last one this year -- Learn how to get the most out of RT!

RT Training in Washington DC, USA on Oct 25 & 26 2010
Last one this year -- Learn how to get the most out of RT!



More information about the rt-users mailing list