[rt-users] cannot connect even after succesful Ldap search

Ashrock amohammed.ash at gmail.com
Wed Sep 29 17:48:55 EDT 2010


  I specified the password this time.
But it still does not connect to LDAP even then.


On 9/29/2010 4:42 PM, Kevin Falcone wrote:
> On Wed, Sep 29, 2010 at 03:24:43PM -0500, Ashrock wrote:
>>     Hi,
>>
>>     I am trying to connect my AD to RT, to let users in AD access RT with their user names. I
>>     tried configuring LDAP different ways, but it always returns cannot connect to LDAP, Invalid
>>     Credentials.
>>     [critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj : Cannot connect to 10.10.0.5:389
>>
>>     I assume the LDAP search was successful through this command.
>>
>>     LDAP Search:
>>     ldapsearch -LLL -x -H [1]ldap://10.10.0.5:389 -b 'ou=IT, ou=Support, dc=mcfc, dc=local' -D
>>     'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local' -w 'abc123!@#' '(&(ObjectClass=User)(CN= RT))'
>>     <returned no errors>
>>     Does that mean, the ldap search was successful?
> Your ldapsearch command specified a password, your RT config does not
>
> -kevin
>
>>     My RT Site Config is below.
>>     Do i have to use AutoCanonical for user to get connected to LDAP.
>>
>>     Where am i doing wrong. Please let me know if you may need some more files to know where am i
>>     doing it wrong.
>>
>>     ------------------------RT SITE CONFIG
>>     ---------------------------------------------------------------
>>     Set($WebBaseURL,'[2]http://10.10.10.10:443'); Set($WebPath,'');
>>     Set($DatabaseName, 'rt3'); Set($DatabaseType, 'mysql');
>>     Set($DatbaseUser, 'rtuser'); Set($DatabasePassword, 'pass');
>>     Set($rtname,'Ticket'); Set($Organization,[3]"http://www.mcfc.com");
>>
>>     #Set(@Plugins,(qw(Extension::QuickDelete)));
>>     #Set(@Plguins,(qw(RT::FM)));
>>     #Set($LogtoFileNamed, "rt.log");
>>     #Set($LogtoFile, 'debug');
>>
>>     Set(@Plugins,qw(RT::Authen::ExternalAuth));
>>     Set($CorrespondAddress, '[4]rt-its at mcfc.com');
>>     Set($CommentAddress, '[5]rt-comment at mcfc.com');
>>
>>     @MailCommand , 'sendmail';
>>     $SendMailArguments = "-oi -t";
>>     $SendMailPath = "/usr/sbin/sendmail";
>>     $SenderMustExistInExternalDatabase = undef;
>>
>>     #Set($MailCommand, 'sendmail');
>>     #Set($SendMailArguments, "-bm --rt-its at mcfc.com");
>>     #Set($SendmailPath, "/usr/sbin/exim4");
>>
>>     Set($NotifyActor, 1);
>>     Set($RecordOutgoingEmail, 1);
>>     Set($Timezone, 'US/Central');
>>
>>     $WebURL = $WebBaseURL . $WebPath . "/";
>>
>>     #Set($WebExternalAuth, 1);
>>     #Set($WebFallbackToInternalAuth, true);
>>     #Set($WebExternalAuto , 1);
>>
>>     Set ($ExternalAuthPriority, [ 'My_LDAP' ]);
>>     Set ($ExternalInfoPriority, [ 'My_LDAP' ]);
>>     Set ($ExternalServiceUsesSSLorTLS, 1);
>>     Set ($AutoCreateNonExternalUsers, 1);
>>     Set ($Autocreate, 'Privileged=>1');
>>
>>     Set($ExternalSettings, { 'My_LDAP' =>
>>                                          {
>>                                           'type' =>  'ldap',
>>                                           'server' =>  '10.10.10.10:389',
>>                                           'user' =>  'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local',
>>                                           #'filter' =>  '(uid=*)',
>>                                          #'filter' =>  '(&(ObjectCategory =
>>     User)(ObjectClass=Person))',
>>                                           'filter' =>  '(&(ObjectCategory = User)',
>>                                           'd_filter' =>  '(userAccountControl=514)',
>>                                          #'d_filter' =>
>>     '(userAccountControl:1.2.840.113556.1.4.803:=2)',
>>                                           'tls' =>  0,
>>                                          #'ssl_version' =>  3,
>>                                           'net_ldap_args' =>  [version =>  3],
>>                                          #'group' =>'cn= ou=Users dc=server, dc=mcfc, dc=local',
>>                                          #'group_attr' =>  'member',
>>                                           'attr_match_list' =>  ['Name','Email Address'],
>>                                          #'attr_map' =>  {'Name' =>  'uid', 'EmailAddress' =>
>>     'mail'}
>>                                           'attr_map' =>  {
>>                                                          'Name' =>  'sAMAaccountName',
>>                                                          'EmailAddress' =>  'mail',
>>                                                          'Organization' =>
>>     'physicalDeliveryOfficeName',
>>                                                          'RealName' =>  'cn',
>>                                                          'ExternalAuthId'=>  'sAMAccountname',
>>                                                          'Gecos' =>  'sAMAccountName',
>>                                                          'WorkPhone' =>  'telephoneNumber',
>>                                                          'Address1' =>  'streetAddress',
>>                                                          'City' =>  '1',
>>                                                          'State' =>  'st',
>>                                                          'Zip' =>'postalCode',
>>                                                          'Country' =>  'co'
>>                                                         }
>>
>>                                          }
>>     }
>>     );
>>     1;
>>
>> References
>>
>>     Visible links
>>     1. file:///Users/falcone/tmp/ldap:/10.10.0.5:389
>>     2. http://10.10.10.10:443/
>>     3. http://www.mcfc.com/
>>     4. mailto:rt-its at mcfc.com
>>     5. mailto:rt-comment at mcfc.com
>> RT Training in Washington DC, USA on Oct 25&  26 2010
>> Last one this year -- Learn how to get the most out of RT!
>
>
>
> RT Training in Washington DC, USA on Oct 25&  26 2010
> Last one this year -- Learn how to get the most out of RT!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100929/80aed95c/attachment.htm>


More information about the rt-users mailing list