[rt-users] rt4 and External Auth to AD 2008 non-ssl

Brian Murphy blmurphy at eiu.edu
Tue Aug 30 11:34:08 EDT 2011


Yet I am getting the following out of the external auth:

[Tue Aug 30 15:29:48 2011] [debug]: Attempting to use external auth service: EIUAD (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Tue Aug 30 15:29:48 2011] [debug]: Calling UserExists with $username (blmurphy) and $service (EIUAD) (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105)
[Tue Aug 30 15:29:48 2011] [debug]: UserExists params:
username: blmurphy , service: EIUAD (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)
[Tue Aug 30 15:29:48 2011] [debug]: LDAP Search ===  Base: dc=eiuad,dc=eiu.dc=edu == Filter: (&(sAMAccountName=blmurphy)) == Attrs: sAMAccountName (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)
[Tue Aug 30 15:29:48 2011] [debug]: User Check Failed :: ( EIUAD ) blmurphy User not found (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:318)
[Tue Aug 30 15:29:48 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:11)

----- Original Message -----
From: "Brian Murphy" <blmurphy at eiu.edu>
To: rt-users at lists.bestpractical.com
Sent: Tuesday, August 30, 2011 10:08:56 AM
Subject: Re: [rt-users] rt4 and External Auth to AD 2008 non-ssl

A bit confused about that whole filter thing.

If I specify objectClass=person and the sAMAccountName on the same filter it does not work with ldapsearch.  if I use either one by titself, I get back my user record from AD.

Brian 
----- Original Message -----
From: "Kevin Falcone" <falcone at bestpractical.com>
To: rt-users at lists.bestpractical.com
Sent: Tuesday, August 30, 2011 9:41:57 AM
Subject: Re: [rt-users] rt4 and External Auth to AD 2008 non-ssl

On Tue, Aug 30, 2011 at 09:35:39AM -0500, Brian Murphy wrote:
> I am making progress in that I am at least now getting some indication that the code is trying to authenticate my user in my active directory.
> I now receive the following after I upgraded my RT::Auth::External to 0.09.

Yes, you must use the newest version (0.09) for it to work with RT4

> [Tue Aug 30 14:32:12 2011] [debug]: LDAP Search ===  Base: ou=its employees,ou=employee accounts,ou=eiu users,dc=eiuad,dc=eiu.dc=edu == Filter: (&(objectClass=person)(sAMAccountName=blmurphy)) == Attrs: sAMAccountName (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)

Is that the right OU and Filter?  Does that OU and Filter work from
ldapsearch?

-kevin

--------
RT Training Sessions (http://bestpractical.com/services/training.html)
*  Chicago, IL, USA � September 26 & 27, 2011
*  San Francisco, CA, USA � October 18 & 19, 2011
*  Washington DC, USA � October 31 & November 1, 2011
*  Melbourne VIC, Australia � November 28 & 29, 2011
*  Barcelona, Spain � November 28 & 29, 2011
--------
RT Training Sessions (http://bestpractical.com/services/training.html)
*  Chicago, IL, USA  September 26 & 27, 2011
*  San Francisco, CA, USA  October 18 & 19, 2011
*  Washington DC, USA  October 31 & November 1, 2011
*  Melbourne VIC, Australia  November 28 & 29, 2011
*  Barcelona, Spain  November 28 & 29, 2011



More information about the rt-users mailing list