[rt-users] Configuring RT::Authen::ExternalAuth after successful install of RT4

[Kevin Falcone]

On Thu, Jul 21, 2011 at 08:06:53PM +0000, Raghavendra Lal Kalyankar wrote:
> 
> Hi Nick/All
> 
> I have uncommented both filters and d_filters. Now, the configuration looks like below:
> 
>  # The filter to use to match RT-Users
>                                                         'filter'                    =>  '(sAMAccountName=%u)',

what's %u here?  There is no printf style interpretation of filters.
RT::Authen::ExternalAuth already builds (sAMAccountName=username) if you
configure the rest properly. This is a filter to ensure that you don't
match the wrong type of user. If you don't know what goes here, use the
catch-all example filter.

>                                                         # A catch-all example filter: '(objectClass=*)'
>                                                         #
>                                                         # The filter that will only match disabled users
>                                                         'd_filter'                  =>  '(&(objectCategory=person)(objectClass=user))',
> 
> Now, I am not getting the below string error but my external authentication is still not successful. I am doubting if the above filter value is incorrect which is making RT unable to search for the user in AD.

That says anyone who is a user and a person should be disabled.
Is that really what you want?

Leave it empty but not commented out if you don't know what you want.

Also, run your install in debug logging mode, it'll show you what it
is doing.

-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110721/4db2359f/attachment.sig>