[rt-users] Upgrade 3.8.1 -> 4.0.2: Login problem

Gino Lisignoli gino.lisignoli at opus.co.nz
Tue Oct 4 17:27:19 EDT 2011


It double turns out that we do use LDAP for authentication and that I 
didn't really look hard enough.
Added Set( @Plugins, qw(RT::Authen::ExternalAuth) );

And now I get:

[critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind: 
LDAP_INVALID_DN_SYNTAX 34 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:467)

So I'm pretty sure my ldap isn't setup correctly in RT_SiteConfig.pm. *SIGH*
Best examples to look for ldap authentication in 4.0.2?


On 05/10/11 09:35, Kevin Falcone wrote:
> On Wed, Oct 05, 2011 at 08:56:57AM +1300, Gino Lisignoli wrote:
>> Ah, Turns out our previous administrator isn't using ldap for login
>> authentication. I've disabled it for now but it hasn't had any
>> effect.
>>
>> I've reset the root password and managed to login successfully. So
>> no issues there. Then reset my user password and logged in, no
>> problems.
>>
>> Then I tried the upgrade steps again with a fresh copy of the old database
>>
>> #make upgrade
>> #/opt/rt4/sbin/rt-setup-database --prompt-for-dba-password --action upgrade
>> #etc/upgrade/vulnerable-passwords
>>
>> But the same problem happens when I try and login.
> Check for any local overrides of User* and anything else in local/
> But really, to debug this would require seeing what one of your
> password hashes looks like and the schema of your Users table.
> Keep in mind that the hashing scheme before 3.8.10 had weaknesses so
> you may not wish to post a hash publicly if your RT is accessible from
> the public internet.
>
> -kevin
>
>> On 05/10/11 08:45, Kevin Falcone wrote:
>>> On Wed, Oct 05, 2011 at 08:18:12AM +1300, Gino Lisignoli wrote:
>>>>     I'm now logging to /opt/rt4/log but the only error message I get (debug) is:
>>>>
>>>>     [Mon Oct  3 21:02:48 2011] [error]: FAILED LOGIN for [1]gino.lisignoli at foo.co.nz from
>>>>     xx.xx.xx.xx (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:655)
>>>>
>>>>     I've tried commenting out our ldap authentication method but that hasn't helped.
>>> What are you using to do ldap authentication?
>>> You should be using the current version of RT-Authen-ExternalAuth
>>> available on CPAN.
>>>
>>>>     What method can I use to set the root password for rt4 in mysql?
>>> http://requesttracker.wikia.com/wiki/RecoverRootPassword
>>>
>>> -kevin
>>>
>>>>     On 04/10/11 03:12, Kevin Falcone wrote:
>>>>
>>>>   On Mon, Oct 03, 2011 at 10:29:39AM +1300, Gino Lisignoli wrote:
>>>>
>>>>   Hello
>>>>
>>>>   I'm having login problems with my upgrade from 3.8.1 to 4.0.2.
>>>>   I have followed the installation instructions, gotten all the cpan
>>>>   packages, configured and built 4.0.2 successfully.
>>>>
>>>>   Then I have run the upgrade,
>>>>   /opt/rt4/sbin/rt-setup-database --prompt-for-dba-password --action upgrade
>>>>   Cleared the mason cache dir
>>>>   etc/upgrade/vulnerable-passwords
>>>>
>>>>   But no existing users can login. If I can manually reset the
>>>>   passwords in the pgsql database then I'm not too worried about
>>>>   loosing the passwords, but what encoding method do I need to use to
>>>>   reset them with.
>>>>
>>>>   Could this be an ldap problem? I tried looking through the logs but
>>>>   none are being generated in /opt/rt4/var/log
>>>>
>>>>   What are you using to do ldap?
>>>>   Unless you've configured it, RT doesn't log to /opt/rt4/var/log by
>>>>   default.
>>>>
>>>>   -kevin
>>>>
>>>>   --------
>>>>   RT Training Sessions ([2]http://bestpractical.com/services/training.html)
>>>>   *  San Francisco, CA, USA -- October 18&   19, 2011
>>>>   *  Washington DC, USA -- October 31&   November 1, 2011
>>>>   *  Melbourne VIC, Australia -- November 28&   29, 2011
>>>>   *  Barcelona, Spain -- November 28&   29, 2011
>>>>
>>>> References
>>>>
>>>>     Visible links
>>>>     1. mailto:gino.lisignoli at foo.co.nz
>>>>     2. http://bestpractical.com/services/training.html
>>>> --------
>>>> RT Training Sessions (http://bestpractical.com/services/training.html)
>>>> *  San Francisco, CA, USA ? October 18&   19, 2011
>>>> *  Washington DC, USA ? October 31&   November 1, 2011
>>>> *  Barcelona, Spain ? November 28&   29, 2011
>>>
>>> --------
>>> RT Training Sessions (http://bestpractical.com/services/training.html)
>>> *  San Francisco, CA, USA --- October 18&   19, 2011
>>> *  Washington DC, USA --- October 31&   November 1, 2011
>>> *  Barcelona, Spain --- November 28&   29, 2011
>
>
> --------
> RT Training Sessions (http://bestpractical.com/services/training.html)
> *  San Francisco, CA, USA --- October 18&  19, 2011
> *  Washington DC, USA --- October 31&  November 1, 2011
> *  Barcelona, Spain --- November 28&  29, 2011
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20111005/f5205e63/attachment.htm>


More information about the rt-users mailing list