[rt-users] Upgrade 3.8.1 -> 4.0.2: Login problem

Kevin Falcone falcone at bestpractical.com
Tue Oct 4 17:40:59 EDT 2011


On Wed, Oct 05, 2011 at 10:27:19AM +1300, Gino Lisignoli wrote:
> It double turns out that we do use LDAP for authentication and that
> I didn't really look hard enough.
> Added Set( @Plugins, qw(RT::Authen::ExternalAuth) );
> 
> And now I get:
> 
> [critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't
> bind: LDAP_INVALID_DN_SYNTAX 34 (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:467)
> 
> So I'm pretty sure my ldap isn't setup correctly in RT_SiteConfig.pm. *SIGH*
> Best examples to look for ldap authentication in 4.0.2?

The documentation that accompanies RT-Authen-ExternalAuth 0.09

-kevin

> On 05/10/11 09:35, Kevin Falcone wrote:
> >On Wed, Oct 05, 2011 at 08:56:57AM +1300, Gino Lisignoli wrote:
> >>Ah, Turns out our previous administrator isn't using ldap for login
> >>authentication. I've disabled it for now but it hasn't had any
> >>effect.
> >>
> >>I've reset the root password and managed to login successfully. So
> >>no issues there. Then reset my user password and logged in, no
> >>problems.
> >>
> >>Then I tried the upgrade steps again with a fresh copy of the old database
> >>
> >>#make upgrade
> >>#/opt/rt4/sbin/rt-setup-database --prompt-for-dba-password --action upgrade
> >>#etc/upgrade/vulnerable-passwords
> >>
> >>But the same problem happens when I try and login.
> >Check for any local overrides of User* and anything else in local/
> >But really, to debug this would require seeing what one of your
> >password hashes looks like and the schema of your Users table.
> >Keep in mind that the hashing scheme before 3.8.10 had weaknesses so
> >you may not wish to post a hash publicly if your RT is accessible from
> >the public internet.
> >
> >-kevin
> >
> >>On 05/10/11 08:45, Kevin Falcone wrote:
> >>>On Wed, Oct 05, 2011 at 08:18:12AM +1300, Gino Lisignoli wrote:
> >>>>    I'm now logging to /opt/rt4/log but the only error message I get (debug) is:
> >>>>
> >>>>    [Mon Oct  3 21:02:48 2011] [error]: FAILED LOGIN for [1]gino.lisignoli at foo.co.nz from
> >>>>    xx.xx.xx.xx (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:655)
> >>>>
> >>>>    I've tried commenting out our ldap authentication method but that hasn't helped.
> >>>What are you using to do ldap authentication?
> >>>You should be using the current version of RT-Authen-ExternalAuth
> >>>available on CPAN.
> >>>
> >>>>    What method can I use to set the root password for rt4 in mysql?
> >>>http://requesttracker.wikia.com/wiki/RecoverRootPassword
> >>>
> >>>-kevin
> >>>
> >>>>    On 04/10/11 03:12, Kevin Falcone wrote:
> >>>>
> >>>>  On Mon, Oct 03, 2011 at 10:29:39AM +1300, Gino Lisignoli wrote:
> >>>>
> >>>>  Hello
> >>>>
> >>>>  I'm having login problems with my upgrade from 3.8.1 to 4.0.2.
> >>>>  I have followed the installation instructions, gotten all the cpan
> >>>>  packages, configured and built 4.0.2 successfully.
> >>>>
> >>>>  Then I have run the upgrade,
> >>>>  /opt/rt4/sbin/rt-setup-database --prompt-for-dba-password --action upgrade
> >>>>  Cleared the mason cache dir
> >>>>  etc/upgrade/vulnerable-passwords
> >>>>
> >>>>  But no existing users can login. If I can manually reset the
> >>>>  passwords in the pgsql database then I'm not too worried about
> >>>>  loosing the passwords, but what encoding method do I need to use to
> >>>>  reset them with.
> >>>>
> >>>>  Could this be an ldap problem? I tried looking through the logs but
> >>>>  none are being generated in /opt/rt4/var/log
> >>>>
> >>>>  What are you using to do ldap?
> >>>>  Unless you've configured it, RT doesn't log to /opt/rt4/var/log by
> >>>>  default.
> >>>>
> >>>>  -kevin
> >>>>
> >>>>  --------
> >>>>  RT Training Sessions ([2]http://bestpractical.com/services/training.html)
> >>>>  *  San Francisco, CA, USA -- October 18&   19, 2011
> >>>>  *  Washington DC, USA -- October 31&   November 1, 2011
> >>>>  *  Melbourne VIC, Australia -- November 28&   29, 2011
> >>>>  *  Barcelona, Spain -- November 28&   29, 2011
> >>>>
> >>>>References
> >>>>
> >>>>    Visible links
> >>>>    1. mailto:gino.lisignoli at foo.co.nz
> >>>>    2. http://bestpractical.com/services/training.html
> >>>>--------
> >>>>RT Training Sessions (http://bestpractical.com/services/training.html)
> >>>>*  San Francisco, CA, USA ? October 18&   19, 2011
> >>>>*  Washington DC, USA ? October 31&   November 1, 2011
> >>>>*  Barcelona, Spain ? November 28&   29, 2011
> >>>
> >>>--------
> >>>RT Training Sessions (http://bestpractical.com/services/training.html)
> >>>*  San Francisco, CA, USA --- October 18&   19, 2011
> >>>*  Washington DC, USA --- October 31&   November 1, 2011
> >>>*  Barcelona, Spain --- November 28&   29, 2011
> >
> >
> >--------
> >RT Training Sessions (http://bestpractical.com/services/training.html)
> >*  San Francisco, CA, USA --- October 18&  19, 2011
> >*  Washington DC, USA --- October 31&  November 1, 2011
> >*  Barcelona, Spain --- November 28&  29, 2011

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20111004/9387d548/attachment.sig>


More information about the rt-users mailing list