[rt-users] RT::Authen::ExternalAuth with AD...

Glenn Sieb ges at wingfoot.org
Thu Apr 19 14:48:34 EDT 2012 

Greetings.. :)

I'm at $work, trying to set up AD authentication for RT 4.0.5.

I'm getting the following error:

[Thu Apr 19 18:38:57 2012] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/data/IH-Websites/rt/sbin/../local/lib/RT/Authen/ExternalAuth/LDAP.pm:492)
[Thu Apr 19 18:38:57 2012] [error]: FAILED LOGIN for gsieb from 10.200.4.5
(/data/IH-Websites/rt/sbin/../lib/RT/Interface/Web.pm:665)

We created a user to authenticate to AD for RT to use (RT_AD_USER).

The goal is to be able to log in as USERNAME (as opposed to
USERNAME at intranet.local).

Any help would be greatly appreciated. I have to have this live by EOB
today.. (yay for last minute projects)!

Thanks in advance, everyone. My RT_SiteConfig.pm follows...

Best,
--Glenn


RT_SiteConfig.pm:

Set( $rtname, '$WORK.TLD');
Set( $Organization , '$WORK.TLD');
Set( $UseTransactionBatch , 1);
@EmailInputEncodings = qw(utf-8 big5 us-ascii);
Set( $WebBaseURL, 'https://helpdesk.$WORK.TLD');
Set( $WebDomain, 'helpdesk.$WORK.TLD');
Set( $CompanySpecific , '$WORK');
Set( $DatabaseUser , 'rt_user');
Set( $DatabasePassword , 'rt_user_password');
Set( $NotifyActor , 0);
Set( $WebPath , "");
Set( $WebURL , $WebBaseURL . $WebPath . "/");
Set( $WebImagesURL , $WebPath . "/NoAuth/images/");
Set( $CorrespondAddress , 'help@$WORK.TLD');
Set( $CommentAddress , 'help-comment@$WORK.TLD');
Set( $SendmailPath , "/usr/local/sbin/sendmail");
Set( $Timezone , 'US/Eastern');
Set( $ParseNewMessageForTicketCcs, 1);
Set( $RTAddressRegexp , '^(help|help-comment)+\@$WORK\.TLD$');
Set( $LogToSyslog, "info");
Set( @Plugins, qw(RT::Authen::ExternalAuth) );
Set( $ExternalAuthPriority, ['eFS_LDAP']);
Set( $ExternalServiceUsesSSLorTLS, 0);
Set( $AutoCreateNonExternalUsers, 0);
Set( $ExternalInfoPriority,  ['eFS_LDAP']);
Set( $ExternalSettings,      {'eFS_LDAP'       =>  {
				'type'                      =>  'ldap',
				'server'                    =>  'DC01.intranet.local',
				'user' => 'RT_AD_USER',
				'pass' => 'RT_AD_USER_PASS',
				'base'                  =>  'dc=intranet,dc=local',
				'filter'                    =>  '(objectClass=*)',
				'd_filter'                  =>  '(objectclass=pwdPolicy)',
				'tls'                       =>  0,
				'ssl_version'               =>  3,
				'net_ldap_args'             => [    version =>  3  ],
				'attr_match_list'           => [    'Name', 'EmailAddress' ],
				'attr_map'                  =>  {
				'Name' => 'sAMAccountName',
				'EmailAddress' => 'mail',
				'ExternalAuthId' => 'sAMAccountName',
				'Gecos' => 'sAMAccountName',
				}
                                                    },
				});


1;

More information about the rt-users mailing list