[rt-users] Assistance w/ LDAP Logins

Glenn E. Sieb gsieb at efashionsolutions.com
Mon Jul 9 12:31:45 EDT 2012 

On 07/09/2012 11:54 AM, Mario DiNatale wrote:
> Think I'm close, but could use some help from some experts... I have $LogtoScreen set to 'debug', but it doesn't appear to Be giving me any additional information than it was before...
>
> Local login works fine, but the ldap logins keep getting rejected With incorrect password. Here is the relevant portion of my
> config:
> Set( $ExternalAuthPriority, ['My_LDAP'] ); Set( $ExternalInfoPriority, ['My_LDAP'] ); Set( $ExternalServiceUsesSSLorTLS, 0 ); Set( $AutoCreateNonExternalUsers, 0 ); Set( $ExternalSettings, { 'My_LDAP' =>  { 'type' =>  'ldap', 'server' =>  'dc1.XXX.local', 'rt_ldap_username' =>  'cn=rt,ou=Users,dc=XXX,dc=local', 'rt_ldap_password' =>  'ldap', 'base' =>  'dc=XXX,dc=local', 'filter' =>  '(&(ObjectCategory=User)(ObjectClass=Person))',
> 'd_filter' =>  '(userAccountControl:1.2.840.113556.1.4.803:=2)',
> 'tls' =>  0,
> # 'ssl_version' =>  3,
> 'net_ldap_args' =>  [ version =>  3 ],
> 'attr_match_list' =>  [ 'Name','EmailAddress' ], 'attr_map' =>  { 'Name' =>  'sAMAccountName', 'EmailAddress' =>  'mail', 'RealName' =>  'cn', 'ExternalAuthId' =>  'sAMAccountName', 'Gecos' =>  'sAMAccountName'
> } } }, );
>
>

Hey Mario! I have just recently set up 4.0.x with LDAP, perhaps this 
will help?

Set( $ExternalAuthPriority, ['WORK_LDAP']);
Set( $ExternalServiceUsesSSLorTLS, 0);
Set( $AutoCreateNonExternalUsers, 1);
Set( $ExternalInfoPriority,  ['WORK_LDAP']);
Set( $ExternalSettings,      {'WORK_LDAP'       =>  {
                 'type'                      =>  'ldap',
                 'server'                   =>  'dc01.work.com',
                 'port'                      => '389',
                 'user'                      => 'user at work.com',
                 'pass'                      => 'pAs5w0Rdy3a4r1g4t',
                 'base'                     =>  'dc=work,dc=com',
                 'filter'                      =>  '(objectClass=*)',
                 'd_filter'                  =>  
'(userAccountControl:1.2.840.113556.1.4.803:=2)',
                 'net_ldap_args'       => [    version =>  3  ],
                 'attr_match_list'      => [    'Name', 'EmailAddress' ],
                 'attr_map'               =>  {
                 'Name'                    => 'sAMAccountName',
                 'EmailAddress'        => 'mail',
                 'RealName'             => 'cn',
                 'ExternalAuthId'      => 'sAMAccountName',
                 'Gecos'                    => 'sAMAccountName',
                 'WorkPhone'            => 'telephoneNumber',
                 }
                                                     },
                 });

Hope this helps you out..
Best,
--Glenn

-- 
Glenn E. Sieb
System Administrator
+1 201 809-4958

eFashionSolutions
80 Enterprise Avenue South
Secaucus, NJ 07094

More information about the rt-users mailing list