[rt-users] ExternalAuth problem

Kevin Falcone falcone at bestpractical.com
Fri Mar 16 20:16:08 EDT 2012


On Thu, Mar 15, 2012 at 04:24:03PM -0700, Sandra Wittenbrock wrote:
> About 6 months ago, I set up External Auth to use the ExternalAuth,
> with our ldap authentication server.  Recently, it stopped working.
> 
> I checked the syslog, and turned up the log level, but still did not
> get any useful error messages.
> 
> Mar 15 13:12:15 hpcrdticket RT: FAILED LOGIN for sandra from
> xxx.xxx.xxx.xxx
> (/usr/share/request-tracker3.8/lib/RT/Interface/Web.pm:457)
> 
> 
> The same user was able to authenticate to the ldap service via
> another application.
> 
> Using TCP dump on the RT server, I don't see any network traffic
> between the RT server and the ldap server, when I try to use ldap
> authentication.  So, it looks like RT isn't trying to communicate
> with the LDAP server.  I am able to see pings between the machines
> using tcpdump.
> 
> Does anyone know how I can get some better log messages?  Or better
> yet, have some good idea of where/why RT seems to not be enabling
> the ExteralAuth?  As I mentioned, the config was working a couple
> weeks ago.

The usual recommendation is to turn whatever Log you're using up to
debug (you can read about the Log settings in RT_Config.pm and set the
appropriate ones in RT_SiteConfig.pm)

It's also useful to tell us what versions of RT and your modules
you're using.

It also isn't clear if the login fails for all ldap users or just this
one.

You should also post a sanitized version of your
RT-Authen-ExternalAuth config.

-kevin

> Between when it was working and now, I did install mergeuser, so my
> users can use multiple email addresses to create tickets.  You think
> the two could be interfering?  I double checked the settings in
> RT_SiteConfig.pm.
> 
> Set( @Plugins, (qw(
> RT::Authen::ExternalAuth
> RT::Extension::LDAPImport
> RT::Extension::MergeUsers
> RT::Extension::CommandByMail)));
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20120316/13ab65e8/attachment.sig>


More information about the rt-users mailing list