[rt-users] ExternalAuth problems

Bryon Baker bbaker at copesan.com
Thu Aug 1 12:19:05 EDT 2013 

Brian
If you use AdsiEdit and look at the user object you are trying to use it will display the Distinguished Name needed to access the object.
Like 

Name				Class			Distinguished Name
CN=RQ Tracker			User			CN=RQ Tracker,OU=Users_Special,OU=Copesan,DC=Copesan,DC=Local

In the above case User would be
'user'                      =>  'CN=RQ Tracker,OU=Users_Special,OU=Copesan,DC=Copesan,DC=Local',
'server'                    =>  "This would be any readable Domain Controler"
Hope this helps.


Bryon Baker
Network Operations Manager
Copesan - Specialists in Pest Solutions
800-267-3726  •  262-783-6261 ext. 2296
bbaker at copesan.com
www.copesan.com
"Servicing North America with Local Care"


-----Original Message-----
From: rt-users-bounces at lists.bestpractical.com [mailto:rt-users-bounces at lists.bestpractical.com] On Behalf Of Brian Haupt
Sent: Thursday, August 01, 2013 11:06 AM
To: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] ExternalAuth problems

I have tried removing the extra '(' as recommended but with no success. I have also tried using changing
'user'                      =>  $AD_User@$InternalNetwork ', to
'user'                      =>  'cn=$Username,cn=Users,dc=internal,dc=$DomainName,dc=com',

I also tried adding 
Set($LdapServer, 'ldaps://myDomainController.xxxxxxx.com');
Set($LdapTLS, 1);
Set($LdapSSLVersion, 3);

But none of these have yielded any better results.

-----Original Message-----
From: Jeff Solberg [mailto:jsolberg at intrepidls.com] 
Sent: Thursday, August 01, 2013 11:23 AM
To: Brian Haupt; rt-users at lists.bestpractical.com
Subject: RE: [rt-users] ExternalAuth problems

Try removing the extra '(' you have in front of qw in your set at plugin declaration.

Jeff


From my Android phone on T-Mobile. The first nationwide 4G network.



-------- Original message --------
From: Brian Haupt <brian.s.haupt at ama-inc.com>
Date: 08/01/2013 7:48 AM (GMT-08:00)
To: rt-users at lists.bestpractical.com
Subject: [rt-users] ExternalAuth problems


I am setting up a new Request Tracker 4.0.16 installation on CentOS 6.4. I  am able to log into RT using the RT root password but I receive the following error when trying to login using my AD account

[Thu Aug  1 14:37:33 2013] [error]: FAILED LOGIN for $UserName from $IP_Address (/usr/local/rt/sbin/../lib/RT/Interface/Web.pm:753)

Below is the relavent part of my RT_SiteConfig


Set($WebPort, 443);
Set($WebPath, "/rt");
Set($WebDomain, '$hostname.$PublicDomain'); Set($rtname, '$hostname');

Set($ExternalSettings, {
        # AN EXAMPLE LDAP SERVICE
        'My_LDAP'       =>  {
            'type'                      =>  'ldap',

            'server'                    =>  '$DC.$InternalNetwork',
            'user'                      =>  '$AD_User@$InternalNetwork',
            'pass'                      =>  '$Password',

            'base'                      =>  'dc=$InternalNetwork',
            'filter'                    =>  '(objectClass=*)',
            'attr_map' => {
                'Name' => 'displayName',
                'EmailAddress' => 'mail',
                'RealName' => 'cn',
                'ExternalAuthId' => 'sAMAccountName',
                'Gecos' => 'sAMAccountName',
            },
        },
    });

# You must install Plugins on your own, this is only an example # of the correct syntax to use when activating them.
# There should only be one @Plugins declaration in your config file.
Set(@MailPlugins, qw(Auth::MailFrom Filter::TakeAction)); Set(@Plugins,(qw(RT::Extension::CommandByMail RT::Authen::ExternalAuth)));

1;

More information about the rt-users mailing list