[rt-users] Issues with RTExternalAuth

Trev trevor at onepost.net
Tue Jul 5 08:23:03 EDT 2016 

Plugin( "RT::Extension::LDAPImport" );
# Uncomment for debug
#Set($LogToSyslog, 'debug');
Set( $DatabaseRequireSSL, '' );
Set( $DatabaseType, 'mysql' );
Set( $WebDomain, 'rt.domain_name.com' );
Set( $WebPort, '80' );
Set( $rtname, 'DOMAIN_NAME' ); # or whatever you plan to name the site
## Email
Set( $CommentAddress, 'rt-comments at domain_name.com' );
Set( $CorrespondAddress, 'rt-correspondance at domain_name.com' );
## DB config
Set( $DatabaseHost, 'localhost' );
Set( $DatabaseName, 'rt4' );
Set( $DatabasePassword, 'password' );
Set( $DatabasePort, '' );
Set( $DatabaseUser, 'db_user_name' );
Set( $Organization, '' );
Set( $OwnerEmail, 'email_address at domain_name.com' );
Set( $SendmailPath, '/usr/sbin/sendmail' );
# My server is running on port 443, leaving the port 80 lines as reference


#Set(@ReferrerWhitelist, qw(rt:80 rt.domain_name.com:80));
Set(@ReferrerWhitelist, qw(rt.domain_name.com:443));
## LDAP Configurations
# LDAP Authentication
Set( @Plugins, qw(RT::Authen::ExternalAuth RT::Extension::LDAPImport));
## LDAP USER IMPORT
Set($LDAPCreatePrivileged, 1);
Set($LDAPUpdateUsers, 1);
Set($LDAPHost,'domain_name.com');
Set($LDAPUser,'domain_name\ldapreader');
Set($LDAPPassword,'your_ldapreader_password_here');
#my base OU for users, yours will probably differ
Set($LDAPBase,'ou=users,ou=services,dc=domain_name,dc=com');
Set($LDAPFilter, '(&(objectClass=person))');
Set($LDAPMapping, {
Name => 'sAMAccountName',
EmailAddress => 'mail',
Organization => 'department',
RealName => 'cn',
NickName => 'givenName',
ExternalAuthId => 'sAMAccountName',
Gecos => 'sAMAccountName',
WorkPhone => 'telephoneNumber',
MobilePhone => 'mobile',
Address1 => 'streetAddress',
City => 'l',
State => 'st',
Zip => 'postalCode',
Country => 'co'
});
## LDAP GROUP IMPORT AND MAPPINGS
Set($LDAPGroupMapping, {Name => 'cn',
Member_Attr => 'member',
Member_Attr_Value => 'dn'});
#OU/basedn location of groups
Set($LDAPGroupBase, 'ou=groups,dc=domain_name,dc=com');
# LDAP GROUP FILTERING, Below are 2 examples
#Set($LDAPGroupFilter, 'cn=Information Technology');
# 2 group import example
Set($LDAPGroupFilter, '(|(cn=Information Technology)(cn=Facilities))');
## LDAP Authentication
Set($ExternalAuthPriority, [ 'My_LDAP',
]
);
Set($ExternalInfoPriority, [ 'My_LDAP',
]
);
Set($ExternalSettings, {
'My_LDAP' => {
'type' => 'ldap',
'server' => 'ldap://domain_name.com',
'user' => 'domain_name\ldapreader',
'pass' => 'ldapreader_password',
'base' => 'ou=users,ou=services,dc=domain_name,dc=com',
'filter' => '(objectClass=person)',
'tls' => 0,
'attr_match_list' => [
'Name',
'EmailAddress',
'RealName',
],
'attr_map' => {
'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'Organization' => 'department',
'RealName' => 'cn',
'NickName' => 'givenName',
'ExternalAuthId'=> 'sAMAccountName',
'Gecos' => 'sAMAccountName',
'WorkPhone' => 'telephoneNumber',
'MobilePhone' => 'mobile',
'Address1' => 'streetAddress',
'City' => 'l',
'State' => 'st',
'Zip' => 'postalCode',
'Country' => 'co'
},
},
} );
1;
1;

On Tue, Jul 5, 2016 at 2:11 AM, Davis Johny <davis.johny at in.fcm.travel>
wrote:

> try Enable the  ExternalAuth adding below
>
>
>
> Set($ExternalAuth, 1);
>
>
> Regards,
>
> Davis
> ------------------------------
> *From:* rt-users <rt-users-bounces at lists.bestpractical.com> on behalf of
> Albert Shih <Albert.Shih at obspm.fr>
> *Sent:* Thursday, June 30, 2016 6:00:26 PM
> *To:* rt-users at lists.bestpractical.com
> *Subject:* [rt-users] Issues with RTExternalAuth
>
> Hi every one.
>
> I try to run a RT 4.4.0.
>
> The
>
>   RT::Authen::ExternalAuth
>
> don't seem to work correctly.
>
> I already check on this mailing list, and try the patch I seem. Nothing
> seem to work correctly.
>
> Here my RT_SiteConfig.pm
>
>   Set($WebExternalAuth, 1 );
>   Set($ExternalAuthPriority,  ['PLM']);
>   Set($ExternalInfoPriority,  ['PLM']);
>   Set($ExternalServiceUsesSSLorTLS,    '0');
>   Set($AutoCreateNonExternalUsers, '1');
>   Set($ExternalSettings, { 'PLM' => {   'type' =>     'ldap',
>     'server' =>     '*****',
>     'user' =>     'uid=nss,o=*****',
>     'pass' =>     '*****',
>     'base' =>     '*****',
>     'filter' =>     '(objectClass=person)',
>     'd_filter' =>     '',
>     'tls' =>     '0',
>     'ssl_version' =>     '3',
>     'net_ldap_args' =>   [ 'version => 3', ],
>     'attr_match_list' =>   [ 'Name',  'EmailAddress', ],
>     'attr_map' =>    {  'Name' => 'mail',  'EmailAddress' => 'mail',
> 'Organization' => 'ou',  'RealName' => 'displayName',  'WorkPhone' =>
> 'telephoneNumber',  'City' => 'l', },
>   }});
>
> in that case I can authenticate in local without problem. But not against
> my LDAP server.
>
> If I add a
>
>     Set($ExternalAuth, 1 );
>
> I can't authenticate at all (either local or LDAP) and I get something
> like :
>
>
> Jun 30 14:22:37 rt RT: [5913] Expected 'PeerHost' at
> /usr/local/lib/perl5/site_perl/Net/LDAP.pm line 164.  Stack:
> [/usr/local/lib/perl5/site_perl/Carp.pm:167]
> [/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:485]
> [/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:386]
> [/usr/local/lib/perl5/5.20/mach/IO/Socket.pm:49]
> [/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:353]
> [/usr/local/lib/perl5/site_perl/Net/LDAP.pm:164]
> [/usr/local/lib/perl5/site_perl/Net/LDAP.pm:122]
> [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth/LDAP.pm:646]
> [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth/LDAP.pm:510]
> [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth.pm:581]
> [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth.pm:328]
> [/usr/local/share/rt44/html/Elements/DoAuth:57]
> [/usr/local/lib/perl5/site_perl/RT/Interface/Web.pm:308]
> [/usr/local/share/rt44/html/autohandler:53]
>
> I running a RT 4.4.0 under FreeBSD.
>
> Any idea ?
>
> Regards
>
> JAS
> --
> Albert SHIH
> DIO bâtiment 15
> Observatoire de Paris
> 5 Place Jules Janssen
> 92195 Meudon Cedex
> France
> Téléphone : +33 1 45 07 76 26/+33 6 86 69 95 71
> xmpp: jas at obspm.fr
> Heure local/Local time:
> jeu 30 jui 2016 14:24:34 CEST
> ---------
> RT 4.4 and RTIR Training Sessions https://bestpractical.com/training
> * Los Angeles - September, 2016
> FCM Travel Solutions is one of the largest corporate travel management
> companies in the world. We are represented in over 90 countries with staff
> strength of over 6,500. Our work has been officially recognized at the
> esteemed World Travel Awards, earning us the title of World's Leading
> Travel Management Company for five consecutive years in 2011, 2012, 2013,
> 2014 & 2015. Visit us at www.in.fcm.travel
>
> ---------
> RT 4.4 and RTIR Training Sessions https://bestpractical.com/training
> * Los Angeles - September, 2016
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20160705/8e3cbd2a/attachment.htm>

More information about the rt-users mailing list