<br><font size=2 face="sans-serif">All:</font>
<br>
<br><font size=2 face="sans-serif">While my users authenticate and a very
basic account is created on RT, apparently the full account creation fails.
I've attached the final relevant bits from my logging.</font>
<br>
<br><font size=2 face="sans-serif">You can see that the user (myuser) is
successfully logged in and authenticated against my Active Directory server
at domain.com. But the population of info into the account fails.
Apparently the account information is not being read from the AD
server.</font>
<br>
<br><font size=2 face="sans-serif">I've used the Mosemann LDAP contribution
with a more AD-friendly modified RT_SiteConfig.pm. I've also tried
using the Automatic Account Creation via LDAP (http://wiki.bestpractical.com/index.cgi?AutoCreateFromExternalUserInfo).</font>
<br>
<br><font size=2 face="sans-serif">Any ideas? I suspect that nobody
is really doing a full account dump from an AD server into RT. I'm
a medium-weight PERL hacker, but not at the level of attacking RT code
unguided.</font>
<br>
<br><font size=2 face="sans-serif">Logging:</font>
<br>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:35 2006] [warning]:
DBD::mysql::st execute failed: You have an error in your SQL syntax. Check
the manual that corresponds to your MySQL server version for the right
syntax to use near 'user paramater, LastUpdated) VALUES ('Autocreated with
LDAP Dat at /usr/share/perl5/DBIx/SearchBuilder/Handle.pm line 480.</font>
<br><font size=2 face="sans-serif"> (/usr/share/request-tracker3.4/lib/RT.pm:277)</font>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:35 2006] [warning]:
RT::Handle=HASH(0x99adbdc) couldn't execute the query 'INSERT INTO Users
(Comments, RealName, EmailAddress, Creator, LastUpdatedBy, Password, Created,
id, Name, RT user paramater, LastUpdated) VALUES (?, ?, ?, ?, ?, ?, ?,
?, ?, ?, ?)' at /usr/share/perl5/DBIx/SearchBuilder/Handle.pm line 494.</font>
<br><font size=2 face="sans-serif"> (/usr/share/request-tracker3.4/lib/RT.pm:277)</font>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:35 2006] [error]:
Could not create a new user - (/usr/share/request-tracker3.4/lib/RT/User_Overlay.pm:267)</font>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:36 2006] [debug]:
About to think about scrips for transaction #30 (/usr/share/request-tracker3.4/lib/RT/Transaction_Overlay.pm:154)</font>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:36 2006] [debug]:
About to think about scrips for transaction #31 (/usr/share/request-tracker3.4/lib/RT/Transaction_Overlay.pm:154)</font>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:36 2006] [info]: Using
LDAP External Authentication</font>
<br><font size=2 face="sans-serif"> (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:101)</font>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:36 2006] [debug]:
LDAPAuth: First search filter '(&(sAMAccountName=<myuser>)(objectclass=user))'</font>
<br><font size=2 face="sans-serif"> (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:136)</font>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:36 2006] [debug]:
LDAPAuth: First search produced 1 results</font>
<br><font size=2 face="sans-serif"> (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:146)</font>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:36 2006] [debug]:
LDAP DN: CN=<myuser>,CN=Users,DC=<domain>,DC=com</font>
<br><font size=2 face="sans-serif"> (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:154)</font>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:36 2006] [debug]:
AUTH OK: <myuser> - LDAP (CN=<myuser>,CN=Users,DC=<domain>,DC=com)</font>
<br><font size=2 face="sans-serif"> (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:162)</font>
<br><font size=2 face="sans-serif">[Wed Apr 19 00:09:36 2006] [info]: Successful
login for <myuser> from 111.222.333.444 (/usr/local/share/request-tracker3.4/html/autohandler:153)</font>
<br>
<br><font size=2 face="sans-serif">Here's my RT_SiteConfig relevant parts:</font>
<br>
<br><font size=2 face="sans-serif">$LdapBase="cn=Users,dc=<domain>,dc=com";
# search base</font>
<br><font size=2 face="sans-serif">$LdapUidAttr="sAMAccountName";
# attribute
for RT account name</font>
<br><font size=2 face="sans-serif">$LdapNameAttr="cn";
# attribute for RT user name</font>
<br><font size=2 face="sans-serif">$LdapMailAttr="mail";
# attribute for RT email addy</font>
<br><font size=2 face="sans-serif">$LdapFilter="(objectclass=user)";
# filter LDAP entries
(e.g., only people)</font>
<br><font size=2 face="sans-serif">$LdapMailBase="cn=Users,cn=<domain>,cn=com";
# set email entries </font>
<br><font size=2 face="sans-serif">$LdapMailFilter="(objectclass=user)";
# filter LDAP entries (e.g., only people)</font>
<br><font size=2 face="sans-serif">$LdapMailScope="sub";
# </font>
<br><font size=2 face="sans-serif">$LdapMap = {
#
map LDAP attributes to RT3</font>
<br><font size=2 face="sans-serif"> 'RT user paramater'
=> 'LDAP entry',</font>
<br><font size=2 face="sans-serif"> 'Name'
=> $RT::LdapUidAttr,</font>
<br><font size=2 face="sans-serif"> 'EmailAddress'
=> 'mail',</font>
<br><font size=2 face="sans-serif"> 'RealName'
=> 'cn',</font>
<br><font size=2 face="sans-serif">};</font>
<br>
<br><font size=2 face="sans-serif"><br>
--<br>
Eric N. Valor<br>
Sr. Systems Administrator<br>
DaimlerChrysler Research & Technology North America, Inc.<br>
eric.valor@daimlerchrysler.com<br>
1510 Page Mill Road, Palo Alto, CA 94304<br>
CIMS 931-00-00<br>
650-845-2536<br>
<br>
: This Space Intentionally Left Blank :</font>