<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
I specified the password this time.<br>
But it still does not connect to LDAP even then.<br>
<br>
<br>
On 9/29/2010 4:42 PM, Kevin Falcone wrote:
<blockquote cite="mid:20100929214207.GB4363@jibsheet.com"
type="cite">
<pre wrap="">On Wed, Sep 29, 2010 at 03:24:43PM -0500, Ashrock wrote:
</pre>
<blockquote type="cite">
<pre wrap=""> Hi,
I am trying to connect my AD to RT, to let users in AD access RT with their user names. I
tried configuring LDAP different ways, but it always returns cannot connect to LDAP, Invalid
Credentials.
[critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj : Cannot connect to 10.10.0.5:389
I assume the LDAP search was successful through this command.
LDAP Search:
ldapsearch -LLL -x -H [1]<a class="moz-txt-link-freetext" href="ldap://10.10.0.5:389">ldap://10.10.0.5:389</a> -b 'ou=IT, ou=Support, dc=mcfc, dc=local' -D
'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local' -w 'abc123!@#' '(&(ObjectClass=User)(CN= RT))'
<returned no errors>
Does that mean, the ldap search was successful?
</pre>
</blockquote>
<pre wrap="">
Your ldapsearch command specified a password, your RT config does not
-kevin
</pre>
<blockquote type="cite">
<pre wrap=""> My RT Site Config is below.
Do i have to use AutoCanonical for user to get connected to LDAP.
Where am i doing wrong. Please let me know if you may need some more files to know where am i
doing it wrong.
------------------------RT SITE CONFIG
---------------------------------------------------------------
Set($WebBaseURL,'[2]<a class="moz-txt-link-freetext" href="http://10.10.10.10:443">http://10.10.10.10:443</a>'); Set($WebPath,'');
Set($DatabaseName, 'rt3'); Set($DatabaseType, 'mysql');
Set($DatbaseUser, 'rtuser'); Set($DatabasePassword, 'pass');
Set($rtname,'Ticket'); Set($Organization,[3]<a class="moz-txt-link-rfc2396E" href="http://www.mcfc.com">"http://www.mcfc.com"</a>);
#Set(@Plugins,(qw(Extension::QuickDelete)));
#Set(@Plguins,(qw(RT::FM)));
#Set($LogtoFileNamed, "rt.log");
#Set($LogtoFile, 'debug');
Set(@Plugins,qw(RT::Authen::ExternalAuth));
Set($CorrespondAddress, '[<a class="moz-txt-link-abbreviated" href="mailto:4]rt-its@mcfc.com">4]rt-its@mcfc.com</a>');
Set($CommentAddress, '[<a class="moz-txt-link-abbreviated" href="mailto:5]rt-comment@mcfc.com">5]rt-comment@mcfc.com</a>');
@MailCommand , 'sendmail';
$SendMailArguments = "-oi -t";
$SendMailPath = "/usr/sbin/sendmail";
$SenderMustExistInExternalDatabase = undef;
#Set($MailCommand, 'sendmail');
#Set($SendMailArguments, "-bm --rt-its@mcfc.com");
#Set($SendmailPath, "/usr/sbin/exim4");
Set($NotifyActor, 1);
Set($RecordOutgoingEmail, 1);
Set($Timezone, 'US/Central');
$WebURL = $WebBaseURL . $WebPath . "/";
#Set($WebExternalAuth, 1);
#Set($WebFallbackToInternalAuth, true);
#Set($WebExternalAuto , 1);
Set ($ExternalAuthPriority, [ 'My_LDAP' ]);
Set ($ExternalInfoPriority, [ 'My_LDAP' ]);
Set ($ExternalServiceUsesSSLorTLS, 1);
Set ($AutoCreateNonExternalUsers, 1);
Set ($Autocreate, 'Privileged=>1');
Set($ExternalSettings, { 'My_LDAP' =>
{
'type' => 'ldap',
'server' => '10.10.10.10:389',
'user' => 'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local',
#'filter' => '(uid=*)',
#'filter' => '(&(ObjectCategory =
User)(ObjectClass=Person))',
'filter' => '(&(ObjectCategory = User)',
'd_filter' => '(userAccountControl=514)',
#'d_filter' =>
'(userAccountControl:1.2.840.113556.1.4.803:=2)',
'tls' => 0,
#'ssl_version' => 3,
'net_ldap_args' => [version => 3],
#'group' =>'cn= ou=Users dc=server, dc=mcfc, dc=local',
#'group_attr' => 'member',
'attr_match_list' => ['Name','Email Address'],
#'attr_map' => {'Name' => 'uid', 'EmailAddress' =>
'mail'}
'attr_map' => {
'Name' => 'sAMAaccountName',
'EmailAddress' => 'mail',
'Organization' =>
'physicalDeliveryOfficeName',
'RealName' => 'cn',
'ExternalAuthId'=> 'sAMAccountname',
'Gecos' => 'sAMAccountName',
'WorkPhone' => 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => '1',
'State' => 'st',
'Zip' =>'postalCode',
'Country' => 'co'
}
}
}
);
1;
References
Visible links
1. <a class="moz-txt-link-freetext" href="file:///Users/falcone/tmp/ldap:/10.10.0.5:389">file:///Users/falcone/tmp/ldap:/10.10.0.5:389</a>
2. <a class="moz-txt-link-freetext" href="http://10.10.10.10:443/">http://10.10.10.10:443/</a>
3. <a class="moz-txt-link-freetext" href="http://www.mcfc.com/">http://www.mcfc.com/</a>
4. <a class="moz-txt-link-freetext" href="mailto:rt-its@mcfc.com">mailto:rt-its@mcfc.com</a>
5. <a class="moz-txt-link-freetext" href="mailto:rt-comment@mcfc.com">mailto:rt-comment@mcfc.com</a>
</pre>
</blockquote>
<pre wrap="">
</pre>
<blockquote type="cite">
<pre wrap="">
RT Training in Washington DC, USA on Oct 25 & 26 2010
Last one this year -- Learn how to get the most out of RT!
</pre>
</blockquote>
<pre wrap="">
</pre>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
RT Training in Washington DC, USA on Oct 25 & 26 2010
Last one this year -- Learn how to get the most out of RT!</pre>
</blockquote>
</body>
</html>