<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#ffffff" text="#000000">
    I specified the password this time.<br>
    But it still does not connect to LDAP even then.<br>
    <br>
    <br>
    On 9/29/2010 4:42 PM, Kevin Falcone wrote:
    <blockquote cite="mid:20100929214207.GB4363@jibsheet.com"
      type="cite">
      <pre wrap="">On Wed, Sep 29, 2010 at 03:24:43PM -0500, Ashrock wrote:
</pre>
      <blockquote type="cite">
        <pre wrap="">   Hi,

   I am trying to connect my AD to RT, to let users in AD access RT with their user names. I
   tried configuring LDAP different ways, but it always returns cannot connect to LDAP, Invalid
   Credentials.
   [critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj : Cannot connect to 10.10.0.5:389

   I assume the LDAP search was successful through this command.

   LDAP Search:
   ldapsearch -LLL -x -H [1]<a class="moz-txt-link-freetext" href="ldap://10.10.0.5:389">ldap://10.10.0.5:389</a> -b 'ou=IT, ou=Support, dc=mcfc, dc=local' -D
   'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local' -w 'abc123!@#' '(&(ObjectClass=User)(CN= RT))'
   <returned no errors>
   Does that mean, the ldap search was successful?
</pre>
      </blockquote>
      <pre wrap="">
Your ldapsearch command specified a password, your RT config does not

-kevin

</pre>
      <blockquote type="cite">
        <pre wrap="">   My RT Site Config is below.
   Do i have to use AutoCanonical for user to get connected to LDAP.

   Where am i doing wrong. Please let me know if you may need some more files to know where am i
   doing it wrong.

   ------------------------RT SITE CONFIG
   ---------------------------------------------------------------
   Set($WebBaseURL,'[2]<a class="moz-txt-link-freetext" href="http://10.10.10.10:443">http://10.10.10.10:443</a>'); Set($WebPath,'');
   Set($DatabaseName, 'rt3'); Set($DatabaseType, 'mysql');
   Set($DatbaseUser, 'rtuser'); Set($DatabasePassword, 'pass');
   Set($rtname,'Ticket'); Set($Organization,[3]<a class="moz-txt-link-rfc2396E" href="http://www.mcfc.com">"http://www.mcfc.com"</a>);

   #Set(@Plugins,(qw(Extension::QuickDelete)));
   #Set(@Plguins,(qw(RT::FM)));
   #Set($LogtoFileNamed, "rt.log");
   #Set($LogtoFile, 'debug');

   Set(@Plugins,qw(RT::Authen::ExternalAuth));
   Set($CorrespondAddress, '[<a class="moz-txt-link-abbreviated" href="mailto:4]rt-its@mcfc.com">4]rt-its@mcfc.com</a>');
   Set($CommentAddress, '[<a class="moz-txt-link-abbreviated" href="mailto:5]rt-comment@mcfc.com">5]rt-comment@mcfc.com</a>');

   @MailCommand , 'sendmail';
   $SendMailArguments = "-oi -t";
   $SendMailPath = "/usr/sbin/sendmail";
   $SenderMustExistInExternalDatabase = undef;

   #Set($MailCommand, 'sendmail');
   #Set($SendMailArguments, "-bm --rt-its@mcfc.com");
   #Set($SendmailPath, "/usr/sbin/exim4");

   Set($NotifyActor, 1);
   Set($RecordOutgoingEmail, 1);
   Set($Timezone, 'US/Central');

   $WebURL = $WebBaseURL . $WebPath . "/";

   #Set($WebExternalAuth, 1);
   #Set($WebFallbackToInternalAuth, true);
   #Set($WebExternalAuto , 1);

   Set ($ExternalAuthPriority, [ 'My_LDAP' ]);
   Set ($ExternalInfoPriority, [ 'My_LDAP' ]);
   Set ($ExternalServiceUsesSSLorTLS, 1);
   Set ($AutoCreateNonExternalUsers, 1);
   Set ($Autocreate, 'Privileged=>1');

   Set($ExternalSettings, { 'My_LDAP' =>
                                        {
                                         'type' => 'ldap',
                                         'server' => '10.10.10.10:389',
                                         'user' => 'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local',
                                         #'filter' => '(uid=*)',
                                        #'filter' => '(&(ObjectCategory =
   User)(ObjectClass=Person))',
                                         'filter' => '(&(ObjectCategory = User)',
                                         'd_filter' => '(userAccountControl=514)',
                                        #'d_filter' =>
   '(userAccountControl:1.2.840.113556.1.4.803:=2)',
                                         'tls' => 0,
                                        #'ssl_version' => 3,
                                         'net_ldap_args' => [version => 3],
                                        #'group' =>'cn= ou=Users dc=server, dc=mcfc, dc=local',
                                        #'group_attr' => 'member',
                                         'attr_match_list' => ['Name','Email Address'],
                                        #'attr_map' => {'Name' => 'uid', 'EmailAddress' =>
   'mail'}
                                         'attr_map' => {
                                                        'Name' => 'sAMAaccountName',
                                                        'EmailAddress' => 'mail',
                                                        'Organization' =>
   'physicalDeliveryOfficeName',
                                                        'RealName' => 'cn',
                                                        'ExternalAuthId'=> 'sAMAccountname',
                                                        'Gecos' => 'sAMAccountName',
                                                        'WorkPhone' => 'telephoneNumber',
                                                        'Address1' => 'streetAddress',
                                                        'City' => '1',
                                                        'State' => 'st',
                                                        'Zip' =>'postalCode',
                                                        'Country' => 'co'
                                                       }

                                        }
   }
   );
   1;

References

   Visible links
   1. <a class="moz-txt-link-freetext" href="file:///Users/falcone/tmp/ldap:/10.10.0.5:389">file:///Users/falcone/tmp/ldap:/10.10.0.5:389</a>
   2. <a class="moz-txt-link-freetext" href="http://10.10.10.10:443/">http://10.10.10.10:443/</a>
   3. <a class="moz-txt-link-freetext" href="http://www.mcfc.com/">http://www.mcfc.com/</a>
   4. <a class="moz-txt-link-freetext" href="mailto:rt-its@mcfc.com">mailto:rt-its@mcfc.com</a>
   5. <a class="moz-txt-link-freetext" href="mailto:rt-comment@mcfc.com">mailto:rt-comment@mcfc.com</a>
</pre>
      </blockquote>
      <pre wrap="">
</pre>
      <blockquote type="cite">
        <pre wrap="">
RT Training in Washington DC, USA on Oct 25 & 26 2010
Last one this year -- Learn how to get the most out of RT!
</pre>
      </blockquote>
      <pre wrap="">
</pre>
      <pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>

RT Training in Washington DC, USA on Oct 25 & 26 2010
Last one this year -- Learn how to get the most out of RT!</pre>
    </blockquote>
  </body>
</html>