<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
  </head>
  <body bgcolor="#ffffff" text="#000000">
    <small>Hi,<br>
      <br>
      I am trying to connect my AD to RT, to let users in AD access RT
      with their user names. I tried configuring LDAP different ways,
      but it always returns cannot connect to LDAP, Invalid Credentials.<br>
      [critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj :
      Cannot connect to 10.10.0.5:389 <br>
      <br>
      I assume the LDAP search was successful through this command.<br>
      <br>
      LDAP Search: <br>
      ldapsearch -LLL -x -H <a class="moz-txt-link-freetext" href="ldap://10.10.0.5:389">ldap://10.10.0.5:389</a> -b 'ou=IT, ou=Support,
      dc=mcfc, dc=local' -D 'cn=RT, ou=IT, ou=Support, dc=mcfc,
      dc=local' -w 'abc123!@#' '(&(ObjectClass=User)(CN= RT))'<br>
      <returned no errors><br>
      Does that mean, the ldap search was successful?<br>
      <br>
      My RT Site Config is below.<br>
      Do i have to use AutoCanonical for user to get connected to LDAP.<br>
      <br>
      Where am i doing wrong. Please let me know if you may need some
      more files to know where am i doing it wrong.<br>
       <br>
      ------------------------RT SITE CONFIG
      ---------------------------------------------------------------<br>
      Set($WebBaseURL,'<a class="moz-txt-link-freetext" href="http://10.10.10.10:443">http://10.10.10.10:443</a>'); Set($WebPath,'');<br>
      Set($DatabaseName, 'rt3'); Set($DatabaseType, 'mysql');<br>
      Set($DatbaseUser, 'rtuser'); Set($DatabasePassword, 'pass');<br>
      Set($rtname,'Ticket'); Set($Organization,<a class="moz-txt-link-rfc2396E" href="http://www.mcfc.com">"http://www.mcfc.com"</a>);<br>
      <br>
      #Set(@Plugins,(qw(Extension::QuickDelete)));<br>
      #Set(@Plguins,(qw(RT::FM)));<br>
      #Set($LogtoFileNamed, "rt.log");<br>
      #Set($LogtoFile, 'debug');<br>
      <br>
      Set(@Plugins,qw(RT::Authen::ExternalAuth));<br>
      Set($CorrespondAddress, '<a class="moz-txt-link-abbreviated" href="mailto:rt-its@mcfc.com">rt-its@mcfc.com</a>');<br>
      Set($CommentAddress, '<a class="moz-txt-link-abbreviated" href="mailto:rt-comment@mcfc.com">rt-comment@mcfc.com</a>');<br>
      <br>
      @MailCommand , 'sendmail';<br>
      $SendMailArguments = "-oi -t";<br>
      $SendMailPath = "/usr/sbin/sendmail";<br>
      $SenderMustExistInExternalDatabase = undef;<br>
      <br>
      #Set($MailCommand, 'sendmail');<br>
      #Set($SendMailArguments, "-bm --rt-its@mcfc.com");<br>
      #Set($SendmailPath, "/usr/sbin/exim4");<br>
      <br>
      Set($NotifyActor, 1);<br>
      Set($RecordOutgoingEmail, 1);<br>
      Set($Timezone, 'US/Central');<br>
      <br>
      $WebURL = $WebBaseURL . $WebPath . "/";<br>
      <br>
      #Set($WebExternalAuth, 1);<br>
      #Set($WebFallbackToInternalAuth, true);<br>
      #Set($WebExternalAuto , 1);<br>
      <br>
      Set ($ExternalAuthPriority, [ 'My_LDAP' ]);<br>
      Set ($ExternalInfoPriority, [ 'My_LDAP' ]);<br>
      Set ($ExternalServiceUsesSSLorTLS, 1);<br>
      Set ($AutoCreateNonExternalUsers, 1);<br>
      Set ($Autocreate, 'Privileged=>1');<br>
      <br>
      Set($ExternalSettings, { 'My_LDAP' =><br>
                                           {<br>
                                            'type' => 'ldap',<br>
                                            'server' =>
      '10.10.10.10:389',<br>
                                            'user' => 'cn=RT, ou=IT,
      ou=Support, dc=mcfc, dc=local',<br>
                                            #'filter' => '(uid=*)',<br>
                                           #'filter' =>
      '(&(ObjectCategory = User)(ObjectClass=Person))',<br>
                                            'filter' =>
      '(&(ObjectCategory = User)',<br>
                                            'd_filter' =>
      '(userAccountControl=514)',<br>
                                           #'d_filter' =>
      '(userAccountControl:1.2.840.113556.1.4.803:=2)',<br>
                                            'tls' => 0,<br>
                                           #'ssl_version' => 3,<br>
                                            'net_ldap_args' =>
      [version => 3],<br>
                                           #'group' =>'cn= ou=Users
      dc=server, dc=mcfc, dc=local',<br>
                                           #'group_attr' => 'member',<br>
                                            'attr_match_list' =>
      ['Name','Email Address'],<br>
                                           #'attr_map' => {'Name'
      => 'uid', 'EmailAddress' => 'mail'}<br>
                                            'attr_map' => {<br>
                                                           'Name' =>
      'sAMAaccountName',<br>
                                                          
      'EmailAddress' => 'mail',<br>
                                                          
      'Organization' => 'physicalDeliveryOfficeName',<br>
                                                           'RealName'
      => 'cn',<br>
                                                          
      'ExternalAuthId'=> 'sAMAccountname',<br>
                                                           'Gecos' =>
      'sAMAccountName',<br>
                                                           'WorkPhone'
      => 'telephoneNumber',<br>
                                                           'Address1'
      => 'streetAddress',<br>
                                                           'City' =>
      '1',<br>
                                                           'State' =>
      'st',<br>
                                                           'Zip'
      =>'postalCode',<br>
                                                           'Country'
      => 'co'<br>
                                                          }<br>
      <br>
                                           }<br>
      }<br>
      );<br>
      1;</small><br>
  </body>
</html>