<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#ffffff" text="#000000">
<small>Hi,<br>
<br>
I am trying to connect my AD to RT, to let users in AD access RT
with their user names. I tried configuring LDAP different ways,
but it always returns cannot connect to LDAP, Invalid Credentials.<br>
[critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj :
Cannot connect to 10.10.0.5:389 <br>
<br>
I assume the LDAP search was successful through this command.<br>
<br>
LDAP Search: <br>
ldapsearch -LLL -x -H <a class="moz-txt-link-freetext" href="ldap://10.10.0.5:389">ldap://10.10.0.5:389</a> -b 'ou=IT, ou=Support,
dc=mcfc, dc=local' -D 'cn=RT, ou=IT, ou=Support, dc=mcfc,
dc=local' -w 'abc123!@#' '(&(ObjectClass=User)(CN= RT))'<br>
<returned no errors><br>
Does that mean, the ldap search was successful?<br>
<br>
My RT Site Config is below.<br>
Do i have to use AutoCanonical for user to get connected to LDAP.<br>
<br>
Where am i doing wrong. Please let me know if you may need some
more files to know where am i doing it wrong.<br>
<br>
------------------------RT SITE CONFIG
---------------------------------------------------------------<br>
Set($WebBaseURL,'<a class="moz-txt-link-freetext" href="http://10.10.10.10:443">http://10.10.10.10:443</a>'); Set($WebPath,'');<br>
Set($DatabaseName, 'rt3'); Set($DatabaseType, 'mysql');<br>
Set($DatbaseUser, 'rtuser'); Set($DatabasePassword, 'pass');<br>
Set($rtname,'Ticket'); Set($Organization,<a class="moz-txt-link-rfc2396E" href="http://www.mcfc.com">"http://www.mcfc.com"</a>);<br>
<br>
#Set(@Plugins,(qw(Extension::QuickDelete)));<br>
#Set(@Plguins,(qw(RT::FM)));<br>
#Set($LogtoFileNamed, "rt.log");<br>
#Set($LogtoFile, 'debug');<br>
<br>
Set(@Plugins,qw(RT::Authen::ExternalAuth));<br>
Set($CorrespondAddress, '<a class="moz-txt-link-abbreviated" href="mailto:rt-its@mcfc.com">rt-its@mcfc.com</a>');<br>
Set($CommentAddress, '<a class="moz-txt-link-abbreviated" href="mailto:rt-comment@mcfc.com">rt-comment@mcfc.com</a>');<br>
<br>
@MailCommand , 'sendmail';<br>
$SendMailArguments = "-oi -t";<br>
$SendMailPath = "/usr/sbin/sendmail";<br>
$SenderMustExistInExternalDatabase = undef;<br>
<br>
#Set($MailCommand, 'sendmail');<br>
#Set($SendMailArguments, "-bm --rt-its@mcfc.com");<br>
#Set($SendmailPath, "/usr/sbin/exim4");<br>
<br>
Set($NotifyActor, 1);<br>
Set($RecordOutgoingEmail, 1);<br>
Set($Timezone, 'US/Central');<br>
<br>
$WebURL = $WebBaseURL . $WebPath . "/";<br>
<br>
#Set($WebExternalAuth, 1);<br>
#Set($WebFallbackToInternalAuth, true);<br>
#Set($WebExternalAuto , 1);<br>
<br>
Set ($ExternalAuthPriority, [ 'My_LDAP' ]);<br>
Set ($ExternalInfoPriority, [ 'My_LDAP' ]);<br>
Set ($ExternalServiceUsesSSLorTLS, 1);<br>
Set ($AutoCreateNonExternalUsers, 1);<br>
Set ($Autocreate, 'Privileged=>1');<br>
<br>
Set($ExternalSettings, { 'My_LDAP' =><br>
{<br>
'type' => 'ldap',<br>
'server' =>
'10.10.10.10:389',<br>
'user' => 'cn=RT, ou=IT,
ou=Support, dc=mcfc, dc=local',<br>
#'filter' => '(uid=*)',<br>
#'filter' =>
'(&(ObjectCategory = User)(ObjectClass=Person))',<br>
'filter' =>
'(&(ObjectCategory = User)',<br>
'd_filter' =>
'(userAccountControl=514)',<br>
#'d_filter' =>
'(userAccountControl:1.2.840.113556.1.4.803:=2)',<br>
'tls' => 0,<br>
#'ssl_version' => 3,<br>
'net_ldap_args' =>
[version => 3],<br>
#'group' =>'cn= ou=Users
dc=server, dc=mcfc, dc=local',<br>
#'group_attr' => 'member',<br>
'attr_match_list' =>
['Name','Email Address'],<br>
#'attr_map' => {'Name'
=> 'uid', 'EmailAddress' => 'mail'}<br>
'attr_map' => {<br>
'Name' =>
'sAMAaccountName',<br>
'EmailAddress' => 'mail',<br>
'Organization' => 'physicalDeliveryOfficeName',<br>
'RealName'
=> 'cn',<br>
'ExternalAuthId'=> 'sAMAccountname',<br>
'Gecos' =>
'sAMAccountName',<br>
'WorkPhone'
=> 'telephoneNumber',<br>
'Address1'
=> 'streetAddress',<br>
'City' =>
'1',<br>
'State' =>
'st',<br>
'Zip'
=>'postalCode',<br>
'Country'
=> 'co'<br>
}<br>
<br>
}<br>
}<br>
);<br>
1;</small><br>
</body>
</html>