<DIV style="font-family:Arial, sans-serif; font-size:10pt;"><FONT size="2"><SPAN style="font-family: Arial,sans-serif;">Hi everyone, I'm having problem to set the authentication to work with active directory. I'm using domain administrator user for binding the AD. This is the error from syslog<BR><BR>[critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind: LDAP_INVALID_CREDENTIALS 49 (/usr/local/lib/rt3/lib/RT/Authen/ExternalAuth/LDAP.pm:467)<BR><BR>and this is from ldapsearch tool:<BR><BR>ldapsearch -h example -b "cn=some user, ou=Users, dc=example,dc=com,dc=mk" -D "admin, dc=example=com,dc=mk" -w "password"<BR><BR>ldap_bind: Invalid credentials (49)<BR>    additional info: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece<BR><BR>it is obviously something to do with username and password. My question is do I need special user for binding the active directory? or it is some mismatch in the config. Thanks<BR><BR>This is the config from RT_SiteConfig.pm<BR><BR>Set( @Plugins, qw(RT::Authen::ExternalAuth) );<BR><BR>Set($ExternalAuthPriority,      [   'My_LDAP',  ]<BR>);<BR>Set($ExternalInfoPriority,  [  'My_LDAP' ]<BR>);<BR><BR>Set($ExternalServiceUsesSSLorTLS,    0);<BR>Set($AutoCreateNonExternalUsers,    0);<BR>Set($ExternalSettings,      {<BR><BR>                                'My_LDAP'       =>  {<BR>                                'type'                      =>  'ldap',<BR>                                'auth'                      =>  1,<BR>                                'server'                    =>  'example',<BR>                                'user'                      =>  'user',<BR>                                'pass'                    =>  'password',<BR>                                'base'                      =>  'ou=Users,Groups,DC=unibank,DC=com,DC=mk',<BR>                                'net_ldap_args'             => [    version =>  3   ],<BR>                                'ssl_version'               =>  3,<BR>                                'filter' => '(objectClass=*)',<BR>#                               'filter' => '(sAMAccountName=%u)',<BR>                                'd_filter'      => '(userAccountControl:1.2.840.113556.1.4.803:=2)',<BR>#                               'd_filter' => '(&(objectCategory=person)(objectClass=user))',<BR>                                'attr_match_list'           => [<BR>                                                                        'Name',<BR>                                                                        'EmailAddress',<BR>                                                                    'RealName',<BR>#                                                                    'WorkPhone',<BR>#                                                                    'Address2'<BR>                                                                                    ],<BR>                                'attr_map'                  =>  {   'Name' => 'sAMAccountName',<BR>                                'EmailAddress' => 'mail',<BR>                                'RealName' => 'cn',<BR>                                'Organization' => 'physicalDeliveryOfficeName',<BR>                                                                }<BR>                                                    },<BR>                                }<BR>);<BR><BR><BR></SPAN></FONT><BR> <BR><HR>---<BR>http://mail.secureroot.com/ - free mailbox for hackers and geeks</DIV>