Hi folks, I'm trying to run rt 3.8.9 on CentOS 5.5, talking to Active Directory on a Windows Server 2003 domain controller. I followed the guide at the wiki at <a href="http://requesttracker.wikia.com/wiki/CentOS5InstallPlusSome">http://requesttracker.wikia.com/wiki/CentOS5InstallPlusSome</a> and got everything working up to the external plugin.<br clear="all">
<br><div>I consolidated the RT_SiteConfig.pm to not include the ExternalAuth pm to make it simpler for me to edit just a single file. My RT_SiteConfig.pm looks like this:</div><div><br></div><div><div><font class="Apple-style-span" face="'courier new', monospace"> ######################</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> # Custom Site Config #</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> ######################</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($rtname , "MyCo Inc.");</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set($Organization , "rt.mydomain.internal");</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($MinimumPasswordLength , "5");</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set($Timezone , 'US/Central');</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set(@Plugins, qw(</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> RT::Authen::ExternalAuth</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> ));</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($HomepageComponents, [qw(</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> QuickCreate</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Quicksearch</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> MyAdminQueues</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> MySupportQueues</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> MyReminders</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> RefreshHomepage</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Dashboards</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> )]);</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($DatabaseType , 'mysql');</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set($DatabaseHost , 'localhost');</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($DatabaseRTHost , 'localhost');</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set($DatabasePort , '');</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($DatabaseUser , 'rt_user');</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set($DatabasePassword , 'XXXXX');</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($DatabaseName , 'rt3');</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($OwnerEmail , 'root');</font></div><div>
<font class="Apple-style-span" face="'courier new', monospace"> Set($LoopsToRTOwner , 1);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($SendmailArguments , "-oi -t -f support\@rt.mydomain.internal");</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($MaxAttachmentSize , 10000000);</font></div><div>
<font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($RTAddressRegexp , '^rt\@rt.mydomain.internal$');</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set($CorrespondAddress , 'no-reply@rt.mydomain.internal');</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($CommentAddress , 'no-reply@rt.mydomain.internal');</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($UseFriendlyFromLine , 1);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($FriendlyFromLineFormat , "\"%s\" <%s>");</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set($UseFriendlyToLine , 1);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($FriendlyToLineFormat, "\"%s Ticket #%s\":;");</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($NotifyActor, 0);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($RecordOutgoingEmail, 1);</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($WebPath , "/ticket");</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set($WebPort , 80);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($WebBaseURL , "<a href="http://rt">http://rt</a>");</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set($WebURL , $WebBaseURL . $WebPath . "/");</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br>
</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($MessageBoxWidth , 72);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($MessageBoxWrap, "HARD");</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($MaxInlineBody, 13456);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($DefaultSummaryRows, 10);</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($OldestTransactionsFirst, '1');</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> Set($ShowTransactionImages, 1);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div>
<font class="Apple-style-span" face="'courier new', monospace"> Set($DateDayBeforeMonth , 0);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($AmbiguousDayInPast , 1);</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> Set($AutoCreate, {Privileged => 1});</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace">Set($ExternalAuthPriority, [ 'My_LDAP' ] );</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">Set($ExternalInfoPriority, [ 'My_LDAP' ] );</font></div><div><font class="Apple-style-span" face="'courier new', monospace">Set($ExternalServiceUsesSSLorTLS, 0);</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">Set($AutoCreateNonExternalUsers, 0);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">Set($ExternalSettings, {</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'My_LDAP' => {</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'type' => 'ldap',</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'auth' => 1,</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'info' => 1,</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'server' => 'paris.mydomain.internal',</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'user' => 'rtuser',</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'pass' => 'rtuserpassword',</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'base' => 'dc=newcospares,dc=internal',</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'filter' => '(&(ObjectCategory=User)(ObjectClass=Person))',</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br>
</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'tls' => 0,</font></div><div><font class="Apple-style-span" face="'courier new', monospace"># 'ssl_version' => 3,</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'net_ldap_args' => [ version => 3 ],</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'group' => 'cn=Domain Users,ou=Users,dc=newcospares,dc=internal',</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'group_attr' => 'member',</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'attr_match_list' => [ 'Name', 'EmailAddress' ],</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'attr_map' => { 'Name' => 'sAMAccountName',</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'EmailAddress' => 'mail',</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'Organization' => 'physicalDeliveryOfficeName',</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'RealName' => 'cn',</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'ExternalAuthId' => 'sAMAccountName',</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'Gecos' => 'sAMAccountName',</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'WorkPhone' => 'telephoneNumber',</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'Address1' => 'streetAddress',</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'City' => 'l',</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'State' => 'st',</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> 'Zip' => 'postalCode',</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> 'Country' => 'co'</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> }</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> }</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> }</font></div><div><font class="Apple-style-span" face="'courier new', monospace">);</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br>
</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br>
</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"># Steve Stuff</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br>
</font></div><div><font class="Apple-style-span" face="'courier new', monospace">Set ($LogToFileName,"rt3.error");</font></div><div><font class="Apple-style-span" face="'courier new', monospace">Set ($LogDir,'/var/tmp');</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">Set ($LogToFile,'debug');</font></div></div><div><br></div><div><br></div><div>When I restart apache and try to log in, I get the following results in the rt.log</div>
<div><br></div><div><div><font class="Apple-style-span" face="'courier new', monospace">[Wed Mar 9 22:26:09 2011] [debug]: Reloading RT::User to work around a bug in RT-3.8.0 and RT-3.8.1 (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Auth:14)</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">[Wed Mar 9 22:26:09 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">[Wed Mar 9 22:26:09 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92)</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">[Wed Mar 9 22:26:09 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Auth:26)</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">[Wed Mar 9 22:26:21 2011] [error]: FAILED LOGIN for mydomain.internal\steve from 192.168.88.45 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:555)</font></div>
</div><div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="arial, helvetica, sans-serif">I'm an old-school network guy, so I fire up wireshark on the box to see if it's even talking to my DC, and there doesn't appear to be any traffic between my rt server and the DC. What am I missing here to get this thing to attempt to authenticate? I've looked at a lot of the old mailing list info and I'm not seeing the thing that says "aha!"</font></div>
<div><font class="Apple-style-span" face="arial, helvetica, sans-serif"><br></font></div><div><font class="Apple-style-span" face="arial, helvetica, sans-serif">I'm not sure what format my username is supposed to be as well, is it "domainname\username" or just my domain username or "username@domainname"? I've tried all variations but since I don't see traffic between the servers I doubt I'm getting that far yet.</font></div>
<div><font class="Apple-style-span" face="arial, helvetica, sans-serif"><br></font></div><div><font class="Apple-style-span" face="arial, helvetica, sans-serif">Many thanks in advance!</font></div><div><font class="Apple-style-span" face="arial, helvetica, sans-serif"><br>
</font></div><div><font class="Apple-style-span" face="arial, helvetica, sans-serif">- Steve</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div>