<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"><meta name="Generator" content="Microsoft Word 12 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style></head><body lang="EN-US" link="blue" vlink="purple"><div class="WordSection1"><p class="MsoNormal">Good Afternoon,</p><p class="MsoNormal"> </p><p class="MsoNormal">I seem to be hitting my head against a problem I am having after updating to 4.0.1. I have both LDAPImport and ExternalAuth::LDAP installed. It seems that I can’t import users who have blanks in some of the fields during the import, however name and email address are not blank, so the required fields should be filled in. There are no errors when run /usr/local/share/request-tracker4/plugins/RT-Extension-LDAPImport/bin/rtldapimport --debug but when I run /usr/local/share/request-tracker4/plugins/RT-Extension-LDAPImport/bin/rtldapimport --debug --import causes the below error. Further down is the RT_SiteConfig.pm sections. </p>
<p class="MsoNormal"> </p><p class="MsoNormal">I have tried looking this error up, and I am able to run the query, (&(&(ObjectCategory=User)(ObjectClass=Person)(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))(mail=<a href="mailto:aprilr@yelp.com">aprilr@yelp.com</a>)), in the error message w/o problems. Most other things I have found on the internet have to do with not being able to connect to LDAP or info not being in it.</p>
<p class="MsoNormal"> </p><p class="MsoNormal">Any help would be hugely appreciated. Thanks!</p><p class="MsoNormal"> </p><p class="MsoNormal">April</p><p class="MsoNormal"> </p><p class="MsoNormal">[Tue Oct 18 23:07:48 2011] [critical]: RT::Authen::ExternalAuth::LDAP::CanonicalizeUserInfo : Search for (&(&(ObjectCategory=User)(ObjectClass=Person)(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))(mail=<a href="mailto:aprilr@yelp.com">aprilr@yelp.com</a>)) failed: LDAP_OPERATIONS_ERROR 1 (/usr/local/share/request-tracker4/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:210)</p>
<p class="MsoNormal">[Tue Oct 18 23:07:48 2011] [info]: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Address1: , City: , Country: , Disabled: 0, EmailAddress: <a href="mailto:aprilr@yelp.com">aprilr@yelp.com</a>, ExternalAuthId: aprilr, Gecos: aprilr, Name: aprilr, Organization: , Privileged: 0, RealName: April Rosenberg, State: , WorkPhone: , Zip: (/usr/local/share/request-tracker4/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536)</p>
<p class="MsoNormal">[Tue Oct 18 23:07:48 2011] [error]: couldn't create user_obj for aprilr: Could not set user info (/usr/local/share/request-tracker4/plugins/RT-Extension-LDAPImport/lib/RT/Extension/LDAPImport.pm:866)</p>
<p class="MsoNormal">couldn't create user_obj for aprilr: Could not set user info</p><p class="MsoNormal"> </p><p class="MsoNormal">RT_SiteConfig.pm</p><p class="MsoNormal"> </p><p class="MsoNormal">Set($LDAPHost,'XXXXXX');</p>
<p class="MsoNormal">Set($LDAPUser, 'XXXXXX');</p><p class="MsoNormal">Set($LDAPPassword, 'XXXXXX');</p><p class="MsoNormal">Set($LDAPBase, 'XXXXXX');</p><p class="MsoNormal"> </p><p class="MsoNormal">
Set($LDAPFilter, '(&(ObjectCategory=User)(ObjectClass=Person)(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))');</p><p class="MsoNormal">Set($LDAPDisabledFilter, '(&(ObjectCategory=User)(ObjectClass=Person)(userAccountControl:1.2.840.113556.1.4.803:=2))');</p>
<p class="MsoNormal"> </p><p class="MsoNormal">#Attribute in RT => Attribute in LDAP</p><p class="MsoNormal">#(this has changed since version 1, which was the other way around)</p><p class="MsoNormal">Set($LDAPMapping, {Name => 'sAMAccountName',</p>
<p class="MsoNormal"> EmailAddress => 'mail',</p><p class="MsoNormal"> Organization => 'department',</p><p class="MsoNormal"> RealName => 'cn',</p>
<p class="MsoNormal"> ExternalAuthId => 'sAMAccountName',</p><p class="MsoNormal"> Gecos => 'sAMAccountName',</p><p class="MsoNormal"> WorkPhone => 'telephoneNumber',</p>
<p class="MsoNormal"> Address1 => 'physicalDeliveryOfficeName',</p><p class="MsoNormal"> City => 'l',</p><p class="MsoNormal"> State => 'st',</p>
<p class="MsoNormal"> Zip => 'postalCode',</p><p class="MsoNormal"> Country => 'co'</p><p class="MsoNormal"> });</p><p class="MsoNormal"> </p><p class="MsoNormal">
Set($LDAPSkipAutogeneratedGroup, 1);</p><p class="MsoNormal"> </p><p class="MsoNormal">Set($LDAPUpdateUsers,1);</p><p class="MsoNormal"> </p><p class="MsoNormal">Set($ExternalSettings, { # LDAP SERVICE</p><p class="MsoNormal">
'My_LDAP' => {</p><p class="MsoNormal"> 'type' => 'ldap',</p><p class="MsoNormal"> 'server' => $LDAPHost,</p>
<p class="MsoNormal"> 'user' => $LDAPUser,</p><p class="MsoNormal"> 'pass' => $LDAPPass,</p><p class="MsoNormal">
'base' => $LDAPBase,</p><p class="MsoNormal"> # ALL FILTERS MUST BE VALID LDAP FILTERS ENCASED IN PARENTHESES!</p><p class="MsoNormal"> # YOU **MUST** SPECIFY A filter AND A d_filter!!</p>
<p class="MsoNormal"> #</p><p class="MsoNormal"> # The filter to use to match RT-Users</p><p class="MsoNormal"> 'filter' => $LDAPFilter,</p>
<p class="MsoNormal"> #</p><p class="MsoNormal"> # The filter that will only match disabled users</p><p class="MsoNormal"> 'd_filter' => $LDAPDisabledFilter,</p>
<p class="MsoNormal"> #</p><p class="MsoNormal"> 'tls' => 0,</p><p class="MsoNormal"> 'ssl_version' => 3,</p>
<p class="MsoNormal"> 'net_ldap_args' => [ version => 3 ],</p><p class="MsoNormal"> # Does authentication depend on group membership? What group name?</p>
<p class="MsoNormal"> #'group' => 'cn=Domain Users,cn=Users,dc=example,dc=com',</p><p class="MsoNormal"> # What is the attribute for the group object that determines membership?</p>
<p class="MsoNormal"> #'group_attr' => 'member',</p><p class="MsoNormal"> ## RT ATTRIBUTE MATCHING SECTION</p><p class="MsoNormal"> # The list of RT attributes that uniquely identify a user</p>
<p class="MsoNormal"> # This example shows what you *can* specify.. I recommend reducing this</p><p class="MsoNormal"> # to just the Name and EmailAddress to save encountering problems later.</p>
<p class="MsoNormal"> 'attr_match_list' => [ 'EmailAddress' ],</p><p class="MsoNormal"> # The mapping of RT attributes on to LDAP attributes</p><p class="MsoNormal">
'attr_map' => { 'Name' => 'sAMAccountName',</p><p class="MsoNormal"> 'EmailAddress' => 'mail',</p>
<p class="MsoNormal"> 'Organization' => 'department',</p><p class="MsoNormal"> 'RealName' => 'cn',</p>
<p class="MsoNormal"> 'ExternalAuthId' => 'sAMAccountName',</p><p class="MsoNormal"> 'Gecos' => 'sAMAccountName',</p>
<p class="MsoNormal"> 'WorkPhone' => 'telephoneNumber',</p><p class="MsoNormal"> 'Address1' => 'physicalDeliveryOfficeName',</p>
<p class="MsoNormal"> 'City' => 'l',</p><p class="MsoNormal"> 'State' => 'st',</p>
<p class="MsoNormal"> 'Zip' => 'postalCode',</p><p class="MsoNormal"> }</p><p class="MsoNormal">
}</p><p class="MsoNormal">});</p></div></body></html>