<div>I'm by no means an expert at this at all but I see you are using sAMAccountName which leads me to believe you are connecting to Active Directory.</div>
<div> </div>
<div>I had to use the bitmask version of the d_filter for the ldap search to filter out disabled users...</div>
<div> </div>
<div>not sure if this has anything to do with why you aren't able to login, but it's just something that stood out to me.</div>
<div> </div>
<div>My d_filter line is below</div>
<div> </div>
<div> 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',<br></div>
<div>Ken is also accurate in that you are missing a right parenthesis on your filter line. </div>
<div> </div>
<div>My filter line is below(so you can see how to use the (& <stuff> <more stuff>)</div>
<div> </div>
<div> 'filter' => '(&(objectCategory=User) (ObjectClass=Person))',<br></div>
<div>Hope that helps!</div>
<div>Mike.<br><br></div>
<div class="gmail_quote">On Thu, Dec 8, 2011 at 7:41 PM, Ryan Backman <span dir="ltr"><<a href="mailto:rbackman@georgefox.edu">rbackman@georgefox.edu</a>></span> wrote:<br>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote">
<div>I'm having a bit of trouble getting ExternalAuth to work. I've scoured the archives and the net and found many suggestions, but none have made any changes.</div>
<div><br></div>
<div>- I've setup logging to go to a seperate file, but all I get is a Login Failure message in this file when I try to login:</div>
<div><br></div>
<div>[Thu Dec 8 23:38:32 2011] [error]: FAILED LOGIN for rbackman from xx.xx.xx.xx (/usr/share/request-tracker3.8/lib/RT/Interface/Web.pm:424)</div>
<div><br></div>
<div>- I'm seeing correct values in the online configuration view inside RT indicating that ExternalAuth is loaded as a Plugin and that ExternalAuthPriority is My_LDAP.</div>
<div><br></div>
<div>- I can use the ldapsearch tool with the same variables on the same box successfully</div>
<div><br></div>
<div>Any help is much appreciated.</div>
<div><br></div>
<div>Below is my configuration:</div>
<div><br></div>
<div>Set( @Plugins, qw(RT::Authen::ExternalAuth) );</div>
<div><br></div>
<div>
<div>Set ( $ExternalAuthPriority, [ 'My_LDAP' ] );</div>
<div>Set ( $ExternalInfoPriority, [ 'My_LDAP' ] );</div>
<div><br></div>
<div>Set($ExternalServiceUsesSSLorTLS, 0);</div>
<div><br></div>
<div>Set($AutoCreateNonExternalUsers, 0);</div>
<div><br></div>
<div>Set($ExternalSettings, {</div>
<div> 'My_LDAP' => {</div>
<div> 'type' => 'ldap',</div>
<div> 'server' => '<a href="http://server.domain.edu/" target="_blank">server.domain.edu</a>',</div>
<div> 'user' => 'CN=user,OU=admin...',</div>
<div> 'pass' => 'pass',</div>
<div> 'base' => 'dc=domain,...',</div>
<div> 'filter' => '(&(objectClass=user)(memberOf=CN=Staff...)',</div>
<div> 'd_filter' => '(userAccountControl=514)',</div>
<div> 'tls' => 0,</div>
<div> 'ssl_version' => 3,</div>
<div> 'net_ldap_args' => [ version => 3 ],</div>
<div> 'group' => 'CN=All Users,...',</div>
<div> 'group_attr' => 'member',</div>
<div> 'attr_match_list' => [ 'Name',</div>
<div> 'EmailAddress'</div>
<div> ],</div>
<div> 'attr_map' => { 'Name' => 'sAMAccountName',</div>
<div> 'EmailAddress' => 'mail',</div>
<div> 'ExternalAuthId' => 'sAMAccountName',</div>
<div> 'Gecos' => 'sAMAccountName'</div>
<div> }</div>
<div> }</div>
<div> }</div>
<div>);</div>
<div><br></div>
<div>1;</div></div>
<div><br></div><br clear="all">=+=+=+=+=+=+=+=+=+<span class="HOEnZb"><font color="#888888"><br>Ryan Backman<br>Programmer / Analyst<br>George Fox University<br><a href="tel:503.554.2576" target="_blank" value="+15035542576">503.554.2576</a><br>
=+=+=+=+=+=+=+=+=+<br></font></span><br>--------<br>RT Training Sessions (<a href="http://bestpractical.com/services/training.html" target="_blank">http://bestpractical.com/services/training.html</a>)<br>* Boston — March 5 & 6, 2012<br>
</blockquote></div><br><br clear="all"><br>-- <br>Mike Johnson<br>Datatel Programmer/Analyst<br>Northern Ontario School of Medicine<br>955 Oliver Road<br>Thunder Bay, ON P7B 5E1<br>Phone: (807) 766-7331<br>Email: <a href="mailto:mike.johnson@nosm.ca">mike.johnson@nosm.ca</a><br>