<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";
mso-fareast-language:EN-US;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-GB" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Hello,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I’ve been staring at this for hours now and I’m not getting anywhere.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">CentOS 5.9, RT 4.0.10, RT-Authen-ExternalAuth 0.13<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">RT is installed and I can connect to it from a browser, can login as root, trying to login as a domain user and it’s saying my password is wrong.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I’ve got logging enabled (best as I can find out how to…), but I can’t see any LDAP messages, just failed logins.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">RT_SiteConfig.pm:<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># Any configuration directives you include here will override<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># RT's default configuration file, RT_Config.pm<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">#<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># To include a directive here, just copy the equivalent statement<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># from RT_Config.pm and change the value. We've included a single<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># sample value below.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">#<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># This file is actually a perl module, so you can include valid<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># perl code, as well.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">#<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># The converse is also true, if this file isn't valid perl, you're<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># going to run into trouble. To check your SiteConfig file, use<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># this comamnd:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">#<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># perl -c /path/to/your/etc/RT_SiteConfig.pm<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">#<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># You must restart your webserver after making changes to this file.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># You must install Plugins on your own, this is only an example<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># of the correct syntax to use when activating them.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"># There should only be one @Plugins declaration in your config file.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">#Set(@Plugins,(qw(RT::Extension::QuickDelete RT::Extension::CommandByMail RT::Authen::ExternalAuth)));<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set($LogToFile, 'debug');<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set($LogDir, '/var/log/rt');<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $CommentAddress, 'rt-comment@domain.com' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $CorrespondAddress, 'rt-correspond@domain.com' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $DatabaseHost, 'localhost' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $DatabaseName, 'rt4' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $DatabasePassword, 'password' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $DatabasePort, '' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $DatabaseRequireSSL, '' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $DatabaseType, 'mysql' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $DatabaseUser, 'rt_user' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $Organization, 'domain.com' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $OwnerEmail, 'it-support@domain.com' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $SendmailPath, '/usr/sbin/sendmail' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $WebDomain, '10.x.x.x' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $WebPort, '80' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set( $rtname, 'domain.com' );<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">#ExtAuth:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set($ExternalAuthPriority, [ 'My_LDAP'<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> ]<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">);<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set($ExternalInfoPriority, [ 'My_LDAP'<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> ]<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">);<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set($ExternalServiceUsesSSLorTLS, 0);<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set($AutoCreateNonExternalUsers, 1);<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">Set($ExternalSettings, { # AN EXAMPLE LDAP SERVICE<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'My_LDAP' => { ## GENERIC SECTION<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # The type of service (db/ldap/cookie)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'type' => 'ldap',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # The server hosting the service<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'server' => 'ad01.domain.local',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> ## SERVICE-SPECIFIC SECTION<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # If you can bind to your LDAP server anonymously you should<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # remove the user and pass config lines, otherwise specify them here:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> #<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # The username RT should use to connect to the LDAP server<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'user' => 'ad-rt-user',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # The password RT should use to connect to the LDAP server<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'pass' => 'password',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> #<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # The LDAP search base<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'base' => 'ou=OrgUnit,dc=domain,dc=local',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> #<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # ALL FILTERS MUST BE VALID LDAP FILTERS ENCASED IN PARENTHESES!<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # YOU **MUST** SPECIFY A filter AND A d_filter!!<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> #<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # The filter to use to match RT-Users<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'filter' => '(sAMAccountType=805306368)',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # A catch-all example filter: '(objectClass=*)'<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> #<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # The filter that will only match disabled users<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'd_filter' => '(&(sAMAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=2))',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # A catch-none example d_filter: '(objectClass=FooBarBaz)'<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> #<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # Should we try to use TLS to encrypt connections?<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'tls' => 0,<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # SSL Version to provide to Net::SSLeay *if* using SSL<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'ssl_version' => 3,<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # What other args should I pass to Net::LDAP->new($host,@args)?<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'net_ldap_args' => [ version => 3 ],<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # Does authentication depend on group membership? What group name?<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'group' => 'RTusers',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # What is the scope of the group search? (base, one, sub)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # Optional; defaults to 'base', which is good enough for most cases. 'sub' is appropriate when you have nested
groups<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'group_scope' => 'base',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # What is the attribute for the group object that determines membership?<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'group_attr' => 'member',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # What is the attribute of the user entry that should be matched against group_attr above? (Optional; defaults
to 'dn')<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> #'group_attr_value' => 'GROUP_ATTR_VALUE',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> ## RT ATTRIBUTE MATCHING SECTION<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # The list of RT attributes that uniquely identify a user<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # This example shows what you *can* specify.. I recommend reducing this<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # to just the Name and EmailAddress to save encountering problems later.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'attr_match_list' => [ 'Name',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'EmailAddress',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'RealName'<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> ],<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> # The mapping of RT attributes on to LDAP attributes<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'attr_map' => { 'Name' => 'sAMAccountName',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'EmailAddress' => 'mail',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'RealName' => 'cn',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'ExternalAuthId' => 'sAMAccountName',<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> 'Gecos' => 'sAMAccountName'<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> }<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> },<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"> }<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">);<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:36.0pt"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB">1;<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal">Can someone please point me in the right direction, whether it’s more detailed documentation on how to configure AD authentication, or hints as to where I may be going wrong?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Many thanks in advance,<span style="font-size:9.0pt;font-family:"Courier New";mso-fareast-language:EN-GB"><o:p></o:p></span></p>
</div>
</body>
</html>