<div dir="ltr"><div>Hello Everyone:</div><div> </div><div>I have been trying for sometime to get AD auth working correctly on my server. I've managed to get most of the way there I think but am consistently getting hung up on an error.</div>
<div> </div><div>Below is a sample of my configuration..</div><div> </div><div>--------------------------------------</div><div>Plugin("RT::Authen::ExternalAuth");</div><div>Set($ExternalAuthPriority, ['My_LDAP']);</div>
<div>Set($ExternalInfoPriority, ['My_LDAP']);</div><div>Set($ExternalServiceUsesSSLorTLS, 1);</div><div>Set($AutoCreateNonExternalUsers, 0);</div><div>Set($ExternalSettings, {<br> 'My_LDAP' => {<br>
'type' => 'ldap',<br> 'server' => 'ldaps://<a href="http://example.company.org">example.company.org</a>',<br> 'base' => 'dc=xxxxx,dc=org',<br>
'filter' => '(objectClass=*)',<br> 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',<br> 'tls' => 0,<br>
'ssl_version' => 3,<br> 'net_ldap_args' => [ version => 3 ]<br> },<br>} );</div><div>--------------------------------------</div><div> </div><div>
I am trying to do this via LDAPS using our root CAs (which I have already configured via openLDAP). Each time I attempt to authenticate I get the following error in the logs...</div><div> </div><div>[14177] [Wed Apr 2 19:10:16 2014] [debug]: UserExists params:<br>
username: MY_NTUSERNAME , service: My_LDAP (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:439)<br>[14177] [Wed Apr 2 19:10:16 2014] [error]: Can't call method "as_string" without a package or object reference at /opt/rt4/local/plugins/RT-Authen-ExternalA<br>
uth/lib/RT/Authen/ExternalAuth/LDAP.pm line 469.</div><div>Stack:<br> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:469]<br> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:505]<br>
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:255]<br> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:15]<br> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Session:1]<br>
[/opt/rt4/sbin/../lib/RT/Interface/Web.pm:309]<br> [/opt/rt4/share/html/autohandler:53] (/opt/rt4/sbin/../lib/RT/Interface/Web/Handler.pm:211)<br></div><div>I found that this line of code pertained to some debugging info and out of pure curiosity I commented this piece of code out. When I did so the logs error'd out only this time they stated the user could not be found. After seeing this I uncommented the debug line :)</div>
<div> </div><div>* I have verified that I am seeing traffic to/from the LDAP server over 636.</div><div>* I have attempted to do this via TLS and SSL with no change in result.</div><div>* I have tried adjusting my filters, but in reality they are a catch all as is.</div>
<div>* I have tried pointing to a different LDAP server, same result.</div><div> </div><div>It is unclear to me at this point what the problem is, although things seem suggestive of an LDAP query gone awry. After doing some research on my own, I am unable to determine what exactly is wrong with it. All I want at this point is to have authentication via AD.</div>
<div> </div><div>Many thanks in advance for you help!</div><div>-Jason</div></div>