<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 12 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Cambria;
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
p.msochpdefault, li.msochpdefault, div.msochpdefault
{mso-style-name:msochpdefault;
mso-style-priority:99;
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Times New Roman","serif";}
span.balloontextchar0
{mso-style-name:balloontextchar;
font-family:"Tahoma","sans-serif";}
span.emailstyle17
{mso-style-name:emailstyle17;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.balloontextchar00
{mso-style-name:balloontextchar0;
font-family:"Tahoma","sans-serif";}
span.emailstyle21
{mso-style-name:emailstyle21;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.emailstyle22
{mso-style-name:emailstyle22;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.emailstyle23
{mso-style-name:emailstyle23;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.emailstyle24
{mso-style-name:emailstyle24;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle28
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle29
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle30
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:"Courier New";}
span.shfunction
{mso-style-name:sh_function;}
span.shsymbol
{mso-style-name:sh_symbol;}
span.shvariable
{mso-style-name:sh_variable;}
span.shkeyword
{mso-style-name:sh_keyword;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Hi Jon,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">I did add the My_SSO_Cookie thing back, just to troubleshoot. Normally, it is not there. I removed it again, however. I removed the second (redundant) ExternalAuthPriority entry. Thanks for that catch.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Using<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Plugin( "RT::Authen::ExternalAuth" );<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Plugin( "RT::Extension::LDAPImport" );<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Doesn’t work. I need the “Set(@Plugins…” part.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<pre><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">The interesting thing is that when I do not have “Set(@Plugins, qw(RT::Extension::LDAPImport));” in my config, then I get all the errors in my log file, including the bit about the email already exists (logging is set to debug). If I do have that line in my config, all I get in my log file is “FAILED LOGIN for jjjameson from 118.128.73.X (/usr/share/request-tracker4/lib/RT/Interface/Web.pm:740)”. Even though I have the log file set to debug, I get no more output than a simple login failure.<o:p></o:p></span></pre>
<pre><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></pre>
<pre><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I tried switching uid to sAMAccountName, but that did no better. With no output in the logs, I’m at a complete loss on how to troubleshoot this. I don’t know if using the import carries over the password hash into rt’s own database, or if it checks it against the ldap/AD server. Since I can see the rest of the user information, perhaps it has to do with the password itself? I don’t know…<o:p></o:p></span></pre>
<pre><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></pre>
<pre><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Thanks again for your help.<o:p></o:p></span></pre>
<pre><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></pre>
<pre><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">-Chris<o:p></o:p></span></pre>
<pre><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></pre>
<pre><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></pre>
<pre><o:p> </o:p></pre>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com]
<b>On Behalf Of </b>Jon Witts<br>
<b>Sent:</b> Tuesday, April 08, 2014 3:53 AM<br>
<b>To:</b> rt-users@lists.bestpractical.com<br>
<b>Subject:</b> Re: [rt-users] Automatically Set "Let this user be granted rights"<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a name="_MailEndCompose"><span lang="EN-GB" style="color:#1F497D">Hi there,</span></a><span lang="EN-GB" style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">I can only see you setting the ExternalAuth plugin there not the LDAPImport plugin too.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Rather than:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set( @Plugins, qw(RT::Authen::ExternalAuth) );<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">My Plugins section looks like this:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Plugin( "RT::Authen::ExternalAuth" );<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Plugin( "RT::Extension::LDAPImport" );<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Also you are setting
</span><span style="color:#1F497D">$ExternalAuthPriority twice, and both times calling ExternalAuths which are not defined ('My_SSO_Cookie', 'My_Oracle','SecondaryLDAP','Other-DB'). I think you should only be doing as follows:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Set($ExternalAuthPriority, [ 'My_LDAP',<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"> ]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">);<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">I have my ldap bind user defined as a fully qualified ldap string rather than just a username…<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">In your LDAPImport settings try changing:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LDAPMapping, {Name => 'uid'<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">To:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Set($LDAPMapping, {Name => 'sAMAccountName',<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">And as it appears you are using Microsoft AD for your LDAP server it would probably be worth setting:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Set($LDAPSizeLimit, 1000);<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Too.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D">Jon<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D">-----------------------------------------------------<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D">Jon Witts<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D">Director of Digital Strategy<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D">Queen Margaret's School<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D">Escrick Park<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D">York YO19 6EU<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D">Telephone: 01904 727600<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D">Fax: 01904 728150<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D">Website:
</span><span lang="EN-GB"><a href="http://www.queenmargarets.com/"><span style="font-family:"Cambria","serif"">www.queenmargarets.com</span></a></span><span lang="EN-GB" style="font-family:"Cambria","serif";color:#1F497D">
<o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span lang="EN-GB" style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Chris Ditri [<a href="mailto:Cditri@experi-metal.com">mailto:Cditri@experi-metal.com</a>]
<br>
<b>Sent:</b> 07 April 2014 22:20<br>
<b>To:</b> Jon Witts; <a href="mailto:rt-users@lists.bestpractical.com">rt-users@lists.bestpractical.com</a><br>
<b>Subject:</b> RE: [rt-users] Automatically Set "Let this user be granted rights"<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Hi Jon, and thanks.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($WebDomain, 'rt.my-company.com');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LDAPHost, 'QZXW-dc.my-company.com');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LDAPUser, 'cn=rtuser,ou=utility,ou=QZXW Users,dc=my-company,dc=com');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LDAPPassword, 'MyPW1234');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LDAPBase, 'ou=QZXW Users,dc=my-company,dc=com');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LDAPFilter, '(&)');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LDAPUpdateUsers, 1);<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LDAPMapping, {Name => 'uid', # required<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> EmailAddress => 'mail',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> RealName => 'cn',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> WorkPhone => 'telephoneNumber',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> Organization => 'departmentName'});<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($ExternalAuthPriority, [ 'My_LDAP',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'My_SSO_Cookie'<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> ]<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">);<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set( @Plugins, qw(RT::Authen::ExternalAuth) );<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($ExternalInfoPriority, [ 'My_LDAP'<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> ]<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">);<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($ExternalServiceUsesSSLorTLS, 0);<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($AutoCreateNonExternalUsers, 0);<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($ExternalAuthPriority,['My_LDAP','My_Oracle','SecondaryLDAP','Other-DB']);<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($ExternalSettings, { # AN EXAMPLE DB SERVICE<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'My_LDAP' => { ## GENERIC SECTION<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # The type of service (db/ldap/cookie)<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'type' => 'ldap',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # The server hosting the service<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'server' => 'QZXW-dc.my-company.com',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> ## SERVICE-SPECIFIC SECTION<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # If you can bind to your LDAP server anonymously you should<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # remove the user and pass config lines, otherwise specify them here:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> #<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # The username RT should use to connect to the LDAP server<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'user' => 'joeadmin@my-company.com',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # The password RT should use to connect to the LDAP server<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'pass' => 'majorlycrypticpw',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> #<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # The LDAP search base<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'base' => 'ou=QZXW USERS,dc=my-company,dc=com',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> #<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # ALL FILTERS MUST BE VALID LDAP FILTERS ENCASED IN PARENTHESES!<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # YOU **MUST** SPECIFY A filter AND A d_filter!!<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> #<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # The filter to use to match RT-Users<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'filter' => '(&)', ##(I have flip-flopped between this and the one suggested in the generic config, either seems to work)<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # A catch-all example filter: '(objectClass=*)'<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> #<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # The filter that will only match disabled users<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'd_filter' => '',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # A catch-none example d_filter: '(objectClass=FooBarBaz)'<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> #<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # Should we try to use TLS to encrypt connections?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'tls' => 1,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # SSL Version to provide to Net::SSLeay *if* using SSL<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'ssl_version' => 3,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # What other args should I pass to Net::LDAP->new($host,@args)?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'net_ldap_args' => [ version => 3 ],<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # Does authentication depend on group membership? What group name?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # What is the attribute for the group object that determines membership?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # What is the attribute of the user entry that should be matched against group_attr above? (Optional; defaults to 'dn')<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> ## RT ATTRIBUTE MATCHING SECTION<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # The list of RT attributes that uniquely identify a user<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # This example shows what you *can* specify.. I recommend reducing this<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # to just the Name and EmailAddress to save encountering problems later.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'attr_match_list' => [ 'Name',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'EmailAddress',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'RealName',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'WorkPhone',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'Address2'<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> ],<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> # The mapping of RT attributes on to LDAP attributes<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'attr_map' => { 'Name' => 'sAMAccountName',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'EmailAddress' => 'mail',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'Organization' => 'physicalDeliveryOfficeName',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'RealName' => 'cn',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'ExternalAuthId' => 'sAMAccountName',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'Gecos' => 'sAMAccountName',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'WorkPhone' => 'telephoneNumber',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'Address1' => 'streetAddress',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'City' => 'l',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'State' => 'st',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'Zip' => 'postalCode',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> 'Country' => 'co'<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> }<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> },<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> }<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">);<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">1;<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">my $zone = "UTC";<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">$zone=`/bin/cat /etc/timezone`<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> if -f "/etc/timezone";<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">chomp $zone;<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($Timezone, $zone);<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($rtname, 'rt.my-company.com');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($Organization, 'RT.my-company.com');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($CorrespondAddress , 'maintenance@my-company.com');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($CommentAddress , 'maintenance@my-company.com');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($RTAddressRegexp , '^maintenance(-comment)?\@(maintenance|rt)\.(my-company\.com|rt\.my-company\.com)$');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($WebPath , "/rt");<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($WebBaseURL , "<a href="http://rt.my-company.com">http://rt.my-company.com</a>");<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LogToSyslog , 'debug');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LogToScreen , 'info');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LogToFile , 'debug'); #debug is very noisy<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LogDir, '/var/log/request-tracker4');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($LogToFileNamed , "rt.log"); #log to rt.log<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">my %typemap = (<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> mysql => 'mysql',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> pgsql => 'Pg',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> sqlite3 => 'SQLite',<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">);<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($DatabaseType, $typemap{mysql} || "UNKNOWN");<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($DatabaseHost, 'localhost');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($DatabasePort, '');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($DatabaseUser , 'rtuser');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Set($DatabasePassword , 'QZXWBuild07');<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">my $dbc_dbname = 'rtdb'; if ( "mysql" eq "sqlite3" ) { Set ($DatabaseName, '' . '/' . $dbc_dbname); } else { Set ($DatabaseName, $dbc_dbname); }<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">1;</span><span style="font-size:12.0pt;font-family:"Times New Roman","serif"">
<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:12.0pt;font-family:"Times New Roman","serif"">Spam -
<a href="http://www.smoothwall.net/">www.smoothwall.net</a><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><o:p> </o:p></span></p>
<div class="MsoNormal" align="center" style="text-align:center"><span style="font-size:12.0pt;font-family:"Times New Roman","serif"">
<hr size="2" width="100%" align="center">
</span></div>
<p class="MsoNormal"><span style="font-size:7.5pt;font-family:"Arial","sans-serif";color:gray">DISCLAIMER: This message, including all attachments and/or linked documents, is intended for the exclusive use of the individual or entity to which it is addressed
and may contain privileged, proprietary and confidential information. You are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited without permission from the author. This notice serves as a confidentiality
marking for the purpose of any confidentiality or nondisclosure agreement. If this message has been received in error, please destroy the original message and all copies without reading it and notify Experi-Metal Inc. immediately via telephone at (586) 977-7800.<br>
<br>
WARNING: This document may contain technical data whose export is restricted by the Arms Export Control Act (Title 22 U.S.C. 2751, et seq.) International Traffic in Arms Regulations (ITAR). Disclosure of any technical data to foreign persons without prior U.S.
Government authorization is strictly prohibited. Violations of these laws and regulations are subject to severe criminal penalties.<br>
<br>
Thank you very much for your cooperation.</span><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><o:p></o:p></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-GB" style="font-size:12.0pt;font-family:"Times New Roman","serif""><br>
<br>
This email has been processed by Smoothwall Anti-Spam - <a href="http://www.smoothwall.net/">
www.smoothwall.net</a><o:p></o:p></span></p>
</div>
<br>
<hr>
<font face="Arial" color="Gray" size="1">DISCLAIMER: This message, including all attachments and/or linked documents, is intended for the exclusive use of the individual or entity to which it is addressed and may contain privileged, proprietary and confidential
information. You are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited without permission from the author. This notice serves as a confidentiality marking for the purpose of any confidentiality or
nondisclosure agreement. If this message has been received in error, please destroy the original message and all copies without reading it and notify Experi-Metal Inc. immediately via telephone at (586) 977-7800.<br>
<br>
WARNING: This document may contain technical data whose export is restricted by the Arms Export Control Act (Title 22 U.S.C. 2751, et seq.) International Traffic in Arms Regulations (ITAR). Disclosure of any technical data to foreign persons without prior U.S.
Government authorization is strictly prohibited. Violations of these laws and regulations are subject to severe criminal penalties.<br>
<br>
Thank you very much for your cooperation.<br>
</font>
</body>
</html>