<div dir="ltr">Hi Anton,<div><br></div><div>I used following block in my RT_SiteConfig :</div><div><br></div><div><p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(195,55,32)"><span style="color:rgb(0,0,0)">Set(</span><span style="color:rgb(52,187,199)">@Plugins</span><span style="color:rgb(0,0,0)">, </span>qw(RT::Authen::ExternalAuth)<span style="color:rgb(0,0,0)"> );</span></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(52,187,199)"><span style="color:rgb(0,0,0)">Set(</span>$ExternalAuthPriority<span style="color:rgb(0,0,0)">, [</span><span style="color:rgb(195,55,32)">"My_LDAP"</span><span style="color:rgb(0,0,0)">]);</span></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(52,187,199)"><span style="color:rgb(0,0,0)">Set(</span>$ExternalInfoPriority<span style="color:rgb(0,0,0)">, [</span><span style="color:rgb(195,55,32)">"My_LDAP"</span><span style="color:rgb(0,0,0)">]);</span></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(52,187,199)"><span style="color:rgb(0,0,0)">Set(</span>$AutoCreateNonExternalUsers<span style="color:rgb(0,0,0)">, </span><span style="color:rgb(195,55,32)">1</span><span style="color:rgb(0,0,0)">);</span></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo;min-height:13px"><br></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(52,187,199)"><span style="color:rgb(0,0,0)">Set(</span>$ExternalSettings<span style="color:rgb(0,0,0)">, {</span></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'My_LDAP'</span> => { <span style="color:rgb(83,48,225)">## GENERIC SECTION</span></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'type'</span> => <span style="color:rgb(195,55,32)">'ldap'</span>,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'server'</span> => <span style="color:rgb(195,55,32)">'<a href="http://vmns1.cs.sunysb.edu">vmns1.cs.sunysb.edu</a>'</span>,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(195,55,32)"><span style="color:rgb(0,0,0)"> </span>'user'<span style="color:rgb(0,0,0)"> => </span>'CN=Recruit LDAP user,OU=Service Accounts,OU=SBCS,DC=cs,DC=stonybrook,DC=edu'<span style="color:rgb(0,0,0)">,</span></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'pass'</span> => <span style="color:rgb(195,55,32)">'*******'</span>,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'base'</span> => <span style="color:rgb(195,55,32)">'ou=SBCS,dc=cs,dc=stonybrook,DC=edu'</span>,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(83,48,225)"># 'filter' => '((&(objectCategory=Users)))',</span></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">filter</span> => <span style="color:rgb(195,55,32)">'(objectClass=*)'</span>,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'d_filter'</span> => <span style="color:rgb(195,55,32)">'(userAccountControl:1.2.840.113556.1.4.803:=2)'</span>,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(83,48,225)"><span style="color:rgb(0,0,0)"> </span># 'd_filter' => '(&(objectCategory=User) (ObjectClass=Person))' ,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'tls'</span> => <span style="color:rgb(195,55,32)">1</span>,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'ssl_version'</span> => <span style="color:rgb(195,55,32)">3</span>,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'net_ldap_args'</span> => [ <span style="color:rgb(195,55,32)">version</span> => <span style="color:rgb(195,55,32)">3</span> ],</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo;color:rgb(83,48,225)"><span style="color:rgb(0,0,0)"> </span># 'group' => 'CN=Domain Users,CN=Users,DC=cs,DC=stonybrook,DC=edu',</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(83,48,225)"># 'group_attr' => 'member',</span></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'attr_match_list'</span> => [ <span style="color:rgb(195,55,32)">'Name'</span>,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'EmailAddress'</span></p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> ],</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'attr_map'</span> => { <span style="color:rgb(195,55,32)">'Name'</span> => <span style="color:rgb(195,55,32)">'sAMAccountName'</span>,</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> <span style="color:rgb(195,55,32)">'EmailAddress'</span> => <span style="color:rgb(195,55,32)">'mail'</span> }</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> }</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> }</p>
<p style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo"> );</p></div><div><br></div><div>Is anything that I'm missing ?</div><div><br></div><div>Thanks,</div><div>Bharath.</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Oct 13, 2015 at 8:04 PM, Anton Panetta <span dir="ltr"><<a href="mailto:anton.panetta@haircareaust.com" target="_blank">anton.panetta@haircareaust.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-AU" link="blue" vlink="purple">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">Whats the block you put in your RT_SiteConfig relating to external auth?<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri",sans-serif"> rt-users [mailto:<a href="mailto:rt-users-bounces@lists.bestpractical.com" target="_blank">rt-users-bounces@lists.bestpractical.com</a>]
<b>On Behalf Of </b>bharath reddy<br>
<b>Sent:</b> Wednesday, 14 October 2015 3:58 AM<br>
<b>To:</b> RT-List <<a href="mailto:rt-users@lists.bestpractical.com" target="_blank">rt-users@lists.bestpractical.com</a>><br>
<b>Subject:</b> [rt-users] Regarding External Authentication using LDAP<u></u><u></u></span></p><div><div class="h5">
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">Dear All,<u></u><u></u></p>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">I followed the link <a href="https://metacpan.org/pod/RT::Authen::ExternalAuth" target="_blank">https://metacpan.org/pod/RT::Authen::ExternalAuth</a> and made required changes and then restarted my apache server. But when I'm logging into the RT from web
it fails with : <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">"<b><span style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Your username or password is incorrect</span></b>"<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">But user exists in the LDAP.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Log file contains :<u></u><u></u></p>
<div>
<p class="MsoNormal">[22441] [Tue Oct 13 16:58:25 2015] [error]: FAILED LOGIN for <my_user_name> from 130.245.10.107 (/rt/lib//RT/Interface/Web.pm:810)<u></u><u></u></p>
</div>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">From the code(/rt/lib//RT/Interface/Web.pm) it fails at this point :<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal"> unless ( $user_obj->id && $user_obj->IsPassword( $ARGS->{pass} ) ) {<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> $RT::Logger->error("FAILED LOGIN for @{[$ARGS->{user}]} from $ENV{'REMOTE_ADDR'}");<u></u><u></u></p>
</div>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Can any one help me how to change the flow to authenticate from LDAP i.e it should check the username and password against the LDAP and not from DB.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Any help or pointers to this issue will be appreciated. <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">Thanks,<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Bharath.<u></u><u></u></p>
</div>
</div>
</div></div></div>
The information contained in this email message and any attachments may be confidential information. If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. If you have received
this email in error, please advise us immediately and delete the email and all copies. The content and opinions in non-business email are not necessarily those of Haircare Australia.
<img src="http://thinkbeforeprinting.org/struct/signature-1.gif">
</div>
</blockquote></div><br></div>