<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body wsmode="compose" bgcolor="#FFFFFF" text="#000000">
Hi all,
<p>we have RT 4.4.0 on CentOS 7 and Perl v5.22.1. And we are
starting to use RT in production.<br>
</p>
<p>We configured RT to authenticate users via LDAP
(RT::Authen::ExternalAuth::LDAP). Our LDAP server is MS AD (Win
2008 R2).</p>
<p>Our config of LDAP ExternalAuth in RT:</p>
<p>Set($ExternalSettings, {<br>
'My_LDAP' => {<br>
'type' => 'ldap',<br>
'server' => '<a
class="moz-txt-link-freetext" href="ldaps://ADserver:636">ldaps://ADserver:636</a>',<br>
'user' => 'ldap-user',<br>
'pass' => 'password',<br>
'base' => 'dc=domain,dc=com',<br>
'filter' => '(objectClass=person)',<br>
'd_filter' =>
'(userAccountControl:1.2.840.113556.1.4.803:=2)',<br>
'tls' => { verify =>
"require", capath => "/etc/openldap/certs/cacert.pem" },<br>
'net_ldap_args' => [ version => 3, debug
=> 8 ],<br>
'attr_match_list' => [<br>
'Name',<br>
'EmailAddress',<br>
],<br>
'attr_map' => {<br>
'Name' => 'sAMAccountName',<br>
'EmailAddress' => 'mail',<br>
'RealName' => 'displayName',<br>
'WorkPhone' => 'telephoneNumber',<br>
},<br>
},<br>
} );</p>
<p>Authentication is working fine. Users can log in, if the user
doesn't exist in RT the account is autocreated. All the configured
attributes are transferred.<br>
But we have problem with encoding of RealName which is mapped from
displayName attribute in MS AD.<br>
For Example:<br>
displayName in MS AD: Matouš Novák<br>
is loaded and saved in RT Real Name as:<br>
RealName: Matouš Novák</p>
<p>Log file:<br>
</p>
<p>[6937] [Tue Sep 27 15:59:25 2016] [info]:
RT::User::CanonicalizeUserInfoFromExternalAuth returning Disabled:
, EmailAddress: <a class="moz-txt-link-abbreviated"
href="mailto:novak@domain.com">novak@domain.com</a>, Gecos:
novak, Name: novak, Privileged: 1, RealName: Matouš Novák,
WorkPhone: (/opt/rt4/sbin/../lib/RT/User.pm:811)</p>
<p>We had similar problem with Moodle. When we configured Moodle
against Active Directory and set cp1250 encoding, then it was
doing exactly same thing. After we changed encoding for LDAP
connector to utf-8 then the names was<br>
corrected.<br>
<br>
If you know how we can specify encoding in LDAP configuration that
will be great. I didn't find any description about encoding option
in LDAP configuration in RT.<br>
</p>
<p>I was searching in:<br>
- RT documentatiton<br>
- RT comunity wiki<br>
- RT mailing lists archives<br>
- google</p>
<p>I found only this question in mailing list but without answer:<br>
<a class="moz-txt-link-freetext" href="http://www.gossamer-threads.com/lists/rt/users/128318?search_string=encoding;#128318">http://www.gossamer-threads.com/lists/rt/users/128318?search_string=encoding;#128318</a></p>
<p>Also I red thath MS AD in LDAP protocol version 3 returns any
string to LDAP client in utf-8 encoding.<br>
I really don't know where could be a problem.<br>
<br>
Any help will be appreciated.<br>
Thanks in advance for any hint.</p>
<p>Best regards<br>
Jan Burian<br>
</p>
<p><br>
</p>
</body>
</html>