<div dir="ltr">Well,<div><br></div><div>I will try to use user mail for authentication.</div><div><br></div><div>here is conf i tested without success :(</div><div><br></div><div>-----</div><div><div> Set($ExternalSettings, {</div><div> 'My_LDAP' => {</div><div> 'type' => 'ldap',</div><div> 'server' => 'ldap://<a href="http://ypmycorpldap.corp.mycorp.com">ypmycorpldap.corp.mycorp.com</a>',</div><div> 'user' => 'uid=mycorp-rtir-reader,ou=applicationAccounts,o=<a href="http://corp.mycorp.com">corp.mycorp.com</a>',</div><div> 'pass' => 'SikH2mmKLtPi0E4ZYcqldTXAgILVxGVhXWlHBF3o21',</div><div> 'base' => 'o=<a href="http://corp.mycorp.com">corp.mycorp.com</a>',</div><div> 'filter' => '(objectClass=person)',</div><div> 'tls' => { verify => "require", cafile => "/etc/pki/tls/mycorp_CERTIFICATE_CHAIN.crt" },</div><div> 'net_ldap_args' => [ version => 3, debug => 8 ],</div><div> 'attr_match_list' => [</div><div> 'Name' ,</div><div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span>'EmailAddress',</div><div> ],</div><div> # Import the following properties of the user from LDAP upon</div><div> # login</div><div> 'attr_map' => {</div><div> 'Name' => 'mail',</div><div> 'EmailAddress' => 'mail',</div><div> 'RealName' => 'cn',</div><div> }</div><div> },</div><div> }</div><div>);</div></div><div><br></div><div>---</div><div><br></div><div>Regards</div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">2016-12-09 13:59 GMT+01:00 Martin Wheldon <span dir="ltr"><<a href="mailto:martin.wheldon@greenhills-it.co.uk" target="_blank">martin.wheldon@greenhills-it.co.uk</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
You could either use another unique attribute i.e mail or add another uid to each RT user prefixed by a letter.<br>
<br>
dn: uid=123456,dc=my,dc=domain<br>
uid: 123456<br>
uid: x123456<br>
<br>
Best Regards<span class="HOEnZb"><font color="#888888"><br>
<br>
Martin</font></span><div class="HOEnZb"><div class="h5"><br>
<br>
On 2016-12-09 12:49, Joop wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 9-12-2016 13:38, Claude EDUMA wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi Joop,<br>
<br>
<br>
Thank you for your quick answer.<br>
We have tested with non numerical username and result is OK.<br>
Well in my organisation we use ldap uid for username. Any suggestion<br>
to resolve this issue ?<br>
<br>
</blockquote>
Please keep the list in the loop.<br>
<br>
I think the problem is in the function(s) which load the user info.<br>
These functions take a name OR an id and then load the corresponding<br>
info. When usernames are IDs that doesn't work any more. Other than<br>
patching all functions which use this I don't see another solution than<br>
to change the use of uid as a username, sorry.<br>
<br>
Joop<br>
<br>
---------<br>
RT 4.4 and RTIR training sessions, and a new workshop day!<br>
<a href="https://bestpractical.com/training" rel="noreferrer" target="_blank">https://bestpractical.com/trai<wbr>ning</a><br>
* Los Angeles - January 9-11 2017<br>
</blockquote>
---------<br>
RT 4.4 and RTIR training sessions, and a new workshop day! <a href="https://bestpractical.com/training" rel="noreferrer" target="_blank">https://bestpractical.com/trai<wbr>ning</a><br>
* Los Angeles - January 9-11 2017<br>
</div></div></blockquote></div><br></div>