[rt-users] LDAP authentication problem

ckugelman at comcast.net ckugelman at comcast.net
Fri May 6 17:23:16 EDT 2005


For a school project, we are to install RT3 on a RHEL3 server. That's all fine and well, we have that up. The next step is to get it to authenticate to the iPlanet LDAP server.

We are using the LDAP overlay script (found in the contrib section of best practical) and cannot get it to work correctly. We fill out the information in RT_SiteConfig.pm as follows:

$LDAPExternalAuth = 1; # will enable LDAP-Auth
#$LDAPInternalAuthRequired = 0; # will require internal password
# in preference to LDAP-Auth
#$LDAPExternalAuto = 1; # will create accounts "on the fly"
$LdapServer="999datdsr004.ittesi.com"; # LDAP server for authentication
#$LdapCert= ""; # enables TLS, name is checked instead
# of the server name
#$LdapCertDir= ""; # enables TLS, will check server name
# and certificate vs. CA chain from dir
$LdapUser="uid=testrt,ou=People,dc=app,dc=ittesi,dc=com"; # user name for binding
$LdapPass="testrt"; # password for binding
$LdapBase=""; # search base
$LdapUidAttr="uid"; # attribute for RT user name
$LdapFilter="(objectclass=*)"; # additional filter
$LdapMap = { # mapping LDAP attributes to RT3
# 'RT user paramater' => 'LDAP entry',
'Name' => $RT::LdapUidAttr,
'EmailAddress' => 'mail',
'RealName' => 'cn',
'Department' => 'departmentNumber',
};

The testrt user was created to test user binding (we are unsure if we are to bind as a specific user and then search the database for authentication or not). We've tried doing it leaving those two user fields blank. We've tried playing around with case (out of desperation) and have had no luck.

If anyone has any documentation on this subject, we would be eternally grateful. Links leading to possible guides have always turned up dead. Thank you for your time.



More information about the rt-users mailing list