[rt-users] LDAP Auth and 'EmailAddress'

Charles Kugelman at HQ CKugelman at ittesi.com
Sun Sep 25 23:09:34 EDT 2005 

Hello,

 

We are trying to set up our RT server to authenticate against our LDAP
server. There has been some success getting this to happen, however
there is one (maybe small) problem. Users fail to log on when the
following line is uncommented (in RT_SiteConfig.pm):

 

    'EmailAddress'        => 'mail',

 

If we comment the line out, the logon process works flawlessly. However,
we really need this function to work. Without the line, RT doesn't auto
fill the email address field with the data from the LDAP server.

 

 

Here are the details:

 

 

RT error log:

 

[Mon Sep 26 02:44:40 2005] [debug]: LookupExternalUserInfo: Name (uid)
search filter '(&(mail=user at domain.com)(objectclass=*))'

 (/opt/rt/local/lib/RT/EmailParser_Local.pm:85)

[Mon Sep 26 02:44:40 2005] [debug]: LookupExternalUserInfo: Name (uid)
search produced  1  results

 (/opt/rt/local/lib/RT/EmailParser_Local.pm:90)

[Mon Sep 26 02:44:40 2005] [debug]: LookupExternalUserInfo: No email
search

 (/opt/rt/local/lib/RT/EmailParser_Local.pm:117)

[Mon Sep 26 02:44:40 2005] [debug]: LookupExternalUserInfo: No realname
(cn) search

 (/opt/rt/local/lib/RT/EmailParser_Local.pm:140)

[Mon Sep 26 02:44:40 2005] [error]: FAILED LOGIN for user at ourdomain.com
from 192.168.1.100 (/opt/rt/local/html/autohandler:144)

 

 

Apache error log:

 

[Mon Sep 26 02:44:40 2005] [error]: FAILED LOGIN for user at ourdomain.com
from 192.168.1.100 (/opt/rt/local/html/autohandler:144)

 

 

RT_SiteConfig.pm:

 

Set($HomeRefreshPeriod, "300");

Set($TicketsRefreshPeriod, "300");

@AuthOrder = ("LDAP", "SMB", "Web", "Internal");

$LDAPExternalAuto = 1;

$LDAPDeferToInternalAuth = undef;

$LdapServer="ldap.ourdomain.com";

$LdapCert= "";

$LdapCertDir= "";

$LdapUser="uid=bindaccount,ou=whatever,dc=whatever,dc=ourdomain,dc=com";

$LdapPass="bindaccountpass";

$LdapBase="ou=whatever,dc=whatever,dc=ourdomain,dc=com";

$LdapUidAttr="mail";

$LdapFilter="(objectclass=*)";

$LdapMap = {

    'Name'                => $RT::LdapUidAttr,

    'EmailAddress'        => 'mail',

    'RealName'            => 'cn',

};

 

 

Other details:

 

OS: SuSE Linux 9.3

DB: Oracle 9iR2

RT: 3.2.3

RT>LDAP auth package: LDAPSMB1.2_RT3.tar.gz from
http://www.mosemann.com/software/LDAPSMB1.2_RT3.tar.gz

 

 

We have tried the older LDAP auth package (from the contrib section),
but even more issues exist with that package.

 

Any help would be greatly appreciated. Thanks in advance.

 

 

Charles Kugelman

Network Administrator

ITT Educational Services, Inc.

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20050925/634b2ae6/attachment.htm>

More information about the rt-users mailing list