[rt-users] Problem creating new user account with LDAP auth
Todd Chapman
todd at chaka.net
Tue Apr 18 22:43:47 EDT 2006
I would take that line out of config. Doesn't make sense.
On Tue, Apr 18, 2006 at 06:09:46PM -0700, eric.valor at daimlerchrysler.com wrote:
> Looks like part of the RT_SiteConfig, based upon the misspelling. But I'm
> not sure whether the fault lies in Handle.pm or RT.pm (or my Config).
>
>
> --
> Eric N. Valor
> Sr. Systems Administrator
> DaimlerChrysler Research & Technology North America, Inc.
> eric.valor at daimlerchrysler.com
> 1510 Page Mill Road, Palo Alto, CA 94304
> CIMS 931-00-00
> 650-845-2536
>
> : This Space Intentionally Left Blank :
>
>
>
>
> Todd Chapman <todd at chaka.net>
> 04/18/2006 06:01 PM
>
> To
> eric.valor at daimlerchrysler.com
> cc
> rt-users at lists.bestpractical.com
> Subject
> Re: [rt-users] Problem creating new user account with LDAP auth
>
>
>
>
>
>
> What is this?
>
> couldn't
> execute the query 'INSERT INTO Users (Comments, RealName, EmailAddress,
> Creator, LastUpdatedBy, Password, Created, id, Name, RT user paramater,
> LastUpdated) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' at
>
>
> That "RT user paramater" part looks wrong...
>
> On Tue, Apr 18, 2006 at 05:37:43PM -0700, eric.valor at daimlerchrysler.com
> wrote:
> > All:
> >
> > While my users authenticate and a very basic account is created on RT,
> > apparently the full account creation fails. I've attached the final
> > relevant bits from my logging.
> >
> > You can see that the user (myuser) is successfully logged in and
> > authenticated against my Active Directory server at domain.com. But the
>
> > population of info into the account fails. Apparently the account
> > information is not being read from the AD server.
> >
> > I've used the Mosemann LDAP contribution with a more AD-friendly
> modified
> > RT_SiteConfig.pm. I've also tried using the Automatic Account Creation
> > via LDAP
> > (http://wiki.bestpractical.com/index.cgi?AutoCreateFromExternalUserInfo
> ).
> >
> > Any ideas? I suspect that nobody is really doing a full account dump
> from
> > an AD server into RT. I'm a medium-weight PERL hacker, but not at the
> > level of attacking RT code unguided.
> >
> > Logging:
> >
> > [Wed Apr 19 00:09:35 2006] [warning]: DBD::mysql::st execute failed: You
>
> > have an error in your SQL syntax. Check the manual that corresponds to
> > your MySQL server version for the right syntax to use near 'user
> > paramater, LastUpdated) VALUES ('Autocreated with LDAP Dat at
> > /usr/share/perl5/DBIx/SearchBuilder/Handle.pm line 480.
> > (/usr/share/request-tracker3.4/lib/RT.pm:277)
> > [Wed Apr 19 00:09:35 2006] [warning]: RT::Handle=HASH(0x99adbdc)
> couldn't
> > execute the query 'INSERT INTO Users (Comments, RealName, EmailAddress,
> > Creator, LastUpdatedBy, Password, Created, id, Name, RT user paramater,
> > LastUpdated) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' at
> > /usr/share/perl5/DBIx/SearchBuilder/Handle.pm line 494.
> > (/usr/share/request-tracker3.4/lib/RT.pm:277)
> > [Wed Apr 19 00:09:35 2006] [error]: Could not create a new user -
> > (/usr/share/request-tracker3.4/lib/RT/User_Overlay.pm:267)
> > [Wed Apr 19 00:09:36 2006] [debug]: About to think about scrips for
> > transaction #30
> > (/usr/share/request-tracker3.4/lib/RT/Transaction_Overlay.pm:154)
> > [Wed Apr 19 00:09:36 2006] [debug]: About to think about scrips for
> > transaction #31
> > (/usr/share/request-tracker3.4/lib/RT/Transaction_Overlay.pm:154)
> > [Wed Apr 19 00:09:36 2006] [info]: Using LDAP External Authentication
> > (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:101)
> > [Wed Apr 19 00:09:36 2006] [debug]: LDAPAuth: First search filter
> > '(&(sAMAccountName=<myuser>)(objectclass=user))'
> > (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:136)
> > [Wed Apr 19 00:09:36 2006] [debug]: LDAPAuth: First search produced 1
> > results
> > (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:146)
> > [Wed Apr 19 00:09:36 2006] [debug]: LDAP DN:
> > CN=<myuser>,CN=Users,DC=<domain>,DC=com
> > (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:154)
> > [Wed Apr 19 00:09:36 2006] [debug]: AUTH OK: <myuser> - LDAP
> > (CN=<myuser>,CN=Users,DC=<domain>,DC=com)
> > (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:162)
> > [Wed Apr 19 00:09:36 2006] [info]: Successful login for <myuser> from
> > 111.222.333.444
> (/usr/local/share/request-tracker3.4/html/autohandler:153)
> >
> > Here's my RT_SiteConfig relevant parts:
> >
> > $LdapBase="cn=Users,dc=<domain>,dc=com"; # search base
> > $LdapUidAttr="sAMAccountName"; # attribute for RT
> account
> > name
> > $LdapNameAttr="cn"; # attribute for RT user
> > name
> > $LdapMailAttr="mail"; # attribute for RT email
>
> > addy
> > $LdapFilter="(objectclass=user)"; # filter LDAP entries
> > (e.g., only people)
> > $LdapMailBase="cn=Users,cn=<domain>,cn=com"; # set email entries
> > $LdapMailFilter="(objectclass=user)"; # filter LDAP entries
> > (e.g., only people)
> > $LdapMailScope="sub"; #
> > $LdapMap = { # map LDAP attributes to RT3
> > 'RT user paramater' => 'LDAP entry',
> > 'Name' => $RT::LdapUidAttr,
> > 'EmailAddress' => 'mail',
> > 'RealName' => 'cn',
> > };
> >
> >
> > --
> > Eric N. Valor
> > Sr. Systems Administrator
> > DaimlerChrysler Research & Technology North America, Inc.
> > eric.valor at daimlerchrysler.com
> > 1510 Page Mill Road, Palo Alto, CA 94304
> > CIMS 931-00-00
> > 650-845-2536
> >
> > : This Space Intentionally Left Blank :
> > _______________________________________________
> > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> >
> > Community help: http://wiki.bestpractical.com
> > Commercial support: sales at bestpractical.com
> >
> >
> > Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> > Buy a copy at http://rtbook.bestpractical.com
> >
> >
> > We're hiring! Come hack Perl for Best Practical:
> http://bestpractical.com/about/jobs.html
>
More information about the rt-users
mailing list