[rt-users] Problem creating new user account with LDAP auth

Todd Chapman todd at chaka.net
Tue Apr 18 22:43:47 EDT 2006


I would take that line out of config. Doesn't make sense.

On Tue, Apr 18, 2006 at 06:09:46PM -0700, eric.valor at daimlerchrysler.com wrote:
> Looks like part of the RT_SiteConfig, based upon the misspelling.  But I'm 
> not sure whether the fault lies in Handle.pm or RT.pm (or my Config).
> 
> 
> --
> Eric N. Valor
> Sr. Systems Administrator
> DaimlerChrysler Research & Technology North America, Inc.
> eric.valor at daimlerchrysler.com
> 1510 Page Mill Road, Palo Alto, CA 94304
> CIMS 931-00-00
> 650-845-2536
> 
> : This Space Intentionally Left Blank :
> 
> 
> 
> 
> Todd Chapman <todd at chaka.net> 
> 04/18/2006 06:01 PM
> 
> To
> eric.valor at daimlerchrysler.com
> cc
> rt-users at lists.bestpractical.com
> Subject
> Re: [rt-users] Problem creating new user account with LDAP auth
> 
> 
> 
> 
> 
> 
> What is this?
> 
> couldn't
> execute the query 'INSERT INTO Users (Comments, RealName, EmailAddress,
> Creator, LastUpdatedBy, Password, Created, id, Name, RT user paramater,
> LastUpdated) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' at
> 
> 
> That "RT user paramater" part looks wrong...
> 
> On Tue, Apr 18, 2006 at 05:37:43PM -0700, eric.valor at daimlerchrysler.com 
> wrote:
> > All:
> > 
> > While my users authenticate and a very basic account is created on RT, 
> > apparently the full account creation fails.  I've attached the final 
> > relevant bits from my logging.
> > 
> > You can see that the user (myuser) is successfully logged in and 
> > authenticated against my Active Directory server at domain.com.  But the 
> 
> > population of info into the account fails.  Apparently the account 
> > information is not being read from the AD server.
> > 
> > I've used the Mosemann LDAP contribution with a more AD-friendly 
> modified 
> > RT_SiteConfig.pm.  I've also tried using the Automatic Account Creation 
> > via LDAP 
> > (http://wiki.bestpractical.com/index.cgi?AutoCreateFromExternalUserInfo
> ).
> > 
> > Any ideas?  I suspect that nobody is really doing a full account dump 
> from 
> > an AD server into RT.  I'm a medium-weight PERL hacker, but not at the 
> > level of attacking RT code unguided.
> > 
> > Logging:
> > 
> > [Wed Apr 19 00:09:35 2006] [warning]: DBD::mysql::st execute failed: You 
> 
> > have an error in your SQL syntax.  Check the manual that corresponds to 
> > your MySQL server version for the right syntax to use near 'user 
> > paramater, LastUpdated) VALUES ('Autocreated with LDAP Dat at 
> > /usr/share/perl5/DBIx/SearchBuilder/Handle.pm line 480.
> >  (/usr/share/request-tracker3.4/lib/RT.pm:277)
> > [Wed Apr 19 00:09:35 2006] [warning]: RT::Handle=HASH(0x99adbdc) 
> couldn't 
> > execute the query 'INSERT INTO Users (Comments, RealName, EmailAddress, 
> > Creator, LastUpdatedBy, Password, Created, id, Name, RT user paramater, 
> > LastUpdated) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' at 
> > /usr/share/perl5/DBIx/SearchBuilder/Handle.pm line 494.
> >  (/usr/share/request-tracker3.4/lib/RT.pm:277)
> > [Wed Apr 19 00:09:35 2006] [error]: Could not create a new user - 
> > (/usr/share/request-tracker3.4/lib/RT/User_Overlay.pm:267)
> > [Wed Apr 19 00:09:36 2006] [debug]: About to think about scrips for 
> > transaction #30 
> > (/usr/share/request-tracker3.4/lib/RT/Transaction_Overlay.pm:154)
> > [Wed Apr 19 00:09:36 2006] [debug]: About to think about scrips for 
> > transaction #31 
> > (/usr/share/request-tracker3.4/lib/RT/Transaction_Overlay.pm:154)
> > [Wed Apr 19 00:09:36 2006] [info]: Using LDAP External Authentication
> >  (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:101)
> > [Wed Apr 19 00:09:36 2006] [debug]: LDAPAuth: First search filter 
> > '(&(sAMAccountName=<myuser>)(objectclass=user))'
> >  (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:136)
> > [Wed Apr 19 00:09:36 2006] [debug]: LDAPAuth: First search produced  1 
> > results
> >  (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:146)
> > [Wed Apr 19 00:09:36 2006] [debug]: LDAP DN: 
> > CN=<myuser>,CN=Users,DC=<domain>,DC=com
> >  (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:154)
> > [Wed Apr 19 00:09:36 2006] [debug]: AUTH OK: <myuser> - LDAP 
> > (CN=<myuser>,CN=Users,DC=<domain>,DC=com)
> >  (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:162)
> > [Wed Apr 19 00:09:36 2006] [info]: Successful login for <myuser> from 
> > 111.222.333.444 
> (/usr/local/share/request-tracker3.4/html/autohandler:153)
> > 
> > Here's my RT_SiteConfig relevant parts:
> > 
> > $LdapBase="cn=Users,dc=<domain>,dc=com";          # search base
> > $LdapUidAttr="sAMAccountName";                  # attribute for RT 
> account 
> > name
> > $LdapNameAttr="cn";                             # attribute for RT user 
> > name
> > $LdapMailAttr="mail";                           # attribute for RT email 
> 
> > addy
> > $LdapFilter="(objectclass=user)";               # filter LDAP entries 
> > (e.g., only people)
> > $LdapMailBase="cn=Users,cn=<domain>,cn=com";      # set email entries 
> > $LdapMailFilter="(objectclass=user)";           # filter LDAP entries 
> > (e.g., only people)
> > $LdapMailScope="sub";                           # 
> > $LdapMap = {                            # map LDAP attributes to RT3
> >     'RT user paramater'   => 'LDAP entry',
> >     'Name'                => $RT::LdapUidAttr,
> >     'EmailAddress'        => 'mail',
> >     'RealName'            => 'cn',
> > };
> > 
> > 
> > --
> > Eric N. Valor
> > Sr. Systems Administrator
> > DaimlerChrysler Research & Technology North America, Inc.
> > eric.valor at daimlerchrysler.com
> > 1510 Page Mill Road, Palo Alto, CA 94304
> > CIMS 931-00-00
> > 650-845-2536
> > 
> > : This Space Intentionally Left Blank :
> > _______________________________________________
> > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> > 
> > Community help: http://wiki.bestpractical.com
> > Commercial support: sales at bestpractical.com
> > 
> > 
> > Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
> > Buy a copy at http://rtbook.bestpractical.com
> > 
> > 
> > We're hiring! Come hack Perl for Best Practical: 
> http://bestpractical.com/about/jobs.html
> 



More information about the rt-users mailing list