[rt-users] Problem creating new user account with LDAP auth

eric.valor at daimlerchrysler.com eric.valor at daimlerchrysler.com
Tue Apr 18 23:17:39 EDT 2006 

It appears to be the bit that passes LDAP info to RT in order to fill out 
fields in the new user creation (first time logging into RT authenticated 
against my AD server).  Taking it out removes the error but now I get user 
records with just the username and none of the LDAP info.

$LdapMap is used in EmailParser_Local.pm in the Mosemann LDAP/SMB 
contribution I'm using:

$LdapMap = {                            # map LDAP attributes to RT3
     'RT user paramater'   => 'LDAP entry',
     'Name'                => $RT::LdapUidAttr,
     'EmailAddress'        => 'mail',
     'RealName'            => 'cn',
};

I'd contact Mr. Mosemann, but his Readme says he's not supporting the 
code.  I'll play around with this a bit (now where did I put that Camel 
book..?).  Thanks for the guidance.


--
Eric N. Valor
Sr. Systems Administrator
DaimlerChrysler Research & Technology North America, Inc.
eric.valor at daimlerchrysler.com
1510 Page Mill Road, Palo Alto, CA 94304
CIMS 931-00-00
650-845-2536

: This Space Intentionally Left Blank :




Todd Chapman <todd at chaka.net> 
04/18/2006 07:43 PM

To
eric.valor at daimlerchrysler.com
cc
rt-users at lists.bestpractical.com
Subject
Re: [rt-users] Problem creating new user account with LDAP auth






I would take that line out of config. Doesn't make sense.

On Tue, Apr 18, 2006 at 06:09:46PM -0700, eric.valor at daimlerchrysler.com 
wrote:
> Looks like part of the RT_SiteConfig, based upon the misspelling.  But 
I'm 
> not sure whether the fault lies in Handle.pm or RT.pm (or my Config).
> 
> 
> --
> Eric N. Valor
> Sr. Systems Administrator
> DaimlerChrysler Research & Technology North America, Inc.
> eric.valor at daimlerchrysler.com
> 1510 Page Mill Road, Palo Alto, CA 94304
> CIMS 931-00-00
> 650-845-2536
> 
> : This Space Intentionally Left Blank :
> 
> 
> 
> 
> Todd Chapman <todd at chaka.net> 
> 04/18/2006 06:01 PM
> 
> To
> eric.valor at daimlerchrysler.com
> cc
> rt-users at lists.bestpractical.com
> Subject
> Re: [rt-users] Problem creating new user account with LDAP auth
> 
> 
> 
> 
> 
> 
> What is this?
> 
> couldn't
> execute the query 'INSERT INTO Users (Comments, RealName, EmailAddress,
> Creator, LastUpdatedBy, Password, Created, id, Name, RT user paramater,
> LastUpdated) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' at
> 
> 
> That "RT user paramater" part looks wrong...
> 
> On Tue, Apr 18, 2006 at 05:37:43PM -0700, eric.valor at daimlerchrysler.com 

> wrote:
> > All:
> > 
> > While my users authenticate and a very basic account is created on RT, 

> > apparently the full account creation fails.  I've attached the final 
> > relevant bits from my logging.
> > 
> > You can see that the user (myuser) is successfully logged in and 
> > authenticated against my Active Directory server at domain.com.  But 
the 
> 
> > population of info into the account fails.  Apparently the account 
> > information is not being read from the AD server.
> > 
> > I've used the Mosemann LDAP contribution with a more AD-friendly 
> modified 
> > RT_SiteConfig.pm.  I've also tried using the Automatic Account 
Creation 
> > via LDAP 
> > (
http://wiki.bestpractical.com/index.cgi?AutoCreateFromExternalUserInfo
> ).
> > 
> > Any ideas?  I suspect that nobody is really doing a full account dump 
> from 
> > an AD server into RT.  I'm a medium-weight PERL hacker, but not at the 

> > level of attacking RT code unguided.
> > 
> > Logging:
> > 
> > [Wed Apr 19 00:09:35 2006] [warning]: DBD::mysql::st execute failed: 
You 
> 
> > have an error in your SQL syntax.  Check the manual that corresponds 
to 
> > your MySQL server version for the right syntax to use near 'user 
> > paramater, LastUpdated) VALUES ('Autocreated with LDAP Dat at 
> > /usr/share/perl5/DBIx/SearchBuilder/Handle.pm line 480.
> >  (/usr/share/request-tracker3.4/lib/RT.pm:277)
> > [Wed Apr 19 00:09:35 2006] [warning]: RT::Handle=HASH(0x99adbdc) 
> couldn't 
> > execute the query 'INSERT INTO Users (Comments, RealName, 
EmailAddress, 
> > Creator, LastUpdatedBy, Password, Created, id, Name, RT user 
paramater, 
> > LastUpdated) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' at 
> > /usr/share/perl5/DBIx/SearchBuilder/Handle.pm line 494.
> >  (/usr/share/request-tracker3.4/lib/RT.pm:277)
> > [Wed Apr 19 00:09:35 2006] [error]: Could not create a new user - 
> > (/usr/share/request-tracker3.4/lib/RT/User_Overlay.pm:267)
> > [Wed Apr 19 00:09:36 2006] [debug]: About to think about scrips for 
> > transaction #30 
> > (/usr/share/request-tracker3.4/lib/RT/Transaction_Overlay.pm:154)
> > [Wed Apr 19 00:09:36 2006] [debug]: About to think about scrips for 
> > transaction #31 
> > (/usr/share/request-tracker3.4/lib/RT/Transaction_Overlay.pm:154)
> > [Wed Apr 19 00:09:36 2006] [info]: Using LDAP External Authentication
> >  (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:101)
> > [Wed Apr 19 00:09:36 2006] [debug]: LDAPAuth: First search filter 
> > '(&(sAMAccountName=<myuser>)(objectclass=user))'
> >  (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:136)
> > [Wed Apr 19 00:09:36 2006] [debug]: LDAPAuth: First search produced  1 

> > results
> >  (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:146)
> > [Wed Apr 19 00:09:36 2006] [debug]: LDAP DN: 
> > CN=<myuser>,CN=Users,DC=<domain>,DC=com
> >  (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:154)
> > [Wed Apr 19 00:09:36 2006] [debug]: AUTH OK: <myuser> - LDAP 
> > (CN=<myuser>,CN=Users,DC=<domain>,DC=com)
> >  (/usr/local/share/request-tracker3.4/lib/RT/User_Local.pm:162)
> > [Wed Apr 19 00:09:36 2006] [info]: Successful login for <myuser> from 
> > 111.222.333.444 
> (/usr/local/share/request-tracker3.4/html/autohandler:153)
> > 
> > Here's my RT_SiteConfig relevant parts:
> > 
> > $LdapBase="cn=Users,dc=<domain>,dc=com";          # search base
> > $LdapUidAttr="sAMAccountName";                  # attribute for RT 
> account 
> > name
> > $LdapNameAttr="cn";                             # attribute for RT 
user 
> > name
> > $LdapMailAttr="mail";                           # attribute for RT 
email 
> 
> > addy
> > $LdapFilter="(objectclass=user)";               # filter LDAP entries 
> > (e.g., only people)
> > $LdapMailBase="cn=Users,cn=<domain>,cn=com";      # set email entries 
> > $LdapMailFilter="(objectclass=user)";           # filter LDAP entries 
> > (e.g., only people)
> > $LdapMailScope="sub";                           # 
> > $LdapMap = {                            # map LDAP attributes to RT3
> >     'RT user paramater'   => 'LDAP entry',
> >     'Name'                => $RT::LdapUidAttr,
> >     'EmailAddress'        => 'mail',
> >     'RealName'            => 'cn',
> > };
> > 
> > 
> > --
> > Eric N. Valor
> > Sr. Systems Administrator
> > DaimlerChrysler Research & Technology North America, Inc.
> > eric.valor at daimlerchrysler.com
> > 1510 Page Mill Road, Palo Alto, CA 94304
> > CIMS 931-00-00
> > 650-845-2536
> > 
> > : This Space Intentionally Left Blank :
> > _______________________________________________
> > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> > 
> > Community help: http://wiki.bestpractical.com
> > Commercial support: sales at bestpractical.com
> > 
> > 
> > Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
> > Buy a copy at http://rtbook.bestpractical.com
> > 
> > 
> > We're hiring! Come hack Perl for Best Practical: 
> http://bestpractical.com/about/jobs.html
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20060418/a6eb1c38/attachment.htm>

More information about the rt-users mailing list