[rt-users] Can't bind: LDAP_INVALID_CREDENTIALS 49

Jim Meyer purp at acm.org
Tue Jun 6 03:34:05 EDT 2006


Hello!

Bless you for all the precise information below. =]

On 6/5/06, Wade Naveja <wade at naveja.net> wrote:
> I'm running Request Tracker 3.4.5 on a FreeBSD 5.4 server with Apache
> 1.3.34 and MySQL 4.1.13.  The installation went smooth, and my team is
> very happy with RT over our current home brew ticketing application.
>
> I'm running into trouble with LDAP authentication against a Windows 2003
> domain controller.  I've followed the
> instructions found at:
>
> http://wiki.bestpractical.com/?LDAP
> http://wiki.bestpractical.com/index.cgi?LdapUserLocalOverlay
> http://wiki.bestpractical.com/index.cgi?LdapSiteConfigSettings
>
> I've got loggin cranked up, and I'm seeing the following:
>
> [Tue Jun  6 01:51:01 2006] [critical]: RT::User::LookupExternalUserInfo
> Can't bind: LDAP_INVALID_CREDENTIALS 49
> (/usr/local/rt3/lib/RT/User_Local.pm:475)

Hmmm. I'm hoping that Ole's messages were helpful to you as my only
guess is that your LDAP server (aka AD server) won't accept anonymous
(unauthenticated) bindings. Here's the code in and around the
complaining line:

    my $msg = undef;
    if ($ldap_user) {
        $msg = $ldap->bind($ldap_user, password => $ldap_pass);
    } else {
        $msg = $ldap->bind;
    }

    unless ($msg->code == LDAP_SUCCESS) {
        $RT::Logger->critical((caller(0))[3], "Can't bind:",
                             ldap_error_name($msg->code), $msg->code);
    } else {
        ...

Have you set LdapUser and LdapPass in RT_SiteConfig.pm? If not, try
setting them to a user/pass combo that should allow you to bind to the
server and let me know how it goes.

Thanks!

--j
-- 
Jim Meyer, Geek at Large                                    purp at acm.org



More information about the rt-users mailing list