[rt-users] Fwd: RT LDAP

[Jim Meyer]

Once more, this time actually headed to the rt-users list. =\

--j

---------- Forwarded message ----------
From: Jim Meyer <purp at acm.org>
Date: Jun 6, 2006 6:06 PM
Subject: Re: RT LDAP
To: Steve Haché <steve.hache at distributel.ca>


Hello!

I'm copying the rt-users list because your errors don't look
particularly LDAP-related -- not to say they aren't, just that I've
never seen them before.

First question: did you install my most recent code (~1a last night)
or from earlier? There shouldn't be a difference (and don't upgrade
yet if you're not running last night's code), it's just to help figure
out what's wrong.

Second question: what version of RT?

On 6/6/06, Steve Haché <steve.hache at distributel.ca> wrote:
> I also installed the LdapAutocreateAuthCallback file.

Since that's optional, let's move that to Auth.bak for now to
decomplicate the issue. Then we'll test with some LDAP user who
already has an RT account.

> However I am not having luck getting that one to work off the bat.
> Here is what my logs are showing. fred.smith is not a valid user in our
> office, but andre is.
>
> Jun  6 14:21:40 srv01 RT: Transaction->Create couldn't, as you didn't
> specify an object type and id
> (/usr/local/rt3/lib/RT/Record.pm:1441)
> Jun  6 14:21:40 srv01 RT: Transaction->Create couldn't, as you didn't
> specify an object type and id
> (/usr/local/rt3/lib/RT/Record.pm:1441)
> Jun  6 14:21:40 srv01 RT: FAILED LOGIN for fred.smith from 192.168.255.1
> (/usr/local/rt3/share/html/autohandler:191)
> Jun  6 14:26:02 srv01 RT: Transaction->Create couldn't, as you didn't
> specify an object type and id
> (/usr/local/rt3/lib/RT/Record.pm:1441)
> Jun  6 14:26:02 srv01 RT: Transaction->Create couldn't, as you didn't
> specify an object type and id
> (/usr/local/rt3/lib/RT/Record.pm:1441)
> Jun  6 14:26:02 srv01 RT: FAILED LOGIN for andre_belanger from 192.168.255.1
> (/usr/local/rt3/share/html/autohandler:191)

These don't look like errors I've seen before. Let's keep digging.

> Set($LdapAttrMap, {'Name' => 'SAMAccountName',
>                    'EmailAddress' => 'mail',
>                    'Organization' => 'o',
>                    'RealName' => 'cn',
>                    'ExternalContactInfoId' => 'dn',
>                    'ExternalAuthId' => 'SAMAccountName',
>                    'Gecos' => 'SAMAccountName',
>                    'WorkPhone' => 'telephoneNumber',
>                    'Address1' => 'streetAddress',
>                    'City' => '1',
>                    'State' => 'st',
>                    'Zip' => 'postalCode',
>                    'Country' => 'co'}
> );
[...]
> # The basics; if set, these override $RT::LdapAuth* and $RT::LdapInfo*
> Set($LdapServer, 'LDAP IP HERE');
> Set($LdapBase, 'ou=users,dc=corp,dc=distributel,dc=ca');
> Set($LdapFilter, "(objectclass=SAMAccountName)");

I think it's supposed to be "sAMAccountName", but I don't know if
Windows Active Directory is case sensitive or not.

If that doesn't solve it, please turn logging up to "debug" and send
more output. =]

Thanks!

--j
--
Jim Meyer, Geek at Large                                    purp at acm.org


-- 
Jim Meyer, Geek at Large                                    purp at acm.org