[rt-users] Fwd: RT LDAP

eric.valor at daimlerchrysler.com eric.valor at daimlerchrysler.com
Wed Jun 7 13:49:30 EDT 2006


I use a W2K AD server and use "user" as my object class.  That works well 
for me.

# Basic Setup
Set($LdapServer, 'server.domain.com');               # LDAP server for 
authentication
Set($LdapBase, 'cn=Users,dc=domain,dc=com');                    # search 
base
Set($LdapFilter, "(objectclass=user)");                         # filter 
LDAP entries (e.g., only people)

I have also confirmed that SAMAccountName works equally as well as 
sAMAccountName in the config.

--
Eric N. Valor
Sr. Systems Administrator
DaimlerChrysler Research & Technology North America, Inc.
eric.valor at daimlerchrysler.com
1510 Page Mill Road, Palo Alto, CA 94304
CIMS 931-00-00
650-845-2536

: This Space Intentionally Left Blank :





From: Ole Craig <ocraig at stillsecure.com>

On Tue, 2006-06-06 at 18:07 -0700, Jim Meyer wrote:
[...]
> I think it's supposed to be "sAMAccountName", but I don't know if
> Windows Active Directory is case sensitive or not.
[...]

Some quick experimentation with ldapsearch says it's not, but (based on
some fairly painful experience troubleshooting one of our products that
includes user import from LDAP as an option) I suspect you want
"organizationalPerson" as the object class; "sAMAccountName" is usually
an attribute of an organizationalPerson object.




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20060607/b0d8ad62/attachment.htm>


More information about the rt-users mailing list