[rt-users] ldap-auth with rt Centos rpm install

Bill Gurley gurley at ion.chem.utk.edu
Fri Mar 10 15:06:23 EST 2006 

Jim Meyer wrote:
> Hello!
> 
> On Fri, 2006-03-10 at 08:51 -0500, Bill Gurley wrote:
> 
>>Thanks, but that comes up with zilch.  The only thing in my rt.log are 
>>lines like this:
>>
>>[error]: FAILED LOGIN for barnes from 160.36.xxx.xxx 
>>(/var/rt/html/autohandler:191)
>>
>>Users created in the rt internal system can login.  When I try to login 
>>as one of the ldap users, I get a line like the above.  Sounds to me 
>>like it's not even trying ldap.
> 
> 
> Aha! It isn't. There's a reason.
> 
> The user has to have an account in RT before they can log in. RT doesn't
> automatically create the account when they first try. Only the
> authentication of that account is handled by the LDAP overlay at
> present. I need to document that fact better on the wiki.
> 
> Try creating an RT account (Configure->Users->New User) for an existing
> LDAP account but with no password, then log in. It should work.
> 
> I've been considering implementing the autocreate-at-login bit. If I do,
> I'll post it on the wiki. Also, I'm going to try to do a cleanup of the
> wiki re: the various approaches, provide a bit of guidance on them from
> the main LDAP page, and so forth. When I do that, I'll toss out a note
> here as well.
> 
> Cheers!
> 
> --j


Doh!   (...as Homer would say)

Thanks, Jim.  I am making progress now.

Immediately after I read this message, I added a couple of usernames in
rt, and I was then able to at least see LDAP debugging information for
the first time.  Still had to tweak my ldap config, but now I am able to
login from ldap auth.

I would appreciate some help with an rt-newbie queston:

While I was struggling with all of this, I ended up creating a couple of
users in the internal rt system that I would prefer to have pulled from
ldap (along with their contact info, etc.).  What's the best way to deal
with this, since you can't really delete users in rt?  Would it be safe
to go straight to the mysql database and pull out those users so I can
re-create them from ldap?  Or is there an easier way?

Thanks,


-Bill-

---------------------------------
  Bill Gurley, Technical Director
  Department of Chemistry
  Univ. of Tennessee, Knoxville


-- 
-Bill-

---------------------------------
  Bill Gurley, Technical Director
  Department of Chemistry
  Univ. of Tennessee, Knoxville

More information about the rt-users mailing list