[rt-users] Problem configuring LDAP with AD

Mon Oct 23 13:54:08 EDT 2006

AFAIK, "inetOrgPerson" doesn't exist in Active Directory.

Use the LDAPAttrMap I posted to the Wiki at 
http://wiki.bestpractical.com/index.cgi?LdapAttrMap

In your RT_SiteConfig.pm make sure you have the correct MatchList and 
base:

# A list of RT attrs which can uniquely identify a user,
# # ordered from most to least preferred.
Set($LdapRTAttrMatchList, ['Name', 'ExternalContactInfoId',
                           'EmailAddress', 'RealName',
                           'WorkPhone', 'Address1']
);

# A list of LDAP attrs to examine when canonicalizing email addresses,
# # ordered from most to least preferred
Set($LdapEmailAttrMatchList, ['mail', 'mailRoutingAddress',
                              'mailAlternateAddress']
);

# Basic Setup
Set($LdapServer, '<server>.<domain>.com');               # LDAP server for 
authentication
Set($LdapBase, 'cn=Users,dc=<domain>,dc=com');                    # search 
base
Set($LdapFilter, "(objectclass=user)");                         # filter 
LDAP entries (e.g., only people)

--
Eric N. Valor
Information Technology Manager
DaimlerChrysler Research & Technology North America, Inc.
eric.valor at daimlerchrysler.com
1510 Page Mill Road, Palo Alto, CA 94304
CIMS 931-00-00
650-845-2536

: This Space Intentionally Left Blank :

rt-users-request at lists.bestpractical.com 
Sent by: rt-users-bounces at lists.bestpractical.com
10/19/2006 09:00 AM
Please respond to
rt-users at lists.bestpractical.com

To
rt-users at lists.bestpractical.com
cc

Subject
RT-Users Digest, Vol 31, Issue 50

Hi again,
>
> I've tweaked LdapFilter and settled on inetOrgPerson, from researches
> around the 'net, but I'm still getting the LDAP_OPERATIONS_ERROR 1, so
> that might not be the root problem. The first line stumps me somewhat,
> talking about "object type and id".
>
> I know this problem is essentially solved, I just need a little help
> getting over the line! Here's my 
/etc/request-tracker3.4/RT_SiteConfig.pm:
>
> 
Sorry, perhaps I wasn't specific enough: I'm looking for help 
determining the cause of the "LDAP_OPERATIONS_ERROR 1", and anything 
else that might be causing the log output I posted. Here it is again:

Oct 18 12:59:17 tracker RT: Transaction->Create couldn't, as you didn't 
specify an object type and id 
(/usr/share/request-tracker3.4/lib/RT/Record.pm:1451)
Oct 18 12:59:17 tracker RT: Trying LDAP authentication
Oct 18 12:59:17 tracker RT: RT::User::IsLDAPPassword search for 
(&(sAMAccountName=Andrew Hodgson)(objectclass=inetOrgPerson)) failed: 
LDAP_OPERATIONS_ERROR 1
Oct 18 12:59:17 tracker RT: RT::User::IsPassword auth method 
IsLDAPPassword FAILED
Oct 18 12:59:17 tracker RT: RT::User::IsInternalPassword AUTH FAILED (no 
passwd): Andrew Hodgson 
(/usr/share/request-tracker3.4/lib/RT/User_Local.pm:232)
Oct 18 12:59:17 tracker RT: RT::User::IsPassword auth method 
IsInternalPassword FAILED
Oct 18 12:59:17 tracker RT: FAILED LOGIN for Andrew Hodgson from 
192.168.0.238 (/usr/share/request-tracker3.4/html/autohandler:191)

If anyone could give me any pointers, it would be appreciated. I need 
tickets!

Andrew

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20061023/781d7ba4/attachment.htm>