[rt-users] LDAP

andrew fay andrew.fay at hotmail.co.uk
Thu Apr 3 09:26:37 EDT 2008



Hi,



I just left that there for reference, but it is removed now.. almost there,



When I log in with an active directory user now i am getting this in the RT.log



[Thu Apr  3 13:19:43 2008] [debug]: Attempting to use external auth
service: My_LDAP
(/usr/local/share/request-tracker3.6/lib/RT/User_Vendor.pm:63)

[Thu Apr  3 13:19:48 2008] [critical]: RT::User::_GetBoundLdapObj :
Cannot connect to albex.albyn.local
(/usr/local/share/request-tracker3.6/lib/RT/User_Vendor.pm:1026)

[Thu Apr  3 13:19:48 2008] [info]: RT::User::IsExternalPassword
External Auth Failed: fjones
(/usr/local/share/request-tracker3.6/lib/RT/User_Vendor.pm:294)

[Thu Apr  3 13:19:48 2008] [debug]: RT::User::IsPassword External auth
FAILED (/usr/local/share/request-tracker3.6/lib/RT/User_Vendor.pm:360)

[Thu Apr  3 13:19:48 2008] [info]: RT::User::IsInternalPassword AUTH
FAILED (no passwd): fjones
(/usr/local/share/request-tracker3.6/lib/RT/User_Vendor.pm:305)

[Thu Apr  3 13:19:48 2008] [debug]: RT::User::IsPassword Internal auth
FAILED (/usr/local/share/request-tracker3.6/lib/RT/User_Vendor.pm:366)



albex being the server that active directory is on  and albyn.local being the domain,

my ldap settings are :

{   # AN EXAMPLE LDAP SERVICE
                                'My_LDAP'       =>  {   ## GENERIC SECTION
                                                        # The type of service (db/ldap/cookie) 
                                                        'type'                      =>  'ldap',
                                                        # Should the service be used for authentication?
                                                        'auth'                      =>  1,
                                                        # Should the service be used for information?
                                                        'info'                      =>  1,
                                                        # The server hosting the service
                                                        'server'                    =>  'albex.albyn.local',
                                                        ## SERVICE-SPECIFIC SECTION
                                                        # The LDAP search base
                                                        'base'                      =>  'ou=aber,dc=albyn,dc=local',
                                                        # The filter to use to match RT-Users
                                                        'filter'                    =>  '(FILTER_STRING)',
                                                        # The filter that will only match disabled users
                                                        'd_filter'                  =>  '(FILTER_STRING)',
                                                        # Should we try to use TLS to encrypt connections?
                                                        'tls'                       =>  0,
                                                        # What other args should I pass to Net::LDAP->new($host, at args)?
                                                        'net_ldap_args'             => [    version =>  3   ],
                                                        # Does authentication depend on group membership? What group name?
                                                        'group'                     =>  'GROUP_NAME',
                                                        # What is the attribute for the group object that determines membership?
                                                        'group_attr'                =>  'GROUP_ATTR',
                                                        ## RT ATTRIBUTE MATCHING SECTION
                                                        # The list of RT attributes that uniquely identify a user
                                                        'attr_match_list'           => [    'Name',
                                                                                            'EmailAddress', 
                                                                                            'RealName',
                                                                                            'WorkPhone', 
                                                                                            'Address2'
                                                                                        ],
                                                        # The mapping of RT attributes on to LDAP attributes
                                                        'attr_map'                  =>  {   'Name' => 'sAMAccountName',
                                                                                            'EmailAddress' => 'mail',
                                                                                            'Organization' => 'physicalDeliveryOfficeName',
                                                                                            'RealName' => 'cn',
                                                                                            'ExternalAuthId' => 'sAMAccountName',
                                                                                            'Gecos' => 'sAMAccountName',
                                                                                            'WorkPhone' => 'telephoneNumber',
                                                                                            'Address1' => 'streetAddress',
                                                                                            'City' => 'l',
                                                                                            'State' => 'st',
                                                                                            'Zip' => 'postalCode',
                                                                                            'Country' => 'co'
                                                                                        }
                                                    }
                                }

Thanks for the help,

It is much appreciated I am quite new to all of this!

Andy





> Date: Thu, 3 Apr 2008 14:03:58 +0100
> From: mike.peachey at jennic.com
> To: andrew.fay at hotmail.co.uk; rt-users at lists.bestpractical.com
> Subject: Re: [rt-users] LDAP
> 
> andrew fay wrote:
> > Hi Mike,
> > 
> > I have installed the ExternalAuth extention,
> > 
> > I now get this error on trying to log in :
> > 
> > What do you think ?
> 
> It would appear that you haven't modified the ExternalSettings from the 
> default.
> 
> You need to remove the example MySQL configuration.
> 
> -- 
> Kind Regards,
> 
> __________________________________________________
> 
> Mike Peachey, IT
> Tel: +44 114 281 2655
> Fax: +44 114 281 2951
> Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
> Comp Reg No: 3191371 - Registered In England
> http://www.jennic.com
> __________________________________________________

_________________________________________________________________
Get Hotmail on your mobile. Text MSN to 63463 now!
http://mobile.uk.msn.com/pc/mail.aspx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20080403/4ebf5c76/attachment.htm>


More information about the rt-users mailing list