[rt-users] Jim Meyer's LDAP Authentication user_local.pm ldap_overlay contribution in 3.8

Helmuth Ramirez HelmuthRamirez at compupay.com
Wed Aug 13 13:18:23 EDT 2008



-----Original Message-----
From: Mike Peachey [mailto:mike.peachey at jennic.com] 
Sent: Wednesday, August 13, 2008 4:17 AM
To: Helmuth Ramirez
Cc: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] Jim Meyer's LDAP Authentication user_local.pm
ldap_overlay contribution in 3.8

Helmuth Ramirez wrote:
> Hi everyone, we (me) are in the process of migrating our server to new

> hardware.  I want to take advantage and upgrade to 3.8 (from 3.6).  We

> currently use Jim Meyer's User_Local.pm, LDAP Overlay (not sure what
its 
> official name is).  Anyway, I installed 3.8 on the new box, RT is up
and 
> running and imported my ldap users using the import script.  I copied
my 
> ldap_overlay files and settings over to the new installation.  I
cannot 
> get it to work though.  I'm not sure if I'm doing something wrong, or
if 
> 3.8 handles this function differently and I should be using something 
> else or modifying my existing settings.
> 
> any input is appreciated.

As yet there is no proper solution. Jim Meyer's solution has been 
deprecated by my ExternalAuth extension, however I am so desperately 
overloaded at work at the moment I haven't had time to make it 
compatible with 3.8 (I am the sole member of IT for a silicon-design 
company of over 100 staff).

If it helps, this is what Espen Wiborg had to say about it when trying 
to get ExternalAuth fully functional in 3.8:

************************************************************************
********
Autocreation works if you copy
local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohan
dler/Auth
to local/html/Callbacks/ExternalAuth/autohandler/Auth and apply the
following patch to User_Vendor.pm:

--- local/lib/RT/User_Vendor.pm~	2008-04-09 10:40:44.000000000
+0200
+++ ./local/lib/RT/User_Vendor.pm	2008-08-04 17:46:32.000000000
+0200
@@ -348,7 +348,7 @@
          return (undef);
      }

-    if ( $self->PrincipalObj->Disabled ) {
+    if ( $self->PrincipalObj and $self->PrincipalObj->Disabled ) {
          $RT::Logger->info("Disabled user " . $self->Name .
                            " tried to log in" );
          return (undef);

At least I got it to work, and I think those were the only two changes I
made.

************************************************************************
********
-- 
Kind Regards,

__________________________________________________

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com
__________________________________________________

Thanks Mike,
I managed to get the ExternalAuth working :) using the wiki and some
archives from the list.  Surprisingly I didn't have to perform the step
above.  

Here is what I did for anyone else who has trouble with LDAP on 3.8

Installed External Auth via CPAN per wiki
http://wiki.bestpractical.com/view/ExternalAuth
Had to perform a "force" install since it said it couldn't find RT (even
though I had it:)

Per thread
http://www.gossamer-threads.com/lists/rt/users/77139?search_string=ldap%
203.8;#77139 
Installed perl-LDAP rpm and inserted the following line into my
RT_SiteConfig.pm

require
"/opt/rt3/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm";

Note: there is a typo in the thread, it is missing the second hyphen in
the "RT-Authen-ExternalAuth" line.

Per thread
http://www.mail-archive.com/rt-users@lists.bestpractical.com/msg12519.ht
ml 
Removed (deleted the lines) extraneous "my_mysql" references and only
left "my_ldap". 
Removed extraneous group information referencing "group_attr" and
"group_name"
Don't forget to put in the right "d_filter" for terminated employees
(mentioned in above thread).

Restarted Apache and I was able to login!  Thank you very much!

Now if I can only get that pesky db migrated over...different thread. :)

Cheers!





More information about the rt-users mailing list