[rt-users] LDAP Authentication Problems

Lloyd Hughes lhughes at zeugmasystems.com
Tue Jun 24 15:16:46 EDT 2008


I'm using Mike Peachey's RT-Authen-External installed via c-pan but am 
unable to login. I'm running RT3 v 3.6.5

>From my log file it appears that sAMAccountName is not getting set, or 
the user's login name is not being passed to RT-Authen-External.

My log:
[Fri Jun 20 20:57:11 2008] [debug]: RT::User::IsExternalPassword Trying External authentication (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:52)
[Fri Jun 20 20:57:11 2008] [debug]: Attempting to use external auth service: My_LDAP (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:63)
[Fri Jun 20 20:57:11 2008] [debug]: LDAP Search ===  Base: DC=ZeugmaSystems,dc=local  == Filter: (&(*sAMAccountName=*)(objectclass=Person)) == Attrs: dn 
(/usr/local/lib/rt3/lib/RT/User_Vendor.pm:185)
[Fri Jun 20 20:57:11 2008] [info]: My_LDAP AUTH FAILED:  User not found or more than one user found (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:208)
[Fri Jun 20 20:57:11 2008] [info]: RT::User::IsExternalPassword External Auth Failed:  (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:294)
[Fri Jun 20 20:57:11 2008] [debug]: RT::User::IsPassword External auth FAILED (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:360)
[Fri Jun 20 20:57:11 2008] [info]: RT::User::IsInternalPassword AUTH FAILED (no passwd):  (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:305)
[Fri Jun 20 20:57:11 2008] [debug]: RT::User::IsPassword Internal auth FAILED (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:366)


My configuration in RT-SiteConfig.pm is as follows

### LDAP Settings
#
Set($ExternalAuthPriority,  [   'My_LDAP'
                           ]
);
Set($ExternalInfoPriority,  [   'My_LDAP'
                           ]
);
Set($ExternalServiceUsesSSLorTLS,    0);
Set($AutoCreateNonExternalUsers,    0);
Set($ExternalSettings,      {   # AN EXAMPLE LDAP SERVICE
                               'My_LDAP'       =>  {   ## GENERIC SECTION
                                                        
'type'                      =>  'ldap',
                                                        
'auth'                      =>  1,
                                                        
'info'                      =>  1,
                                                        
'server'                    =>  'exchange.zeugmasystems.local',
                                                        
'base'                      =>  'DC=ZeugmaSystems,dc=local ',
                                                        
'filter'                    =>  '(objectclass=Person)',
                                                        'd_filter' => 
'(userAccountControl:1.2.840.113556.1.4.803:=2)',
                                                        
'tls'                       =>  0,
                                                        
'net_ldap_args'             => [    version =>  3   ],
                                                        
'attr_match_list'           => [    'Name',
                                                                                           
'EmailAddress',
                                                                                           
'RealName',
                                                                                           
'WorkPhone',
                                                                                           
'Address2'
                                                                                       
],
                                                        
'attr_map'                  =>  {   'Name' => 'sAMAccountName',
                                                                                           
'EmailAddress' => 'mail',
                                                                                           
'Organization' => 'physicalDeliveryOfficeName',
                                                                                           
'RealName' => 'cn',
                                                                                           
'ExternalAuthId' => 'sAMAccountName',
                                                                                           
'Gecos' => 'sAMAccountName',
                                                                                           
'WorkPhone' => 'telephoneNumber',
                                                                                           
'Address1' => 'streetAddress',
                                                                                           
'City' => 'l',
                                                                                           
'State' => 'st',
                                                                                           
'Zip' => 'postalCode',
                                                                                           
'Country' => 'co'
                                                                                       
}
                                                   }
                               }
);

Thanks in advanced

Lloyd Hughes






More information about the rt-users mailing list