[rt-users] RT authing off of LDAP

Mike Peachey mike.peachey at jennic.com
Wed Mar 26 12:58:21 EDT 2008 

Louis Bohm wrote:
> I am currently running RT 3.6.6 on Centos 5.0 and I want RT to authorize
> users from an LDAP directory (specifically sun one directory).  I have tried
> the different methods listed on the LDAP wiki page with little success.  The
> Overly method seems to give the "best" response.  When using it I get the
> error: [warning]: Transaction->Create couldn't, as you didn't specify an
> object type and id (/apps/rt3/lib/RT/Record.pm:1488) when I try to login as
> a user who does not exist locally in RT.  If I create the user in RT (just
> the user name.  No password or anything else.) I can see in the RT logs it
> contacting my ldap server and pulling down all the user info for that user.
> I can then login to RT as root and see this info in the users config.  But
> that user still cannot login because of a auth failure.
> 
> Does anyone have any ideas how I can try to fix this???


You will need to set logging level to debug and work through it. There 
are a number of places where you can go wrong here and you don't always 
get decent debug messages about it.. often it's a simple config error, 
but you may need to add your own debug messages to the overlay to find 
out what's happening.

The most common mistake with this is to not specify an LDAP filter 
because you don't want to filter the results. If that is the case you 
will need to specify (objectClass=*) as your LDAP filter.

Also, when did you last look at the LDAP page 
(http://wiki.bestpractical.com/view/LDAP)?

I updated it yesterday to take account of the new extension I have added 
to CPAN for external authentication which includes a rewrite of the LDAP 
User_Local overlay with more debugging statements and better code 
commenting as well as the ability to use multiple and/or separate 
sources for authentication and information as well as DBI supported 
sources such as SQL databases.

Just a thought.
--
Kind Regards,

___________________________________________________

Mike Peachey, IT
Tel: +44 (0) 114 281 2655
Fax: +44 (0) 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT,  UK
http://www.jennic.com
Confidential
___________________________________________________

More information about the rt-users mailing list