[rt-users] Ldap Authentication setup question

Kevin Falcone falcone at bestpractical.com
Wed Oct 22 20:54:36 EDT 2008


On Oct 22, 2008, at 5:20 PM, Michael Mollard wrote:

> Before I installed v .06 I 'rm-Rf /srv/www/vhosts/rt.mbc.qld.edu.au/ 
> local/plugins/RT-Authen-ExternalAuth', then did a full install of  
> the module.
> But just to be certain, I removed the 2 files you mentioned, and  
> then did a complete re-install of the RT-Authen-ExternalAuth module.

The bug was it installed into plugins AND local rather than just  
plugins/

> Same error in rt.log file.
> Same error in browser, except different line number:
> Can't call method "Disabled" on an undefined value at /srv/www/ 
> vhosts/rt.mbc.qld.edu.au/bin/../lib/RT/User_Overlay.pm line 971.

That is new and exciting.
Try turning on LogStackTraces in your config so we can see what is  
calling IsPassword
incorrectly.

-kevin

>>>> Kevin Falcone <falcone at bestpractical.com> 23/10/2008 9:46 am >>>
>
> On Oct 22, 2008, at 4:10 PM, Michael Mollard wrote:
>
>> Thanks for the assistance.
>> I have downloaded and installed the latest version of RT-Authen-
>> ExternalAuth-0.06_02, with RT 3.8.1(latest)
>> I seem to have gotten a step further, but still have some issues.
>>
>> When I try and authenticate with an ldap account, my browser reports:
>> "Can't call method "Disabled" on an undefined value at /srv/www/
>> vhosts/rt.mbc.qld.edu.au/bin/../local/lib/RT/User_Vendor.pm line
>> 351, line 273."
>
> I assume you previously installed 0.05?
> You should go delete /srv/www/vhosts/rt.mbc.qld.au/local/lib/RT/
> User_vendor.pm and RT/Authen/ExternalAuth.pm
>
> 0.05 had a bug where .pm files were being double installed
>
> 0.06_02 contains a patch for this bug
>
> -kevin
>
>>
>>
>> and my ./var/log/rt.log says:
>> [Thu Oct 23 00:11:07 2008] [warning]: Transaction->Create couldn't,
>> as you didn't specify an object type and id (/srv/www/vhosts/
>> rt.mbc.qld.edu.au/bin/../lib/RT/Record.pm:1439)
>> [Thu Oct 23 00:11:07 2008] [error]: Couldn't get principal for not
>> loaded object (/srv/www/vhosts/rt.mbc.qld.edu.au/bin/../lib/RT/
>> User_Overlay.pm:1113)
>>
>> It seems to be connectiong to my ldap, (which was more than it was
>> doing) but fails soon after.  Am I missing something?
>>
>> Here is my RT_Siteconfig.pm
>>
>> Set( $rtname, 'mbc.qld.edu.au');
>> Set($LogToSyslog    , 'debug');
>> Set($LogToScreen    , 'debug');
>> Set($LogToFile      , 'debug');
>> Set($LogDir, 'var/log');
>> Set($LogToFileNamed , "rt.log");    #log to rt.log
>>
>> #Set(@Plugins,(qw(Extension::QuickDelete)));
>> Set( @Plugins, qw(RT::Authen::ExternalAuth) );
>> Set($ExternalAuthPriority,  [ 'My_LDAP' ] );
>> Set($ExternalInfoPriority,  [ 'My_LDAP' ] );
>> Set($ExternalServiceUsesSSLorTLS,    0);
>> Set($AutoCreateNonExternalUsers,    0);
>> Set($ExternalSettings,      {   'My_LDAP'       =>  {
>>
>> 'type'                      =>  'ldap',
>>
>> 'auth'                      =>  1,
>>
>> 'info'                      =>  1,
>>
>> 'server'                    =>  'ldap.mbc.qld.edu.au',
>>
>> #'user'                     =>  'ldaphelpdesk',
>>
>> #'pass'                     =>  'rt_ldap_password',
>>
>> 'base'                      =>  'ou=lab,o=mbc',
>>
>> 'filter'                    =>  '(objectClass=inetOrgPerson)',
>>
>> #'d_filter'                  =>  '(FILTER_STRING)',
>>
>> 'tls'                       =>  0,
>>
>> 'net_ldap_args'             => [    version =>  3   ],
>>
>> 'group'                     =>  'cn=GRP_Staff,ou=lab,o=mbc',
>>
>> 'group_attr'                =>  'groupMembership',
>>
>> 'attr_match_list'           => [    'Name',
>>                                                                                           'EmailAddress
>> ',
>>                                                                                           #'RealName
>> ',
>>                                                                                           #'WorkPhone
>> ',
>>                                                                                           #'Address2
>> '
>>                                                                                      ],
>>
>> 'attr_map'                  =>  {   'Name' => 'cn',
>>                                                                                           'EmailAddress
>> ' => 'mail',
>>                                                                                           'Organization
>> ' => 'l',
>>                                                                                           'RealName
>> ' => 'cn',
>>                                                                                           #'ExternalAuthId
>> ' => 'sAMAccountName',
>>                                                                                           #'Gecos
>> ' => 'sAMAccountName',
>>                                                                                           'WorkPhone
>> ' => 'telephoneNumber',
>>                                                                                           'Address1
>> ' => 'streetAddress',
>>                                                                                           'City
>> ' => 'l',
>>                                                                                           'State
>> ' => 'st',
>>                                                                                           'Zip
>> ' => 'postalCode',
>>                                                                                           'Country
>> ' => 'co'
>>                                                                                       }
>>                                                   }
>>                               }
>> );
>> 1;
>>
>>
>> Thanks.
>> Michael.
>>
>>
>>
>>
>>
>>
>>
>> Michael Mollard
>> Network Administrator
>> Moreton Bay College
>> mollardm at mbc.qld.edu.au
>> http://www.mbc.qld.edu.au
>> Ph: (Direct) 07 3907 5712 / (Mob) 0417 631 801
>> Fax: 07 3390 8919 ( http://www.mbc.qld.edu.au )
>>
>>
>>>>> Mike Peachey <mike.peachey at jennic.com> 23/10/2008 12:43 am >>>
>> Michael Mollard wrote:
>>> Hi all,
>>> I'm an RT newbie, so be gentle with me.
>>>
>>> I have setup a functioning RT system (on SLES10sp2)
>>
>> What version of RT?
>>
>>> I have installed the RT::Authen::ExternalAuth 0.5.  This creates a <
>>> $RT_HOME>/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm
>>> I have edited that file with the correct site-specific ldap stuff.
>>>
>>> Now, what do I need to add to my <$RT_Home>/etc/RT_SiteConfig.pm to
>>> activate the LDAP stuff?  Are there any other changes needed?
>>
>> The file
>> $RTHOME/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm is
>> not
>> part of the installation, it simply contains examples for you to  
>> paste
>> into your $RTHOME/etc/RT_SiteConfig.pm file.
>>
>> You can alternatively choose to put a line in your RT_SiteConfig to
>> "include" the example file instead of just copying the lines out of
>> it.
>>
>>> The wiki articles (http://wiki.bestpractical.com/view/ExternalAuth)
>>> are helpful to a point, but the Post-Install section (which is
>>> apparently the crux of the setup) is too vague for an RT newbie.
>>
>> I've just read it again and the instructions seem fairly clear. If  
>> you
>> can advise what is confusing to you, perhaps we can make it better.
>>
>> If you are using RT 3.8.x then I recommend using this ExternalAuth
>> 0.06_002 instead of 0.05 as it is a pre-release candidate for RT3.8
>> compatibility. 0.05 was written before 3.8 came out and so requires
>> tweaking before it will work properly with 3.8 and later.
>>
>> You can get it here:
>> http://www.cpan.org/authors/id/F/FA/FALCONE/RT-Authen-ExternalAuth-0.06_02.tar.gz
>>
>> -- 
>> Kind Regards,
>>
>> __________________________________________________
>>
>> Mike Peachey, IT
>> Tel: +44 114 281 2655
>> Fax: +44 114 281 2951
>> Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
>> Comp Reg No: 3191371 - Registered In England
>> http://www.jennic.com
>> __________________________________________________
>>
>> --------------------------------------------------------------------------------
>> Disclaimer: Whilst every attempt has been made to ensure that
>> material contained in this email is free from computer viruses or
>> other defects, the attached files are provided, and may only be
>> used, on the basis that the user assumes all responsibility for use
>> of the material transmitted. This email is intended only for the use
>> of the individual or entity names above and may contain information
>> that is confidential and privileged. If you are not the intended
>> recipient, please note that any dissemination, distribution or
>> copying of this email is strictly prohibited. If you have received
>> this email in error, please notify us immediately by return email or
>> telephone 07 3390 8555 and destroy the original message. The
>> contents of this message are provided without responsibility in law
>> for their accuracy or otherwise, and without assumption of a duty of
>> care by the School.
>> --------------------------------------------------------------------------------
>> _______________________________________________
>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>>
>> Community help: http://wiki.bestpractical.com
>> Commercial support: sales at bestpractical.com
>>
>>
>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
>> Buy a copy at http://rtbook.bestpractical.com
>>
>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales at bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
>
> --------------------------------------------------------------------------------
> Disclaimer: Whilst every attempt has been made to ensure that  
> material contained in this email is free from computer viruses or  
> other defects, the attached files are provided, and may only be  
> used, on the basis that the user assumes all responsibility for use  
> of the material transmitted. This email is intended only for the use  
> of the individual or entity names above and may contain information  
> that is confidential and privileged. If you are not the intended  
> recipient, please note that any dissemination, distribution or  
> copying of this email is strictly prohibited. If you have received  
> this email in error, please notify us immediately by return email or  
> telephone 07 3390 8555 and destroy the original message. The  
> contents of this message are provided without responsibility in law  
> for their accuracy or otherwise, and without assumption of a duty of  
> care by the School.
> --------------------------------------------------------------------------------
>




More information about the rt-users mailing list