[rt-users] RT::Authen::ExternalAuth problem
Mike Peachey
mike.peachey at jennic.com
Sat Sep 20 15:51:49 EDT 2008
I can see two things worth pointing out here.. but there may be more and
so it might be worth providing me/us with your full RT_SiteConfig.pm
(sanitised of course).
>
> Sep 19 15:24:47 rt RT: RT::User::_GetBoundLdapObj Can't bind: LDAP_INVALID_CREDENTIALS 49 (/opt/rt3/local/lib/RT/User_Vendor.pm:1056)
This means one of three things:
1. You have specified a user and pass for LDAP in the configuration that
is not valid.
2. AD is somehow configured to only allow search by anonymous bind.
2. This *can* be caused by certain versions of Perl Net::LDAP - what
version do you have?
>
> So I'm presuming I have either incorrectly defined my my 'base', my
> 'filter' my 'd_filter', or my 'group'.
>
>
> [...]
>
> 'base' => 'ou=Users,ou=ABC,dc=abcsystems,dc=com',
> 'filter' => '(objectclass=Person)',
> 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
> 'group' => 'Request Tracker Users',
>
> [...]
An LDAP group is a container like anything else, so you will almost
certainly need to specify the full container like this:
'group' => 'cn=Request Tracker Users,ou=Groups,ou=ABC,dc=abcsystems,dc=com'
As I said, it would be easier to see with the full config.
--
Kind Regards,
__________________________________________________
Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com
__________________________________________________
More information about the rt-users
mailing list