[rt-users] Error with RT::Authen::ExtenalAuth against Active Directory W2k3

Max León mleon at wirewatchers.com
Thu Mar 26 13:32:53 EDT 2009


Thanks for the clarification, now is crystal clear.

Now, I did what you asked me to and well, that the error went away but I
have a new one.
Here it is what the browser displays:
Can't call method "as_string" on an undefined value at
/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
line 398, line 514.

While the RT log shows:[Thu Mar 26 17:27:19 2009] [debug]: Attempting to use
external auth service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)

[Thu Mar 26 17:27:19 2009] [debug]: Calling UserExists with $username
(max.leon) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105)

[Thu Mar 26 17:27:19 2009] [debug]: UserExists
params:

username: max.leon , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)

[Thu Mar 26 17:27:19 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(objectClass=Person)(sAMAccountName=max.leon)) == Attrs:
l,cn,st,mail,sAMAccountName,co,streetAddress,postalCode,telephoneNumber,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)

[Thu Mar 26 17:27:19 2009] [debug]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by RT::User
/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/User_Vendor.pm 20 with:
Disabled: 0, EmailAddress: , Gecos: max.leon, Name: max.leon, Privileged: 0
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:450)

[Thu Mar 26 17:27:19 2009] [debug]: Attempting to get user info using this
external service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:458)

[Thu Mar 26 17:27:19 2009] [debug]: Attempting to use this canonicalization
key: Name
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:472)

[Thu Mar 26 17:27:19 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(objectClass=Person)(sAMAccountName=max.leon)) == Attrs:
l,cn,st,mail,sAMAccountName,co,streetAddress,postalCode,telephoneNumber,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:195)

[Thu Mar 26 17:27:19 2009] [info]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Address1: , City: ,
Country: , Disabled: 0, EmailAddress: max.leon at digitalarbor.com,
ExternalAuthId: max.leon, Gecos: max.leon, Name: max.leon, Organization: ,
Privileged: 0, RealName: Max Leon, State: , WorkPhone: 83646261, Zip:
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536)

[Thu Mar 26 17:27:19 2009] [debug]: About to think about scrips for
transaction #31
(/opt/rt3/bin/../lib/RT/Transaction_Overlay.pm:163)

[Thu Mar 26 17:27:19 2009] [debug]: About to think about scrips for
transaction #32
(/opt/rt3/bin/../lib/RT/Transaction_Overlay.pm:163)

[Thu Mar 26 17:27:19 2009] [info]: Autocreated external user max.leon ( 28 )
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:132)

[Thu Mar 26 17:27:19 2009] [debug]: Loading new user ( max.leon ) into
current session
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:138)
[Thu Mar 26 17:27:19 2009] [debug]: Password validation required for service
- Executing...
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:155)
[Thu Mar 26 17:27:19 2009] [debug]: Trying external auth service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:16)
[Thu Mar 26 17:27:19 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(sAMAccountName=max.leon)(objectClass=Person)) == Attrs: dn
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:43)
[Thu Mar 26 17:27:19 2009] [debug]: Found LDAP DN: CN=Max
Leon,CN=Users,DC=cr,DC=digitalarbor,DC=com
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:75)
[Thu Mar 26 17:27:19 2009] [info]: RT::Authen::ExternalAuth::LDAP::GetAuth
External Auth OK ( My_LDAP ): max.leon
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:139)
[Thu Mar 26 17:27:19 2009] [debug]: LDAP password validation result: 1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:334)
[Thu Mar 26 17:27:19 2009] [debug]: Password Validation Check Result:  1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:159)
[Thu Mar 26 17:27:19 2009] [debug]: Authentication successful. Now updating
user information and attempting login.
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:179)
[Thu Mar 26 17:27:19 2009] [debug]: UserExists params:
username: max.leon , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)
[Thu Mar 26 17:27:19 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(objectClass=Person)(sAMAccountName=max.leon)) == Attrs:
l,cn,st,mail,sAMAccountName,co,streetAddress,postalCode,telephoneNumber,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)
[Thu Mar 26 17:27:19 2009] [debug]: UserExists params:
username: max.leon , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)
[Thu Mar 26 17:27:19 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(objectClass=Person)(sAMAccountName=max.leon)) == Attrs:
l,cn,st,mail,sAMAccountName,co,streetAddress,postalCode,telephoneNumber,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)

For what I can make out of this log, everything went well but I cannot
access RT, something that gets my attention is the fact that the LDAP Search
occurs more than once  but not sure if that is correct.

Thanks again for your advise.

On Thu, Mar 26, 2009 at 10:52 AM, Nick Kartsioukas <
change+lists.rt at nightwind.net <change%2Blists.rt at nightwind.net>> wrote:

> On Thu, 26 Mar 2009 10:18:14 -0600, "Max León" <mleon at wirewatchers.com>
> said:
> > Thanks for your reply, I'll try that right away, but I might have
> > misunderstood the concept here.  Isn't possible to keep both
> authentication
> > methods at the same time, check DB and if fails go to the AD?
> > I mean, that will be heaven so you can deal with customers both internal
> > and external.
>
> I think you might be misunderstanding what the "DB" portion of
> ExternalAuth does.  It does not utilize RT's internal authentication
> which looks up users in RT's database, it allows you to look up
> authentication information in a different SQL database.  With
> ExternalAuth, if you only have LDAP configured and the LDAP auth lookup
> fails then RT will fall back on its internal authentication and look up
> internal users.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20090326/60aafbf1/attachment.htm>


More information about the rt-users mailing list