[rt-users] LDAP with AD RT:3.8.4 ExternalAuth
Beryl N. Snyder
BSnyder at tmcdesign.com
Mon Sep 21 11:48:30 EDT 2009
I am running RT 3.8.4 with the RT::Authen::ExternalAuth plugin. My
Request tracker server does not appear to be accessing the AD server
for login. If I run tcpdump I do not see a connection to the AD
server being attempted and the local logins still work. Is there another
config file I need to change? I would be grateful for any help.
The RT_SiteConfig.pm
Set($LogToSyslog,'debug');
# THE BASICS:
Set($rtname, 'support.example.org');
Set($Organization, 'example.org');
Set($CorrespondAddress , 'bsnyder at domain.com');
Set($CommentAddress , 'comment-test at domain.com');
Set($Timezone , 'US/Mountan'); # obviously choose what suits you
#LDAP
Set(@Plugins,qw(RT::Authen::ExternalAuth));
Set($ExternalAuthPriority, ['My_LDAP']);
Set($ExternalInfoPriority, ['My_LDAP']);
Set($ExternalSettings, {'My_LDAP' => {
## GENERIC SECTION
# The type of service (db/ldap/cookie)
'type' => 'ldap',
# The server hosting the service
'server' => '10.x.x.x', #Ip Addy is correct
## SERVICE-SPECIFIC SECTION
# If you can bind to your LDAP server anonymously you should
# remove the user and pass config lines, otherwise specify them here:
#
# The username RT should use to connect to the LDAP server
'user' => 'AD_Info\\LDAP',
'pass' => 'pass',
#
# The LDAP search base
'base' => 'ou=*,dc=DCinfo,dc=local',
#
# ALL FILTERS MUST BE VALID LDAP FILTERS ENCASED IN PARENTHESES!
# YOU **MUST** SPECIFY A filter AND A d_filter!!
#
# The filter to use to match RT-Users
'filter' => '(objectClass=*)',
# A catch-all example filter: '(objectClass=*)'
#
# The filter that will only match disabled users
'd_filter' => '(objectClass=FooBarBaz))',
# A catch-none example d_filter: '(objectClass=FooBarBaz)'
#
# Should we try to use TLS to encrypt connections?
'tls' => 0,
# SSL Version to provide to Net::SSLeay *if* using SSL
'ssl_version' => 3,
# What other args should I pass to Net::LDAP->new($host, at args)?
'net_ldap_args' => [ version => 3 ],
'attr_match_list' => [ 'Name','EmailAddress'],
# The mapping of RT attributes on to LDAP attributes
'attr_map' => { 'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
}
}
}
);
Set($DatabaseType, 'mysql'); # e.g. Pg or mysql
Set($DatabaseUser , 'rtuser');
Set($DatabasePassword , 'password');
Set($DatabaseName , 'rt3'); # Ensure this is set to rt3!
Set($WebPath , "/rt");
Set($WebBaseURL , "http://support.example.org");
Set(@Plugins,qw(RT::FM));
1;
Syslog
Sep 18 16:03:49 RequstTracker RT: FAILED LOGIN for testuser from
10.50.1.192 (/opt/rt3/share/html/autohandler:268)
Sep 18 16:04:17 RequstTracker RT: You've enabled GD, but we couldn't
load the module: Can't locate GD.pm in @INC (@INC contains:
/opt/rt3/bin/../local/lib /opt/rt3/local/plugins/RT-FM/lib
/opt/rt3/bin/../lib /etc/perl /usr/local/lib/perl/5.10.0
/usr/local/share/perl/5.10.0 /usr/lib/perl5 /usr/share/perl5
/usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl .
/etc/apache2) at /opt/rt3/bin/../lib/RT/Config.pm line 365.
Sep 18 16:04:17 RequstTracker RT: You've enabled GraphViz, but we
couldn't load the module: Can't locate GraphViz.pm in @INC (@INC
contains: /opt/rt3/bin/../local/lib /opt/rt3/local/plugins/RT-FM/lib
/opt/rt3/bin/../lib /etc/perl /usr/local/lib/perl/5.10.0
/usr/local/share/perl/5.10.0 /usr/lib/perl5 /usr/share/perl5
/usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl .
/etc/apache2) at /opt/rt3/bin/../lib/RT/Config.pm line 352.
Sep 18 16:04:17 RequstTracker RT: RT's GnuPG libraries couldn't
successfully read your configured GnuPG home directory
(/opt/rt3/var/data/gpg). PGP support has been disabled
Beryl Snyder
IT Specialist
TMC Design Corporation
4325 Del Rey BLVD
Las Cruces, NM 88012
Phone: 575-382-4600
Fax: 575-523-8588
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20090921/ccc702e8/attachment.htm>
More information about the rt-users
mailing list