[rt-users] RT 3.8 Active Directory integration and single sign-on

Eugene M. Evans EMEvans at heapy.com
Fri Aug 6 23:00:47 EDT 2010


I've tried many things today and still don't have Auth::ExternalAuth
working.  Could it be because RT's time is not synched with the Active
Directory server?  The time RT reports in its log is hours ahead of the
system time on the host.  The system is running NTP and matches the time
on the AD server.  I don't know why RT wouldn't be using the system
time.  The timezone is set correctly in RT_SiteConfig.pm >>>
Set($Timezone , 'US/Eastern');
 
The log lines below were all created before 10pm on Friday, August the
6th.  If anyone has any ideas about the time difference or the inability
to log into RT using a valid AD account, I'm all ears.
 
************************************************************************
**************
***                                  /opt/rt3/var/log/rt.log
***
************************************************************************
**************
 
[Sat Aug  7 01:42:51 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 01:42:51 2010] [debug]: Attempting to use external auth
service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 01:42:51 2010] [debug]: Calling UserExists with $username
(ldap) and $service (Heapy_AD_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 01:42:51 2010] [debug]: UserExists params:
username: ldap , service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 01:42:51 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 01:42:51 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 01:42:51 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 01:43:00 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 01:43:00 2010] [debug]: Attempting to use external auth
service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 01:43:00 2010] [debug]: Calling UserExists with $username
(hhadmin) and $service (Heapy_AD_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 01:43:00 2010] [debug]: UserExists params:
username: hhadmin , service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 01:43:00 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 01:43:00 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 01:43:00 2010] [error]: FAILED LOGIN for hhadmin from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 01:43:08 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 01:43:08 2010] [debug]: Attempting to use external auth
service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 01:43:08 2010] [debug]: Calling UserExists with $username
(hhadmin) and $service (Heapy_AD_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 01:43:08 2010] [debug]: UserExists params:
username: hhadmin , service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 01:43:08 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 01:43:08 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 01:43:08 2010] [error]: FAILED LOGIN for hhadmin from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 01:53:14 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 01:53:14 2010] [debug]: Attempting to use external auth
service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 01:53:14 2010] [debug]: SSO Failed and no user to test with.
Nexting
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:92)
[Sat Aug  7 01:53:14 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 01:53:20 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 01:53:20 2010] [debug]: Attempting to use external auth
service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 01:53:20 2010] [debug]: Calling UserExists with $username
(ldap) and $service (Heapy_AD_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 01:53:20 2010] [debug]: UserExists params:
username: ldap , service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 01:53:20 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj : Cannot connect to
dayxchng0.heapy.local
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:437)
[Sat Aug  7 01:53:20 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 01:53:20 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:00:46 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:00:46 2010] [debug]: Attempting to use external auth
service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:00:46 2010] [debug]: Calling UserExists with $username
(ldap) and $service (Heapy_AD_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:00:46 2010] [debug]: UserExists params:
username: ldap , service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:00:46 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj : Cannot connect to
dayxchng0.heapy.local
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:437)
[Sat Aug  7 02:00:46 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:00:46 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:00:51 2010] [debug]: Attempting to use external auth
service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:00:51 2010] [debug]: Calling UserExists with $username
(ldap) and $service (Heapy_AD_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:00:51 2010] [debug]: UserExists params:
username: ldap , service: Heapy_AD_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:00:51 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj : Cannot connect to
dayxchng0.heapy.local
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:437)
[Sat Aug  7 02:00:51 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:00:51 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:01:08 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:01:08 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:01:08 2010] [debug]: Calling UserExists with $username
(ldap) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:01:08 2010] [debug]: UserExists params:
username: ldap , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:01:08 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:01:08 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:01:08 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:01:59 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:01:59 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:01:59 2010] [debug]: Calling UserExists with $username
(ldap) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:01:59 2010] [debug]: UserExists params:
username: ldap , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:01:59 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:01:59 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:01:59 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:02:02 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:02:02 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:02:02 2010] [debug]: Calling UserExists with $username
(ldap) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:02:02 2010] [debug]: UserExists params:
username: ldap , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:02:03 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:02:03 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:02:03 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:02:35 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:02:35 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:02:35 2010] [debug]: Calling UserExists with $username
(ldap) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:02:35 2010] [debug]: UserExists params:
username: ldap , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:02:35 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:02:35 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:02:35 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:02:38 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:02:38 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:02:38 2010] [debug]: Calling UserExists with $username
(ldap) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:02:38 2010] [debug]: UserExists params:
username: ldap , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:02:38 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:02:38 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:02:38 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:02:55 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:02:55 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:02:55 2010] [debug]: SSO Failed and no user to test with.
Nexting
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:92)
[Sat Aug  7 02:02:55 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:03:01 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:03:01 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:03:01 2010] [debug]: Calling UserExists with $username
(ldap) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:03:01 2010] [debug]: UserExists params:
username: ldap , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:03:01 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:03:01 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:03:01 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:04:08 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:04:08 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:04:08 2010] [debug]: Calling UserExists with $username
(hhadmin) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:04:08 2010] [debug]: UserExists params:
username: hhadmin , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:04:08 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:04:08 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:04:08 2010] [error]: FAILED LOGIN for hhadmin from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:04:16 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:04:16 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:04:16 2010] [debug]: Calling UserExists with $username
(hhadmin) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:04:16 2010] [debug]: UserExists params:
username: hhadmin , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:04:16 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:04:16 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:04:16 2010] [error]: FAILED LOGIN for hhadmin from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:04:28 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:04:28 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:04:28 2010] [debug]: Calling UserExists with $username
(emevans) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:04:28 2010] [debug]: UserExists params:
username: emevans , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:04:28 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:04:28 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:04:28 2010] [error]: FAILED LOGIN for emevans from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:08:17 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:08:17 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:08:17 2010] [debug]: SSO Failed and no user to test with.
Nexting
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:92)
[Sat Aug  7 02:08:17 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:08:22 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:08:22 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:08:22 2010] [debug]: Calling UserExists with $username
(ldap) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:08:22 2010] [debug]: UserExists params:
username: ldap , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:08:22 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:08:22 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:08:22 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
[Sat Aug  7 02:26:43 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:26:43 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:26:43 2010] [debug]: SSO Failed and no user to test with.
Nexting
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:92)
[Sat Aug  7 02:26:43 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:26:51 2010] [debug]: Reloading RT::User to work around a
bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:14)
[Sat Aug  7 02:26:51 2010] [debug]: Attempting to use external auth
service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:64)
[Sat Aug  7 02:26:51 2010] [debug]: Calling UserExists with $username
(ldap) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:105)
[Sat Aug  7 02:26:51 2010] [debug]: UserExists params:
username: ldap , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:274)
[Sat Aug  7 02:26:51 2010] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h/LDAP.pm:467)
[Sat Aug  7 02:26:51 2010] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:26)
[Sat Aug  7 02:26:51 2010] [error]: FAILED LOGIN for ldap from
172.16.17.174 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
 
************************************************************************
**************
***                         /opt/rt3/etc/RT_SiteConfig.pm
***
************************************************************************
**************
 
######################
# Custom Site Config #
######################
 
Set($rtname , "XXX.XXX.XXX");
Set($Organization , "XXX.XXX");
Set($MinimumPasswordLength , "0");
Set($Timezone , 'US/Eastern');
 
Set(@Plugins, qw(
                        RT::Authen::ExternalAuth
                 ));
 
Set($HomepageComponents, [qw(
                             QuickCreate
                             Quicksearch
                             MyAdminQueues
                             MySupportQueues
                             MyReminders
                             RefreshHomepage
                             Dashboards
                            )]);
 
Set($DatabaseType , 'mysql');
Set($DatabaseHost   , 'localhost');
Set($DatabaseRTHost , 'localhost');
Set($DatabasePort , '');
Set($DatabaseUser , 'local');
Set($DatabasePassword , 'XXXXXXX');
Set($DatabaseName , 'XXXXXX');
 
# OwnerEmail is the account that will manage RT.
# In this case hhadmin.  Hhadmin's email is forwarded to
# the email address specified in the Postfix aliases
# file.
Set($OwnerEmail , 'hhadmin');
Set($LoopsToRTOwner , 1);
 
Set($SendmailPath , "/usr/lib/sendmail.postfix");
Set($SendmailArguments , "-oi -t -f support\@hpyhdesk.heapy.local");
 
Set($MaxAttachmentSize , 5000000);
 
Set($RTAddressRegexp , '^rt\@hpyhdesk.heapy.local$');
Set($CorrespondAddress , 'no-reply at hpyhdesk.heapy.local');
Set($CommentAddress , 'no-reply at hpyhdesk.heapy.local');
 
Set($UseFriendlyFromLine , 1);
Set($FriendlyFromLineFormat , "\"%s\" <%s>");
Set($UseFriendlyToLine , 1);
Set($FriendlyToLineFormat, "\"%s Ticket #%s\":;");
 
Set($NotifyActor, 0);
Set($RecordOutgoingEmail, 1);
 
Set($WebPath , "/ticket");
Set($WebPort , 80);
Set($WebBaseURL , "http://hpyhdesk.heapy.local");
Set($WebURL , $WebBaseURL . $WebPath . "/");
 
# The following two lines support single sign-on.
# Tell RT to trust the webserver to handle
# authentication.
# They are commented out since they are said to conflict with the
ExternalAuth extension.
# See http://wiki.bestpractical.com/view/ExternalAuth.
# Set($WebExternalAuth, 3);
# If the webserver hands RT a user RT is not
# familiar with, RT should just go ahead and
# create an account.
#Set($WebExternalAuto, 1);
 
Set($MessageBoxWidth , 72);
Set($MessageBoxWrap, "HARD");
 
Set($MaxInlineBody, 13456);
Set($DefaultSummaryRows, 10);
 
Set($OldestTransactionsFirst, '1');
Set($ShowTransactionImages, 1);
 
Set($DateDayBeforeMonth , 0);
Set($AmbiguousDayInPast , 1);
 
Set($LogToSyslog, '' ) ;             # disable syslog
Set($LogToFile, 'debug' ) ;          # set file logging to include
everything
Set($LogDir, '/opt/rt3/var/log' ) ;  # path to log
Set($LogToFileNamed , 'rt.log') ;   # logfile name
 
# Include the configuration for the ExternalAuth extension.
# ExternalAuth only adds to the available authentication mechanisms.  It
does
# not replace RT's own.  Ao, authentication happens in this order:
#   1. ExternalAuth
#   2. RT-Internal
# And you can have as many ExternalAuth sources as you wish.
# ExternalAuth cannot add a user to any internal RT groups.  This must
be
# done by the RT administrator.
Set(@Plugins, qw(RT::Authen::ExternalAuth));
require
"/opt/rt3/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm";
 
# If you want LDAP users to be automatically
# assigned "Let this user be granted rights" then you may do so by
# setting AutoCreate,{Privileged => 1}.  Otherwise it will need
# setting manually along with group membership.
Set($AutoCreate,{Privileged => 1});
 
1;
 
************************************************************************
**************
*** /opt/rt3/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm
***
************************************************************************
**************
Set($ExternalAuthPriority,           [ 'My_LDAP' ] );
Set($ExternalInfoPriority,           [ 'My_LDAP' ] );
Set($ExternalServiceUsesSSLorTLS,    0);
Set($AutoCreateNonExternalUsers,     1);
 
Set($ExternalSettings,      {
                     'My_LDAP'               =>  {
 
                     'type'                  =>  'ldap',
                     'server'                =>  'XXX.XXX.XXXl',
                     'user'                  =>
'cn=ldap,ou=XXX,dc=XXX,dc=XXX',
                     'pass'                  =>  'XXX',
                     'base'                  =>  'dc=XXX,dc=XXX',
 
                     'filter'                =>
'(&(ObjectCategory=User)(ObjectClass=Person))',
                     'd_filter'              =>
'(userAccountControl:1.2.840.113556.1.4.803:=2)',
 
                     'tls'                   =>  0,
#                    'ssl_version'           =>  3,
 
                     'net_ldap_args'         => [    version =>  3
],
                     'group'                 =>
'cn=XXX,ou=XXX,dc=XXX,dc=XXX',
                     'group_attr'            =>  'member',
 
                     'attr_match_list'       => [   'Name',
'EmailAddress'   ],
                     'attr_map'              => {   'Name' =>
'sAMAccountName',
                                                    'EmailAddress' =>
'mail',
                                                    'Organization' =>
'physicalDeliveryOfficeName',
                                                    'RealName' => 'cn',
                                                    'ExternalAuthId' =>
'sAMAccountName',
                                                    'Gecos' =>
'sAMAccountName',
                                                    'WorkPhone' =>
'telephoneNumber',
                                                    'Address1' =>
'streetAddress',
                                                    'City' => 'l',
                                                    'State' => 'st',
                                                    'Zip' =>
'postalCode',
                                                    'Country' => 'co'
                                                }
                                      }
                            }
);
 
1;



 
Gene Evans
IT Administrator
Heapy Engineering
937-224-0861 x1404
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100806/a7db7b2f/attachment.htm>


More information about the rt-users mailing list