[rt-users] RT 3.8 Active Directory integration and single sign-on

Eugene M. Evans EMEvans at heapy.com
Tue Aug 10 20:33:16 EDT 2010


Thank you for your suggestions.

>Try using the ldapsearch command line client, I find it is much closer
to the way the perl ldap library is connecting. Once you make that 

>connect, the same user should be fine. One thing about AD is that
sometimes the AD server responds better to a user of 

>sAMAccountName at domain (email address style login) rather than a full
DN, but I've never found an explanation for why.

yes, I had been trying to use ldapsearch but was getting bogged down in
getting it configured to work.  First had to install OpenLdap which also
depended on BerkeleyDB, then ran out of HDD space and finally gave up. I
was able to get it to run but never did get it to return anything at the
command line.  Ended up I was able to to get things working without that
and without resorting to the sAMAccountName at domain format (see my reply
today to Mike Johnson), but may try it as a test anyway just to have an
alternative in case something down the road requires it.

I appreciate the help.


Gene Evans

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100810/52025134/attachment.htm>

More information about the rt-users mailing list