[rt-users] External Authentication with LDAPS
Mike Johnson
mike.johnson at nosm.ca
Wed Jul 28 08:50:19 EDT 2010
Hi,
Try turning on RT's logging in debug mode. That helped me figure out what
was going on with my ExternalAuth. In the log, before the FAILED line you
should see a few lines showing you if it's connecting to your LDAP, finding
user etc.
Work from there!
Mike.
On Wed, Jul 28, 2010 at 3:23 AM, Anthony BRODARD
<brodard.anthony at gmail.com>wrote:
> Hi,
>
> I've installed RT 3.8.7 on a debian lenny with the manual procedure listed
> here: http://wiki.bestpractical.com/view/ExternalAuth
>
> So, now i try to configure my RT_Siteconfig.pm to acces at RT via my LDAPS
> serveur.
>
> This is a part of my configuration:
>
> #PLUGINS:
> Set(@Plugins,(qw(
> RT::Extension::MandatorySubject
> RT::Extension::MandatoryRequestor
> RT::Extension::SearchResults::XLS
> RT::Extension::UserDetails
> RT::FM
> RT::IR
> RTx::Tags
> RT::Extension::WatchedQueues
> RT::Extension::ServiceUpdates
> RT::Authen::ExternalAuth
> )));
> # AUTHENTICATION
>
> Set($ExternalAuthPriority, ['LDAP',]
> );
>
> Set($ExternalInfoPriority, ['LDAP',]
> );
>
> Set($ExternalServiceUsesSSLorTLS, 1);
>
> # DATABASES CONFIGURATION
> Set($ExternalSettings,
> {
> 'LDAP' => {
> 'type' => 'ldap',
> 'server' => 'ldap.BLANKED',
> 'user' => 'BLANKED',
> 'pass' => 'BLANKED',
> 'base' => 'dc=blanked,dc=fr',
> 'filter' => '(uid=*)',
> 'd_filter' =>
> '(objectClass=foobar)',
> 'tls' => 1,
> 'ssl_version' => 3,
> 'net_ldap_args' => [ version => 3 ],
> # 'group' => 'GROUP-NAME',
> # 'group_attr' => 'GROUP_ATTR',
> 'attr_match_list' => 'uid',
> 'attr_map' => {
> 'Name' => 'uid',
> 'EmailAddress' => 'mail',
> # 'Organization' => '',
> 'RealName' => 'cn',
> # 'ExternalAuthId' => '',
> # 'Gecos' => '',
> # 'WorkPhone' => 'telephonenumber',
> # 'Address1' => '',
> # 'City' => '',
> # 'State' => '',
> # 'Zip' => '',
> # 'Country' => ''
> }
> }
> },
> );
> 1;
>
> When i try to log on, i have a message which said that m'y username or my
> password isn't correct.
>
> In the log files (/var/log/apache2/error.log), i have only :
>
> [Tue Jul 27 14:35:28 2010] [error]: FAILED LOGIN for anthony.brodard from
> MY_IP (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)
>
>
> Do you know where is the mistake?
>
> After that, i want to activate a session's timeout on RT with mod_perl. Do
> you know how can i do?
>
> Regards,
> Anthony BRODARD
>
>
>
>
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
>
--
Mike Johnson
Datatel Programmer/Analyst
Northern Ontario School of Medicine
955 Oliver Road
Thunder Bay, ON P7B 5E1
Phone: (807) 766-7331
Email: mike.johnson at nosm.ca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100728/b012703d/attachment.htm>
More information about the rt-users
mailing list