[rt-users] Authenticate with multiple LDAP Domains
Ariel Saia
ariel.saia at brandesassociates.com
Thu Jun 10 13:38:48 EDT 2010
Just wanted to post this as it may help someone. I needed to authenticate against multiple AD domains and in the archives someone had asked how to do this. Here is my ExternalAuth: RT_SiteConfig.pm file.
----------------------------------------------------------------------------------------------------------------------------
Set($ExternalAuthPriority, [ 'My_LDAP', 'My_LDAP2' ] );
Set($ExternalInfoPriority, [ 'My_LDAP', 'My_LDAP2' ] );
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 0);
Set($ExternalSettings, {
'My_LDAP' => {
'type' => 'ldap',
'server' => '192.168.0.1',
'user' => 'CN=rt, OU=TEST-CO, DC=Domain1, DC=COM',
'pass' => 'passowrd',
'base' => 'DC=Domain1,DC=COM',
'filter' => '(ObjectClass=*)',
# 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
'tls' => 0,
# 'ssl_version' => 3,
'net_ldap_args' => [ version => 3 ],
# 'group' => 'cn=RT Users,ou=Services,dc=internal,dc=local',
# 'group_attr' => 'member',
'attr_match_list' => [ 'Name', 'EmailAddress' ],
'attr_map' => { 'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'Organization' => 'physicalDeliveryOfficeName',
'RealName' => 'cn',
'ExternalAuthId' => 'sAMAccountName',
'Gecos' => 'sAMAccountName',
'WorkPhone' => 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => 'l',
'State' => 'st',
'Zip' => 'postalCode',
'Country' => 'co'
}
},
'My_LDAP2' => {
'type' => 'ldap',
'server' => '192.168.1.1',
'user' => 'CN=rt, OU=TEST-CO, DC=Domain2, DC=COM',
'pass' => 'password',
'base' => 'DC=Domain2,DC=COM',
'filter' => '(ObjectClass=*)',
# 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
'tls' => 0,
# 'ssl_version' => 3,
'net_ldap_args' => [ version => 3 ],
# 'group' => 'cn=RT Users,ou=Services,dc=internal,dc=local',
# 'group_attr' => 'member',
'attr_match_list' => [ 'Name', 'EmailAddress' ],
'attr_map' => { 'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'Organization' => 'physicalDeliveryOfficeName',
'RealName' => 'cn',
'ExternalAuthId' => 'sAMAccountName',
'Gecos' => 'sAMAccountName',
'WorkPhone' => 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => 'l',
'State' => 'st',
'Zip' => 'postalCode',
'Country' => 'co'
}
}
}
);
1;
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100610/8f75e7c9/attachment.htm>
More information about the rt-users
mailing list