[rt-users] cannot connect even after succesful Ldap search

Ashrock amohammed.ash at gmail.com
Wed Sep 29 16:24:43 EDT 2010


  Hi,

I am trying to connect my AD to RT, to let users in AD access RT with 
their user names. I tried configuring LDAP different ways, but it always 
returns cannot connect to LDAP, Invalid Credentials.
[critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj : Cannot 
connect to 10.10.0.5:389

I assume the LDAP search was successful through this command.

LDAP Search:
ldapsearch -LLL -x -H ldap://10.10.0.5:389 -b 'ou=IT, ou=Support, 
dc=mcfc, dc=local' -D 'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local' -w 
'abc123!@#' '(&(ObjectClass=User)(CN= RT))'
<returned no errors>
Does that mean, the ldap search was successful?

My RT Site Config is below.
Do i have to use AutoCanonical for user to get connected to LDAP.

Where am i doing wrong. Please let me know if you may need some more 
files to know where am i doing it wrong.

------------------------RT SITE CONFIG 
---------------------------------------------------------------
Set($WebBaseURL,'http://10.10.10.10:443'); Set($WebPath,'');
Set($DatabaseName, 'rt3'); Set($DatabaseType, 'mysql');
Set($DatbaseUser, 'rtuser'); Set($DatabasePassword, 'pass');
Set($rtname,'Ticket'); Set($Organization,"http://www.mcfc.com");

#Set(@Plugins,(qw(Extension::QuickDelete)));
#Set(@Plguins,(qw(RT::FM)));
#Set($LogtoFileNamed, "rt.log");
#Set($LogtoFile, 'debug');

Set(@Plugins,qw(RT::Authen::ExternalAuth));
Set($CorrespondAddress, 'rt-its at mcfc.com');
Set($CommentAddress, 'rt-comment at mcfc.com');

@MailCommand , 'sendmail';
$SendMailArguments = "-oi -t";
$SendMailPath = "/usr/sbin/sendmail";
$SenderMustExistInExternalDatabase = undef;

#Set($MailCommand, 'sendmail');
#Set($SendMailArguments, "-bm --rt-its at mcfc.com");
#Set($SendmailPath, "/usr/sbin/exim4");

Set($NotifyActor, 1);
Set($RecordOutgoingEmail, 1);
Set($Timezone, 'US/Central');

$WebURL = $WebBaseURL . $WebPath . "/";

#Set($WebExternalAuth, 1);
#Set($WebFallbackToInternalAuth, true);
#Set($WebExternalAuto , 1);

Set ($ExternalAuthPriority, [ 'My_LDAP' ]);
Set ($ExternalInfoPriority, [ 'My_LDAP' ]);
Set ($ExternalServiceUsesSSLorTLS, 1);
Set ($AutoCreateNonExternalUsers, 1);
Set ($Autocreate, 'Privileged=>1');

Set($ExternalSettings, { 'My_LDAP' =>
                                      {
                                       'type' => 'ldap',
                                       'server' => '10.10.10.10:389',
                                       'user' => 'cn=RT, ou=IT, 
ou=Support, dc=mcfc, dc=local',
                                       #'filter' => '(uid=*)',
                                      #'filter' => '(&(ObjectCategory = 
User)(ObjectClass=Person))',
                                       'filter' => '(&(ObjectCategory = 
User)',
                                       'd_filter' => 
'(userAccountControl=514)',
                                      #'d_filter' => 
'(userAccountControl:1.2.840.113556.1.4.803:=2)',
                                       'tls' => 0,
                                      #'ssl_version' => 3,
                                       'net_ldap_args' => [version => 3],
                                      #'group' =>'cn= ou=Users 
dc=server, dc=mcfc, dc=local',
                                      #'group_attr' => 'member',
                                       'attr_match_list' => 
['Name','Email Address'],
                                      #'attr_map' => {'Name' => 'uid', 
'EmailAddress' => 'mail'}
                                       'attr_map' => {
                                                      'Name' => 
'sAMAaccountName',
                                                      'EmailAddress' => 
'mail',
                                                      'Organization' => 
'physicalDeliveryOfficeName',
                                                      'RealName' => 'cn',
                                                      'ExternalAuthId'=> 
'sAMAccountname',
                                                      'Gecos' => 
'sAMAccountName',
                                                      'WorkPhone' => 
'telephoneNumber',
                                                      'Address1' => 
'streetAddress',
                                                      'City' => '1',
                                                      'State' => 'st',
                                                      'Zip' =>'postalCode',
                                                      'Country' => 'co'
                                                     }

                                      }
}
);
1;
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100929/a5833fde/attachment.htm>


More information about the rt-users mailing list