[rt-users] cannot connect even after succesful Ldap search
Ashrock
amohammed.ash at gmail.com
Wed Sep 29 17:55:23 EDT 2010
I just typed it different to copy paste in forums.
But i used the same server address while configuring.
Do you see any error in my RT Site Config.
is there somewhere else i can look for possible errors.
On 9/29/2010 4:50 PM, Kevin Falcone wrote:
> On Wed, Sep 29, 2010 at 04:48:55PM -0500, Ashrock wrote:
>> I specified the password this time.
>> But it still does not connect to LDAP even then.
> Your servers are also different.
>
> -kevin
>
>> On 9/29/2010 4:42 PM, Kevin Falcone wrote:
>>
>> On Wed, Sep 29, 2010 at 03:24:43PM -0500, Ashrock wrote:
>>
>> Hi,
>>
>> I am trying to connect my AD to RT, to let users in AD access RT with their user names. I
>> tried configuring LDAP different ways, but it always returns cannot connect to LDAP, Invalid
>> Credentials.
>> [critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj : Cannot connect to 10.10.0.5:389
>>
>> I assume the LDAP search was successful through this command.
>>
>> LDAP Search:
>> ldapsearch -LLL -x -H [1][1]ldap://10.10.0.5:389 -b 'ou=IT, ou=Support, dc=mcfc, dc=local' -D
>> 'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local' -w 'abc123!@#' '(&(ObjectClass=User)(CN= RT))'
>> <returned no errors>
>> Does that mean, the ldap search was successful?
>>
>> Your ldapsearch command specified a password, your RT config does not
>>
>> -kevin
>>
>>
>> My RT Site Config is below.
>> Do i have to use AutoCanonical for user to get connected to LDAP.
>>
>> Where am i doing wrong. Please let me know if you may need some more files to know where am i
>> doing it wrong.
>>
>> ------------------------RT SITE CONFIG
>> ---------------------------------------------------------------
>> Set($WebBaseURL,'[2][2]http://10.10.10.10:443'); Set($WebPath,'');
>> Set($DatabaseName, 'rt3'); Set($DatabaseType, 'mysql');
>> Set($DatbaseUser, 'rtuser'); Set($DatabasePassword, 'pass');
>> Set($rtname,'Ticket'); Set($Organization,[3][3]"http://www.mcfc.com");
>>
>> #Set(@Plugins,(qw(Extension::QuickDelete)));
>> #Set(@Plguins,(qw(RT::FM)));
>> #Set($LogtoFileNamed, "rt.log");
>> #Set($LogtoFile, 'debug');
>>
>> Set(@Plugins,qw(RT::Authen::ExternalAuth));
>> Set($CorrespondAddress, '[[4]4]rt-its at mcfc.com');
>> Set($CommentAddress, '[[5]5]rt-comment at mcfc.com');
>>
>> @MailCommand , 'sendmail';
>> $SendMailArguments = "-oi -t";
>> $SendMailPath = "/usr/sbin/sendmail";
>> $SenderMustExistInExternalDatabase = undef;
>>
>> #Set($MailCommand, 'sendmail');
>> #Set($SendMailArguments, "-bm --rt-its at mcfc.com");
>> #Set($SendmailPath, "/usr/sbin/exim4");
>>
>> Set($NotifyActor, 1);
>> Set($RecordOutgoingEmail, 1);
>> Set($Timezone, 'US/Central');
>>
>> $WebURL = $WebBaseURL . $WebPath . "/";
>>
>> #Set($WebExternalAuth, 1);
>> #Set($WebFallbackToInternalAuth, true);
>> #Set($WebExternalAuto , 1);
>>
>> Set ($ExternalAuthPriority, [ 'My_LDAP' ]);
>> Set ($ExternalInfoPriority, [ 'My_LDAP' ]);
>> Set ($ExternalServiceUsesSSLorTLS, 1);
>> Set ($AutoCreateNonExternalUsers, 1);
>> Set ($Autocreate, 'Privileged=>1');
>>
>> Set($ExternalSettings, { 'My_LDAP' =>
>> {
>> 'type' => 'ldap',
>> 'server' => '10.10.10.10:389',
>> 'user' => 'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local',
>> #'filter' => '(uid=*)',
>> #'filter' => '(&(ObjectCategory =
>> User)(ObjectClass=Person))',
>> 'filter' => '(&(ObjectCategory = User)',
>> 'd_filter' => '(userAccountControl=514)',
>> #'d_filter' =>
>> '(userAccountControl:1.2.840.113556.1.4.803:=2)',
>> 'tls' => 0,
>> #'ssl_version' => 3,
>> 'net_ldap_args' => [version => 3],
>> #'group' =>'cn= ou=Users dc=server, dc=mcfc, dc=local',
>> #'group_attr' => 'member',
>> 'attr_match_list' => ['Name','Email Address'],
>> #'attr_map' => {'Name' => 'uid', 'EmailAddress' =>
>> 'mail'}
>> 'attr_map' => {
>> 'Name' => 'sAMAaccountName',
>> 'EmailAddress' => 'mail',
>> 'Organization' =>
>> 'physicalDeliveryOfficeName',
>> 'RealName' => 'cn',
>> 'ExternalAuthId'=> 'sAMAccountname',
>> 'Gecos' => 'sAMAccountName',
>> 'WorkPhone' => 'telephoneNumber',
>> 'Address1' => 'streetAddress',
>> 'City' => '1',
>> 'State' => 'st',
>> 'Zip' =>'postalCode',
>> 'Country' => 'co'
>> }
>>
>> }
>> }
>> );
>> 1;
>>
>> References
>>
>> Visible links
>> 1. [6]file:///Users/falcone/tmp/ldap:/10.10.0.5:389
>> 2. [7]http://10.10.10.10:443/
>> 3. [8]http://www.mcfc.com/
>> 4. [9]mailto:rt-its at mcfc.com
>> 5. [10]mailto:rt-comment at mcfc.com
>>
>>
>> RT Training in Washington DC, USA on Oct 25& 26 2010
>> Last one this year -- Learn how to get the most out of RT!
>>
>>
>>
>>
>> RT Training in Washington DC, USA on Oct 25& 26 2010
>> Last one this year -- Learn how to get the most out of RT!
>>
>> References
>>
>> Visible links
>> 1. file:///Users/falcone/tmp/ldap:/10.10.0.5:389
>> 2. http://10.10.10.10:443/
>> 3. http://www.mcfc.com/
>> 4. mailto:4]rt-its at mcfc.com
>> 5. mailto:5]rt-comment at mcfc.com
>> 6. file:///Users/falcone/tmp/ldap:/10.10.0.5:389
>> 7. http://10.10.10.10:443/
>> 8. http://www.mcfc.com/
>> 9. mailto:rt-its at mcfc.com
>> 10. mailto:rt-comment at mcfc.com
>> RT Training in Washington DC, USA on Oct 25& 26 2010
>> Last one this year -- Learn how to get the most out of RT!
>
>
>
> RT Training in Washington DC, USA on Oct 25& 26 2010
> Last one this year -- Learn how to get the most out of RT!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100929/00da717d/attachment.htm>
More information about the rt-users
mailing list