[rt-users] RT::Authen::ExternalAuth, Possible Configuration Issue?

Eli Guzman eguzman at cvimellesgriot.com
Tue Apr 5 13:59:48 EDT 2011


Apologies, forgot to include configuration and log file attachment.

Thanks,
Eli

-----Original Message-----
From: Eli Guzman 
Sent: Tuesday, April 05, 2011 11:50 AM
To: 'rt-users at lists.bestpractical.com'
Subject: RT::Authen::ExternalAuth, Possible Configuration Issue?

Greetings all,

== A Little Background ==

Sorry for the length of this post, TL/DR is at the bottom of this
message. We currently run RT 3.6.6 in a production environment (running
on RHEL 5.3, Tikanga, 2.6.18-128.2.1.el5xen #1 SMP, x86, running on a
Dell PowerEdge R410). We are in the midst of upgrading to 3.8.9 (as we
really liked the new look). The test environment is running on RHEL 5.6
Tikanga, 2.6.18-229.el5 #1 SMP, x86_64, within an ESX virtual
environment (Dell PowerEdge R710 acting as the VM host). 

We have already compiled the new RT instance successfully (web GUI runs
really well), ported our current production DB to the new environment
(after some issues related to MyISAM incompatibilities during initial
deployment; we have been running RT since release v2.8), ran any
necessary schema updates, and ensured that there weren't any CPAN
related inconsistencies.

== The Problem ==

Everything as far as the interface seems to be working as it should. We
are currently attempting to integrate the LDAP piece into the install
(LDAP via RT is a bit new to us). I believe that I may be missing a
configuration piece somewhere, as we cannot seem to get authentication
to occur properly between "RT::Authen::ExternalAuth", and our Active
Directory (AD) server. 

I've enabled logging in RT (debug mode), and have attached the actual
"rt.log" file to see if anyone can take a look and see if anything
sticks out. I've also included my main "RT_SiteConfig.pm", as well as
the RT::Authen::External LDAP configuration file
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm), as
the issue could also be a configuration issue with this file. As far as
LDAP authentication, we currently use Active Directory on Windows 2003
R2. Within AD we have setup an initial OU named 'services', with an
authentication user named 'ldap', and a security group named 'RTUsers'. 

The actual error is as follows:

[Tue Apr  5 16:03:18 2011] [debug]: SSO Failed and no user to test with.
Nexting
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAut
h.pm:92)

I've searched for this error, but I have only found some threads
addressing a similar issue, but with no actual listed solutions. From
what I can tell from these threads the issue seems to stem from either
an Apache, or a FastCGI configuration issue. The thing is Apache on this
server starts without any errors at all, so it seems to be parsing the
configuration files without a problem. I am attaching any related Apache
configuration files as well (two files actually,
/etc/httpd/conf/httpd.conf and /etc/httpd/conf.d/rt3.conf).

At the moment I am a bit stumped, so if anyone here has any
suggestions/information as to the issues mentioned above I'd certainly
appreciate any and all input.

== TL/DR ==

Installed RT 3.8.9 on a test RHEL server, and cannot seem to get
RT::Authen::ExternalAuth to properly work, please help!

Best Regards,
Eli 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: config-and-logs.tar.gz
Type: application/x-gzip
Size: 13723 bytes
Desc: config-and-logs.tar.gz
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110405/d0ec25c4/attachment.bin>


More information about the rt-users mailing list