[rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Mike Johnson
mike.johnson at nosm.ca
Thu Apr 21 08:31:14 EDT 2011
One thing that stands out in your config is your d_filter. I read on the RT
wiki somewhere that d_filter for an AD you needed to put what I have below:
'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
Read these 2 microsoft support KB to learn more on why
http://support.microsoft.com/kb/305144
http://support.microsoft.com/kb/269181
Also, you have tls, ssl_version, group and group_attr commented out. Someone
else can correct me, but I believe you need to define those in your
settings.
Best I can do with my limited knowledge.
Good luck!
Mike.
On Thu, Apr 21, 2011 at 5:31 AM, john s. <fireskyer at gmx.de> wrote:
>
>
> Is it clear what i want? No? okay i try to describe a litte bit more
> exaclty
> as far as possible from myself
>
>
> okay my ldapseach command which runs perfectly is:
>
> sudo ldapsearch -h xxx.xxx.local -D "xxx\User" -w "password" -b "'dc=xxx,
> dc=local" -s sub "sAMAccountName=USER"
>
>
>
> So here are my RT Config Parameter again:
>
> Set($ExternalSettings,{'My_LDAP' =>{ ## GENERIC SECTION
> 'type' => 'ldap',
> 'server' => '192.168.123.45',
> 'user' => 'USER',
> 'pass' => 'password',
> 'base' =>
> 'ou=companyou,ou=User,dc=xxx,dc=xxx,dc=local',
> 'filter' => '(ObjectClass=*)',
> 'd_filter' =>
> '(userAccountControl=514)'
> # 'tls' => 0,
> # 'ssl_version' => 3,
> 'net_ldap_args' => [ version => 3 ],
> # 'group' => 'Benutzer',
> # 'group_attr' => 'GROUP_ATTR',
> 'attr_match_list' => [ 'Name',
> # 'EmailAddress',
> ],
> 'attr_map' => { 'Name' =>
> 'sAMAccountName',
> 'RealName' => 'cn',
> 'EmailAddress' =>
> 'mail',
> 'Organization' =>
> 'physicalDeliveryOfficeName',
> 'RealName' => 'cn',
> 'ExternalAuthId' =>
> 'sAMAccountName',
> 'Gecos' =>
> 'sAMAccountName',
> 'WorkPhone' =>
> 'telephoneNumber',
> 'Address1' =>
> 'streetAddress',
> 'City' => 'l',
> 'State' => 'st',
> 'Zip' =>
> 'postalCode',
> 'Country' => 'co'
>
>
> }
> }
>
>
> I'll try to find out, which parameter doesn't match with the ldap one ...
> cause if i try to authorize on rt with an ad user my AD gives the following
> message out:
>
> xxx.xxx.xxx.xxx:2799 NTDS None TCP 4 32 NonDSE Can't find
> object 0.0 0
>
>
> best regards john s.
>
>
>
>
>
>
>
>
>
>
> --
> View this message in context:
> http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448102.html
> Sent from the Request Tracker - User mailing list archive at Nabble.com.
>
>
--
Mike Johnson
Datatel Programmer/Analyst
Northern Ontario School of Medicine
955 Oliver Road
Thunder Bay, ON P7B 5E1
Phone: (807) 766-7331
Email: mike.johnson at nosm.ca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110421/83c5b4b9/attachment.htm>
More information about the rt-users
mailing list