[rt-users] ExternalAuth help needed
Kevin Falcone
falcone at bestpractical.com
Thu Jan 13 18:35:37 EST 2011
On Thu, Jan 13, 2011 at 01:41:34PM -0800, Wes Modes wrote:
Your previous errors were actually in GetBoundLDAPObj so this is
different.
> [Thu Jan 13 21:39:34 2011] [critical]: Search for
> (ou=group,dc=ucsc,dc=edu=uid=wmodes,ou=people,dc=ucsc,dc=edu) failed: LDAP_INVALID_DN_SYNTAX
> 34 (/usr/local/rt/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:116)
As noted earlier, this seems to be because your config is interesting and
isn't specifying an attribute for the group_attr.
RT-Authen-ExternalAuth's group membership expects to work based on a search for
group_attr = DN of user
with a base of the group's DN
being a valid query. You should see a debug output of something like:
$RT::Logger->debug( "LDAP Search === ",
"Base:",
$base,
"== Filter:",
$filter->as_string,
"== Attrs:",
join(',', at attrs));
> 'group' => 'staff',
> # What is the attribute for the group object that determines membership?
> 'group_attr' => 'ou=group,dc=ucsc,dc=edu',
-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110113/44c26cf1/attachment.sig>
More information about the rt-users
mailing list