[rt-users] LDAPImport bug with RT-Authen-ExternalAuth

Kevin Falcone falcone at bestpractical.com
Wed Jul 27 17:40:24 EDT 2011


On Wed, Jul 27, 2011 at 04:13:07PM -0400, Shawn M Plummer wrote:
> Sorry for the delay in responding to this.
> 
> > 
> > They are compatible, but it's entirely possible that you have some
> > crufty user data.
> > 
> > Do you already have a user whose Name and EMailAddress are both
> > NAME at geneseo.edu ?
> > 
> 
> I do not.
> 
> > If you log in as this user, can RT-Authen-ExternalAuth find and
> > authenticate this user?
> > 
> 
> 
> I created a new user in AD that I knew would not be in RT and that I would know the username and password. It does appear that ExternalAuth cannot create a new user but it seems to be authenticating existing user just fine.
> 
> Relevant logs:
> [Wed Jul 27 16:08:09 2011] [warn] [client 137.238.60.9] mod_fcgid: stderr: [Wed Jul 27 20:08:09 2011] [info]: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: 0, EmailAddress: , Gecos: rttestuser, Name: rttestuser, Privileged: 0 (/opt/rt4devel/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536), referer: https://rtdevel.geneseo.edu/
> [Wed Jul 27 16:08:09 2011] [warn] [client 137.238.60.9] mod_fcgid: stderr: [Wed Jul 27 20:08:09 2011] [error]: Couldn't create user rttestuser: Could not set user info (/opt/rt4devel/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:129), referer: https://rtdevel.geneseo.edu/
> [Wed Jul 27 16:08:09 2011] [warn] [client 137.238.60.9] mod_fcgid: stderr: [Wed Jul 27 20:08:09 2011] [error]: FAILED LOGIN for rttestuser f, referer: https://rtdevel.geneseo.edu/
> [Wed Jul 27 16:08:09 2011] [warn] [client 137.238.60.9] mod_fcgid: stderr: rom 137.238.60.9 (/opt/rt4devel/sbin/../lib/RT/Interface/Web.pm:655), referer: https://rtdevel.geneseo.edu/
> 
> 
> I have had no issue logging in as myself, using my AD password. Granted my account already existed.
> 
> Any idea why external auth would be able to authenticate existing users but fail to create new users?

You've left off a number of useful debugging messages from
CanonicalizeUserInfo which came right before this.  Without those,
it's hard to tell what's going on

-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110727/9ef26138/attachment.sig>


More information about the rt-users mailing list