[rt-users] LDAPImport bug with RT-Authen-ExternalAuth
Kevin Falcone
falcone at bestpractical.com
Wed Jul 27 17:40:24 EDT 2011
On Wed, Jul 27, 2011 at 04:13:07PM -0400, Shawn M Plummer wrote:
> Sorry for the delay in responding to this.
>
> >
> > They are compatible, but it's entirely possible that you have some
> > crufty user data.
> >
> > Do you already have a user whose Name and EMailAddress are both
> > NAME at geneseo.edu ?
> >
>
> I do not.
>
> > If you log in as this user, can RT-Authen-ExternalAuth find and
> > authenticate this user?
> >
>
>
> I created a new user in AD that I knew would not be in RT and that I would know the username and password. It does appear that ExternalAuth cannot create a new user but it seems to be authenticating existing user just fine.
>
> Relevant logs:
> [Wed Jul 27 16:08:09 2011] [warn] [client 137.238.60.9] mod_fcgid: stderr: [Wed Jul 27 20:08:09 2011] [info]: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: 0, EmailAddress: , Gecos: rttestuser, Name: rttestuser, Privileged: 0 (/opt/rt4devel/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536), referer: https://rtdevel.geneseo.edu/
> [Wed Jul 27 16:08:09 2011] [warn] [client 137.238.60.9] mod_fcgid: stderr: [Wed Jul 27 20:08:09 2011] [error]: Couldn't create user rttestuser: Could not set user info (/opt/rt4devel/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:129), referer: https://rtdevel.geneseo.edu/
> [Wed Jul 27 16:08:09 2011] [warn] [client 137.238.60.9] mod_fcgid: stderr: [Wed Jul 27 20:08:09 2011] [error]: FAILED LOGIN for rttestuser f, referer: https://rtdevel.geneseo.edu/
> [Wed Jul 27 16:08:09 2011] [warn] [client 137.238.60.9] mod_fcgid: stderr: rom 137.238.60.9 (/opt/rt4devel/sbin/../lib/RT/Interface/Web.pm:655), referer: https://rtdevel.geneseo.edu/
>
>
> I have had no issue logging in as myself, using my AD password. Granted my account already existed.
>
> Any idea why external auth would be able to authenticate existing users but fail to create new users?
You've left off a number of useful debugging messages from
CanonicalizeUserInfo which came right before this. Without those,
it's hard to tell what's going on
-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110727/9ef26138/attachment.sig>
More information about the rt-users
mailing list