[rt-users] External Auth (LDAP) and Mail Attribute

Thomas Misilo misilot at fit.edu
Tue Nov 15 11:55:41 EST 2011


-----Original Message-----
From: rt-users-bounces at lists.bestpractical.com [mailto:rt-users-bounces at lists.bestpractical.com] On Behalf Of Thomas Misilo
Sent: Tuesday, November 15, 2011 11:51 AM
To: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] External Auth (LDAP) and Mail Attribute

-----Original Message-----
From: rt-users-bounces at lists.bestpractical.com [mailto:rt-users-bounces at lists.bestpractical.com] On Behalf Of Kevin Falcone
Sent: Tuesday, November 15, 2011 11:36 AM
To: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] External Auth (LDAP) and Mail Attribute

On Tue, Nov 15, 2011 at 10:24:50AM -0500, Thomas  Misilo wrote:
>    Is there any special trick other than having:
> 
>           # The mapping of RT attributes on to LDAP attributes
> 
>                             'attr_map'                  =>  {   'Name' => 'cn',
> 
>                                                                 
> 'EmailAddress' => 'mail',
> 
>                                                                 
> 'RealName' => 'displayName',
> 
>    'ExternalAuthId' => 'cn',
> 
>                                                                'Gecos' => 'cn'
> 
>                                                             }
> 
> 
> 
>    In your config to get the email? As it pulls Gecos correctly, but nothing else, Including
>    ExternalAuthId.

As long as those are the right attributes, and you have rights to read the ldap recpard, it should be fine.

The debug logs list what data is pulled from LDAP so you can confirm.


I turned on debug via:

Set($LogToSyslog, "debug");
Set($LogToScreen, "debug");
Set($LogToFile, 1);

And I am getting more data in the apache log, but I do not see anything that lists the specific attributes it is getting.

I can browse and read the attributes using ldp in windows.

Thanks for any help,

Tom


Okay I think I see what my problem is. 

In the log is see "== Attrs: displayName,mail,cn,cn,cn" and when I try and select the attributes like that from the AD it doesn't find them. They are separated by ; I believe with windows AD.






More information about the rt-users mailing list