[rt-users] LDAP ExternalAuth broken after upgrade from 4.0.2 to 4.0.4

Karl Boyken boyken at divms.uiowa.edu
Wed Nov 23 12:46:44 EST 2011


We run RT on RedHat Enterprise Server 6.1, with Perl 5.14.2.  We set up 
RT::ExternalAuth to authenticate against our OpenLDAP server, and it 
works fine with RT 4.0.2.  But after upgrading to RT 4.0.4, LDAP 
authentication breaks.  I'd appreciate any helpful ideas.  Here's the 
relevant log entry--it's an LDAP bind() error:


Nov 23 11:27:28 serv07 RT: 
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind: 
LDAP_OPERATIONS_ERROR 1 
(/path_to_our_RT/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:467)


This is the relevant section of our RT_SiteConfig.pm file (where values 
beginning with "our" have been changed for posting):


# To enable RT::Authen::ExternalAuth
Set(@Plugins, qw(RT::Authen::ExternalAuth));

# RT::Authen::ExternalAuth settings
# For information on configuring RT::Authen::ExternalAuth, see
# $RT_HOME/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm

Set($ExternalAuthPriority, ['DIVMS_LDAP',]);
Set($ExternalInfoPriority, ['DIVMS_LDAP',]);
Set($ExternalServiceUsesSSLorTLS, 1);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings,
     {
      'DIVMS_LDAP' => {
                       'type' => 'ldap',
                       'server' => 'our_server',
                       'user' => 'our_cn',
                       'pass' => 'our_password',
                       'base' => 'our_base',
                       'filter' => '(objectClass=*)',
                       'd_filter' => '(objectClass=FooBarBaz)',
                       'tls' => 1,
                       'ssl_version' => 1,
                       'net_ldap_args' => [ port => 389, version => 3 ],
                       'group' => '',
                       'group_attr' => '',
                       'attr_match_list' => [ 'Name', 'EmailAddress', ],
                       'attr_map' => {
                                      'Name' => 'uid',
                                      'EmailAddress' => 'mail',
                                      'RealName' => 'gecos',
                                      'ExternalAuthId' => 'uid',
                                      'Gecos' => 'uid',
                                     }
                      }
     }
);

-- 
Karl Boyken, system administrator 
karl-boyken at uiowa.edu
303A MLH, Dept. of Comp. Sci. 
http://www.cs.uiowa.edu/~boyken/
The U. of Iowa, Iowa City, IA  52242   319-335-2730 (voice) 
319-335-3668 (fax)



More information about the rt-users mailing list