[rt-users] RT Extension LDAPImport Using LDAPS?

Kevin Falcone falcone at bestpractical.com
Mon Apr 9 15:10:33 EDT 2012 

On Mon, Apr 09, 2012 at 02:25:47PM -0400, Scott Pestana wrote:
>     I'm having trouble setting up LDAPImport over LDAPS.  The README
> with the package on CPAN details set up and includes "Hostname or
> ldap(s):// uri" which suggests to me that secure transmission should
> work.  I have settings in RT_SiteConfig.pm for Security, but I don't
> see a specific flag for the Extension::LDAPImport package to set
> that secure communication is requested.
> 
>     I run into the following error trying to run rtldapimport:
> 
> [root at owlwoman bin]# ./rtldapimport
> Running test import, no data will be changed
> Rerun command with --import to perform the import
> Rerun command with --debug for more information
> [Mon Apr  9 18:19:15 2012] [error]: LDAP search failed No such
> object (/opt/rt4/local/plugins/RT-Extension-LDAPImport/lib/RT/Extension/LDAPImport.pm:866)
> LDAP search failed No such object
> Testing group import
> [Mon Apr  9 18:19:15 2012] [warning]: Not running a group import,
> configuration not set (/opt/rt4/local/plugins/RT-Extension-LDAPImport/lib/RT/Extension/LDAPImport.pm:874)
> Not running a group import, configuration not set
> Finished test

Please show your LDAPimport configuration for LDAPHost / LDAPUser and
a sanitized version of LDAPPassword.

Your port # implies that Net::LDAP didn't think you needed ssl.

-kevin

>     Digging into the PERL code being executed by rtldapimport, I
> found that the LDAP object can't be created because the
> configuration being used is insecure:
> 
>   DB<9> x $ldap
> 0  Net::LDAP=HASH(0x5af6f00)
>    'net_ldap_async' => 0
>    'net_ldap_debug' => 0
>    'net_ldap_host' => 'OURLDAPS.linguamatics.com'
>    'net_ldap_port' => 389
>    'net_ldap_refcnt' => 1
>    'net_ldap_resp' => HASH(0x86044f0)
>         empty hash
>    'net_ldap_scheme' => 'ldap'
>    'net_ldap_socket' => IO::Socket::INET=GLOB(0x8604718)
>       -> *Symbol::GEN46
>             FileHandle({*Symbol::GEN46}) => fileno(8)
>    'net_ldap_uri' => 'OURLDAPS.linguamatics.com'
>    'net_ldap_version' => 3
> 
>     What flags do I need to set for rtldapimport to use secure
> communication when doing the import?  I have set $LDAPUser and
> $LDAPPassword in the RT_SiteConfig.pm but aren't reflected here
> either (perhaps they are applied later).
> 
> 
> 
> -- 
> N. Scott Pestana
> IT Infrastructure
> Linguamatics
> 275 Grove Street, Suite 2-400
> Newton, MA 02466
> 
> Tel: +1-774-571-7135
> 
> US Tel: +1-617-674-3256
> UK Tel: 011-44-1223-421360
> UK Fax: 011-44-1223-421361
> Web: www.linguamatics.com
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20120409/9e395aa0/attachment.sig>

More information about the rt-users mailing list