[rt-users] FW: Assistance w/ LDAP Logins

Mario DiNatale mdinatale at hamdenpd.com
Mon Jul 9 11:56:28 EDT 2012 

Think I'm close, but could use some help from some experts... I have $LogtoScreen set to 'debug', but it doesn't appear to Be giving me any additional information than it was before...

Local login works fine, but the ldap logins keep getting rejected With incorrect password. Here is the relevant portion of my
config:
Set( $ExternalAuthPriority, ['My_LDAP'] ); Set( $ExternalInfoPriority, ['My_LDAP'] ); Set( $ExternalServiceUsesSSLorTLS, 0 ); Set( $AutoCreateNonExternalUsers, 0 ); Set( $ExternalSettings, { 'My_LDAP' => { 'type' => 'ldap', 'server' => 'dc1.XXX.local', 'rt_ldap_username' => 'cn=rt,ou=Users,dc=XXX,dc=local', 'rt_ldap_password' => 'ldap', 'base' => 'dc=XXX,dc=local', 'filter' => '(&(ObjectCategory=User)(ObjectClass=Person))',
'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
'tls' => 0,
# 'ssl_version' => 3,
'net_ldap_args' => [ version => 3 ],
'attr_match_list' => [ 'Name','EmailAddress' ], 'attr_map' => { 'Name' => 'sAMAccountName', 'EmailAddress' => 'mail', 'RealName' => 'cn', 'ExternalAuthId' => 'sAMAccountName', 'Gecos' => 'sAMAccountName'  
} } }, );

And here is the tail of my apache log:
[Fri Jul  6 18:59:26 2012] [info]: Successful login for root from 10.5.10.52 (/usr/local/libdata/perl5/site_perl/RT/Interface/Web.pm:660)
[Fri Jul  6 18:59:36 2012] [error]: FAILED LOGIN for testuser from 10.5.10.52 (/usr/local/libdata/perl5/site_perl/RT/Interface/Web.pm:655)

Any idea how else I could perhaps get more detailed logging of where the Credentials are falling down atleast?

Thanks in advance,
-m

                       -----BEGIN PGP PUBLIC KEY CRYTPO BLOCK----- 
mQENBE66pkIBCACXZ3ltfLhx2JXg5NCkP2frIWTYTmmQEXXVHjA9gZGSs1YKVO2d
RjhpMSICBmYcx5drxDurDaHId0J8+ZomCZhaLgEU7SsLKJCB6qhu47YzoKNuQe/N
Yu4pLec6zYfQGpTgeAIOKxkZpHrVT+zaWyUCUnSK685+iVP3a/pt/OlO355wHH9b
YHYElp+FWkLOetV0o6wPRbjpqBLIE6sL0alGnHOM23nn8truk4bPjdDB3/q1SpUT
CBHPT8at2FAqKwz8fNVdihusVjDln7gGRwecp2RY2yfmT+FA82aYr0pendYMJaUW
MN24l6SHzKmKcDwPV8oCXPqSr56dH0OcaKXRABEBAAG0Ik1hcmlvIERpTmF0YWxl
IDxtYXJpb2dkQGdtYWlsLmNvbT6JATgEEwECACIFAk66pkICGw8GCwkIBwMCBhUI
AgkKCwQWAgMBAh4BAheAAAoJEHiKyXG4XFzjocAH/3F3+39v/rADiulBxdy6Zn4F
S0yfbsM2WXxj1m+L1lRfM06Se920xh9G/PQGkd0QiQRMiawnr1voKkKkV2rqH4wJ
r116Ff8kwFGFozVbc4kXokA21Ua694/FNmxUfD2eVCNJVfbIl1jdSRU0A6Fy4UgW
djesrHYsb1qwqD75ZbVHAmTT+o+AKIhIKr135AE6aG0Qh2rO4bRSOYZE1BfGJ0fV
DjM6rMHgTmdxKizPM3eynkrXwcgGYRyl6Bn661FAoyBwhSMmjG9tMNNwZYnFvoxW
e15jUPH0k9TmY3+0Yqs/1PMLuNIGQ8GecIBs2y6a6uU6Pwmaes/rAulmVIQkd54=
=YGdf
                       -----END PGP PUBLIC KEY CRYTPO BLOCK-----

More information about the rt-users mailing list