Ldap user authentication seems to work using RT-Authen-ExternalAuth. An AD user can login and create tickets in a queue, but next time the same user logged in he sees no open/closed tickets. Only root user can see all the tickets.
Cannot add user rights to the AD user. Once I put the AD user name in the field and check a box, it will say "Invalid username".
I've created a group as root within RT gui, assigned all possible rights for it, and added the AD user as a member. Still, this user doesn't see any ticket.
This is the first time I compiled RT 4.0.4 on a RHEL 6.1. Following is the RT_SiteConfig.pm file I'm using.
Set( $DatabaseUser, 'rt_user' );
Set( $CorrespondAddress, 'x2 at mdanderson.org' );
Set( $rtname, 'xrt.mdanderson.edu' );
Set( $DatabaseRequireSSL, '' );
Set( $WebPort, '80' );
Set( $Organization, 'mdanderson.edu' );
Set( $DatabaseType, 'mysql' );
Set( $DatabasePort, '' );
Set( $DatabasePassword, 'password' );
Set( $DatabaseAdmin, 'root' );
Set( $SendmailPath, '/usr/sbin/sendmail' );
Set( $WebDomain, 'xrt.mdanderson.edu' );
Set( $DatabaseAdminPassword, '' );
Set( $CommentAddress, 'x at mdanderson.org' );
Set( $DatabaseHost, 'localhost' );
Set( $DatabaseName, 'rt4' );
Set( $OwnerEmail, 'x2 at mdanderson.org' );
Set( @Plugins, qw(RT::Authen::ExternalAuth) );
Set($ExternalAuthPriority, [ 'My_MySQL',
'My_LDAP'
]
);
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 0);
Set($ExternalSettings, {
'My_MySQL' => {
'type' => 'db',
'server' => 'dqsrt.mdanderson.edu',
'database' => 'rt4',
'table' => 'Users',
'user' => 'rt_user',
'pass' => 'password',
'port' => '3306',
'dbi_driver' => 'mysql',
'u_field' => 'Name',
'p_field' => 'Password',
'p_enc_pkg' => 'Crypt::MySQL',
'p_enc_sub' => 'password',
'd_field' => 'disabled',
'd_values' => ['0'],
'attr_map' => { 'Name' => 'Name', }
},
'My_LDAP' => {
'type' => 'ldap',
'server' => 'dcpwpdc1.mdanderson.edu',
'user' => 's_dqs_svn',
'pass' => 'Juoo9k88',
'base' => 'ou=people,dc=mdanderson,dc=edu',
'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
'tls' => 0,
'ssl_version' => 3,
'net_ldap_args' => [ version => 3 ],
'attr_map' => { 'Name' => 'samaccountname',
'EmailAddress' => 'mail',
'Organization' => 'physicaldeliveryofficename',
'RealName' => 'gecos',
'ExternalAuthId' => 'sAMAccountName',
'Gecos' => 'gecos',
'WorkPhone' => 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => 'l',
'State' => 'st',
'Zip' => 'postalCode',
'Country' => 'co'
}
}
}
);
1;
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20120301/8f46014f/attachment.htm>