[rt-users] AD user logged in, but no ticket is seen

Zhang,Jun JHZhang at mdanderson.org
Thu Mar 1 14:44:23 EST 2012


Ldap user authentication seems to work using RT-Authen-ExternalAuth. An AD user can login and create tickets in a queue, but next time the same user logged in he sees no open/closed tickets. Only root user can see all the tickets.

Cannot add user rights to the AD user. Once I put the AD user name in the field and check a box, it will say "Invalid username".

I've created a group as root within RT gui, assigned all possible rights for it, and added the AD user as a member. Still, this user doesn't see any ticket.

This is the first time I compiled RT 4.0.4 on a RHEL 6.1. Following is the RT_SiteConfig.pm file I'm using.

Set( $DatabaseUser, 'rt_user' );
Set( $CorrespondAddress, 'x2 at mdanderson.org' );
Set( $rtname, 'xrt.mdanderson.edu' );
Set( $DatabaseRequireSSL, '' );
Set( $WebPort, '80' );
Set( $Organization, 'mdanderson.edu' );
Set( $DatabaseType, 'mysql' );
Set( $DatabasePort, '' );
Set( $DatabasePassword, 'password' );
Set( $DatabaseAdmin, 'root' );
Set( $SendmailPath, '/usr/sbin/sendmail' );
Set( $WebDomain, 'xrt.mdanderson.edu' );
Set( $DatabaseAdminPassword, '' );
Set( $CommentAddress, 'x at mdanderson.org' );
Set( $DatabaseHost, 'localhost' );
Set( $DatabaseName, 'rt4' );
Set( $OwnerEmail, 'x2 at mdanderson.org' );
Set( @Plugins, qw(RT::Authen::ExternalAuth) );

Set($ExternalAuthPriority,  [ 'My_MySQL',
                              'My_LDAP'
                            ]
);
Set($ExternalServiceUsesSSLorTLS,    0);
Set($AutoCreateNonExternalUsers,    0);
Set($ExternalSettings,      {
                                'My_MySQL'   =>  {
                                                        'type'                      =>  'db',
                                                        'server'                    =>  'dqsrt.mdanderson.edu',
                                                        'database'                  =>  'rt4',
                                                        'table'                     =>  'Users',
                                                        'user'                      =>  'rt_user',
                                                        'pass'                      =>  'password',
                                                        'port'                      =>  '3306',
                                                        'dbi_driver'                =>  'mysql',
                                                        'u_field'                   =>  'Name',
                                                        'p_field'                   =>  'Password',
                                                        'p_enc_pkg'                 =>  'Crypt::MySQL',
                                                        'p_enc_sub'                 =>  'password',
                                                        'd_field'                   =>  'disabled',
                                                        'd_values'                  =>  ['0'],
                                                        'attr_map'                  =>  {   'Name' => 'Name',                                                                                        }
                                                  },
                                'My_LDAP'       =>  {
                                                        'type'                      =>  'ldap',
                                                        'server'                    =>  'dcpwpdc1.mdanderson.edu',
                                                        'user'                      =>  's_dqs_svn',
                                                        'pass'                    =>  'Juoo9k88',
                                                        'base'                      =>  'ou=people,dc=mdanderson,dc=edu',
                                                        'd_filter'  =>  '(userAccountControl:1.2.840.113556.1.4.803:=2)',
                                                        'tls'                       =>  0,
                                                        'ssl_version'              => 3,
                                                        'net_ldap_args'             => [    version =>  3   ],
                                                        'attr_map'                  =>  {   'Name' => 'samaccountname',
                                                                                            'EmailAddress' => 'mail',
                                                                                            'Organization' => 'physicaldeliveryofficename',
                                                                                            'RealName' => 'gecos',
                                                                                            'ExternalAuthId' => 'sAMAccountName',
                                                                                            'Gecos' => 'gecos',
                                                                                            'WorkPhone' => 'telephoneNumber',
                                                                                            'Address1' => 'streetAddress',
                                                                                            'City' => 'l',
                                                                                            'State' => 'st',
                                                                                            'Zip' => 'postalCode',
                                                                                            'Country' => 'co'
                                                                                        }
                                                    }
                                }
);
1;

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20120301/8f46014f/attachment.htm>


More information about the rt-users mailing list