[rt-users] Cannot Authenticate via Windows 2008 R2 Server

[Wong, Gaylen K Mr CIV USA USMA]

1.  We are running a single RT 4(4.0.4) server on a Dell 760 Optiplex PC running RHEL 6.2 64-bit

2.  We're using the RT-Authen-External-Auth version 0.10_01

3.  We're using tls with a Windows 2008 R2 Active Directory server and also https with the clients.  The RT server is using a DOD certificate which has a common root CA with the Windows server.
      The ldap bind user name and password has been verified.

4.  Everything was working fine with our old Windows 2003 server until they replaced it with a Windows 2008 R2 Army Gold Master (AGM) server.  An AGM version of an
     operating system is very strictly configured in terms of security.  From that point on no one could log into the RT Server.  In the httpd logs the following error is displayed:

     [Mon Mar 19 12:01:32 2012] [critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind: LDAP_LOCAL_ERROR 82 (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:492)

5.  If tls is not used then the login process is successful.  However authentication traffic is in the clear.  There is an apparent TLS incompatibility between the two machines but I'm not sure what it is.

6.  HTTPS still continues to work between RT server and client machines but tls is still a problem.

Any help would be appreciated.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20120322/1c5b2856/attachment.htm>