[rt-users] Odd Account Behavior after Active Directory Migration

Thomas Simmons twsnnva at gmail.com
Wed Feb 20 09:06:53 EST 2013


Hello All,
I know the subject is not very descriptive, but this problem is hard to
explain in few words.

We recently upgraded our Samba3+OpenLDAP (NT-Style) domain to Samba4
(Active Directory). I have reconfigured all of our services to authenticate
using AD via LDAP, and this is working as expected for most applications.
It's also working for RT (3.6.5), but I am seeing very strange behavior
that I cannot explain. Let's say I have 2 "classes" of users. Users that
used RT before the AD migration and users that have not. The "have not"
group includes users that existed in LDAP before the migration but never
used RT and users that have been created since migrating from OpenLDAP to
AD.

Users that used RT before AD:
These users can email RT, login to the web interface and can be manually
assigned as a requestor on the "people" page. Everything works as expected.

Users that have never used RT:
These users CANNOT email RT (User could not be loaded). They also CANNOT
login to the web interface. They CANNOT be assigned as a requestor on the
people page. However, if they continue emailing RT, after 3-5 tries the
user will be created in RT and the user can then also login and be assigned
as a requestor. The user will only be created if they EMAIL RT 3 times -
attempting to login via the web interface or assigning the user on the
people page 3 times (or 10) does NOT create the user in RT.

I do not even know where to begin with this problem. The connection to AD
seems fine. If I reset a password in AD, RT requires the new
credentials.Users are createdwith the proper
info from AD (that I re-configured in RT_SiteConfig.pm), but the user must send
multiple emails before the account is created.

Thanks,
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20130220/9314f024/attachment.htm>


More information about the rt-users mailing list