[rt-users] problems with RT::Authen::ExternalAuth

Kevin Falcone falcone at bestpractical.com
Tue Jan 22 13:11:46 EST 2013


On Tue, Jan 22, 2013 at 05:19:08AM -0800, ymarinov wrote:
> Turning the debugging mode seems to help me to see the exact error
> 
> [Tue Jan 22 13:16:38 2013] [debug]: UserExists params:
> username: ymarinov , service: My_LDAP
> (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:299)
> [Tue Jan 22 13:16:38 2013] [debug]: LDAP Search ===  Base: (dc=xxxxx,dc=net)
> == Filter: (&(objectClass=*)(uid=ymarinov)) == Attrs: mail,uid
> (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:329)
> [Tue Jan 22 13:16:38 2013] [debug]: User Check Failed :: ( My_LDAP )
> ymarinov User not found
> (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:343)
> [Tue Jan 22 13:16:38 2013] [debug]: Autohandler called ExternalAuth.
> Response: (0, No User)
> (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:11)
> 
> which lead me to that most probably the filter doesn't work correctly.
> But this filter is already described in the LDAPImport extension, and it
> works fine. 

The LDAPImport extension connects as a different user, your ymarinov
user may not have the same rights in LDAP.  Use the ldapsearch command
line tool to run the search/filter manually and see what you get (also
check the server's logs).

-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 235 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20130122/be4c1c44/attachment.sig>


More information about the rt-users mailing list