[rt-users] RT Extermnal Auth plugin and LDAP

[Tony Arnold]

I am using the ExternalAuth plugin 0.12 on RT 3.8.14 and have configured
to use an LDAP server for authentication.

I have specified group membership as a requisite for authentication. Our
LDAP server does not allow anonymous bind for looking up group
membership, so I've specified some credentials for this.

However, this is failing. It seems the plugin binds as the user being
authenticated in order to check group membership rather than the
credentials specified in the config file. The user being authenticated
does not have the rights to look up the group, hence it fails.

Is this a bug or a feature? Any suggestions for a work around?

Many thanks.

Regards,
Tony.

-- 
Tony Arnold,                        Tel: +44 (0) 161 275 6093
Head of IT Security,                Fax: +44 (0) 705 344 3082
University of Manchester,           Mob: +44 (0) 773 330 0039
Manchester M13 9PL.                 Email: tony.arnold at manchester.ac.uk