[rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP
William Clarke
wclarke at simons-rock.edu
Fri Oct 3 11:06:45 EDT 2014
Sorry, I sent that a little prematurely..... RT shows your username or
password is incorrect : (
On 10/3/2014 10:58 AM, William Clarke wrote:
> Hi all,
>
> CentOS6.5 \ Apache 2.2.15 \ Perl 5.18.2 \ MariaDB 5.5.39
>
> I followed these instructions for my RT build:
> http://binarynature.blogspot.pt/2013/05/install-request-tracker-4.html
>
> I'm very new to RT. I've read up what I could find on CPAN, wiki and
> Google and I'm not quite sure which way to go here. RT is connecting
> to our ldap and a search result is found but the logs in ldap show
> "closed (connection lost)" so I suspect RT isn't seeing\getting the
> response back from LDAP. I have some examples below showing RT's LDAP
> requests with logs as well as the same search run via command line.
>
> The main differences I can see in logs so far is command line test
> sends "scope=2 deref=0" vs RT test "scope=2 deref=2" and also that the
> RT test doesn't unbind and the connection is lost.
>
> Command line: ldapsearch -x -p 389 -h ldap.simons-rock.edu -b
> ou=People,dc=simons-rock,dc=edu "(&(&(uid=*))(uid=wclarke))" mail uid
>
> # extended LDIF
> #
> # LDAPv3
> # base <ou=People,dc=simons-rock,dc=edu> with scope subtree
> # filter: (&(&(uid=*))(uid=wclarke))
> # requesting: mail uid
> #
>
> # wclarke, People, simons-rock.edu
> dn: uid=wclarke,ou=People,dc=simons-rock,dc=edu
> uid: wclarke
> mail: wclarke at simons-rock.edu
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
> ---------------------------------------------------------------------------------------------------------------
> Logs from ldap via command line - loglevel 256
> ---------------------------------------------------------------------------------------------------------------
> Oct 3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 ACCEPT from
> IP=10.30.2.36:51249 (IP=0.0.0.0:389)
> Oct 3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 BIND dn="" method=128
> Oct 3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 RESULT tag=97
> err=0 text=
> Oct 3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH
> base="ou=People,dc=simons-rock,dc=edu" scope=2 deref=0
> filter="(&(&(uid=*))(uid=wclarke))"
> Oct 3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH attr=mail uid
> Oct 3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SEARCH RESULT
> tag=101 err=0 nentries=1 text=
> Oct 3 09:59:05 ldap2 slapd[1466]: conn=355216 op=2 UNBIND
> Oct 3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 closed
> ---------------------------------------------------------------------------------------------------------------
> Logs from ldap when logging into RT - loglevel 256
> ---------------------------------------------------------------------------------------------------------------
> Oct 3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 ACCEPT from
> IP=10.30.2.36:51262 (IP=0.0.0.0:389)
> Oct 3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 BIND dn="" method=128
> Oct 3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 RESULT tag=97
> err=0 text=
> Oct 3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH
> base="ou=People,dc=simons-rock,dc=edu" scope=2 deref=2
> filter="(&(&(uid=*))(uid=wclarke))"
> Oct 3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH attr=uid mail
> Oct 3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SEARCH RESULT
> tag=101 err=0 nentries=1 text=
> Oct 3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 closed
> (connection lost)
> ---------------------------------------------------------------------------------------------------------------
> External Settings from: RT_SiteConfig.pm
> ---------------------------------------------------------------------------------------------------------------
> Set( $ExternalSettings, {
> 'My_LDAP' => {
> 'type' => 'ldap',
> 'server' => 'ldap2.simons-rock.edu',
> 'base' =>
> 'ou=People,dc=simons-rock,dc=edu',
> 'filter' => '(objectClass=*)',
> 'net_ldap_args' => [ version => 3 ],
>
> 'attr_match_list' => [
> 'Name',
> 'EmailAddress',
> ],
> 'attr_map' => {
> 'Name' => 'uid',
> 'EmailAddress' => 'mail',
> },
> },
> } );
>
> # You must install Plugins on your own, this is only an example
> # of the correct syntax to use when activating them:
> # Plugin( "RT::Extension::SLA" );
> # Plugin( "RT::Authen::ExternalAuth" );
>
> Plugin( "RT::Authen::ExternalAuth" );
> # Plugin( "RT::Extension::Assets" );
> # plugin( "RT::Extension::Assets::Import::CSV" );
> 1;
> --
>
> William Clarke
> ITS System Administrator
> Bard College at Simon's Rock
> 84 Alford Road
> Great Barrington, MA 01230
> (413) 528-7428 (voice)
> (413) 528-7405 (fax)
> wclarke at simons-rock.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20141003/f21ee2cc/attachment.htm>
More information about the rt-users
mailing list