[rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP

William Clarke wclarke at simons-rock.edu
Fri Oct 3 11:06:45 EDT 2014


Sorry, I sent that a little prematurely..... RT shows your username or 
password is incorrect : (

On 10/3/2014 10:58 AM, William Clarke wrote:
> Hi all,
>
> CentOS6.5 \ Apache 2.2.15 \ Perl 5.18.2 \ MariaDB 5.5.39
>
> I followed these instructions for my RT build:
> http://binarynature.blogspot.pt/2013/05/install-request-tracker-4.html
>
> I'm very new to RT. I've read up what I could find on CPAN, wiki and 
> Google and I'm not quite sure which way to go here. RT is connecting 
> to our ldap and a search result is found but the logs in ldap show 
> "closed (connection lost)" so I suspect RT isn't seeing\getting the 
> response back from LDAP. I have some examples below showing RT's LDAP 
> requests with logs as well as the same search run via command line.
>
> The main differences I can see in logs so far is command line test 
> sends "scope=2 deref=0" vs RT test "scope=2 deref=2" and also that the 
> RT test doesn't unbind and the connection is lost.
>
> Command line: ldapsearch -x -p 389 -h ldap.simons-rock.edu -b 
> ou=People,dc=simons-rock,dc=edu "(&(&(uid=*))(uid=wclarke))" mail uid
>
> # extended LDIF
> #
> # LDAPv3
> # base <ou=People,dc=simons-rock,dc=edu> with scope subtree
> # filter: (&(&(uid=*))(uid=wclarke))
> # requesting: mail uid
> #
>
> # wclarke, People, simons-rock.edu
> dn: uid=wclarke,ou=People,dc=simons-rock,dc=edu
> uid: wclarke
> mail: wclarke at simons-rock.edu
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
> ---------------------------------------------------------------------------------------------------------------
> Logs from ldap via command line - loglevel 256
> ---------------------------------------------------------------------------------------------------------------
> Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 ACCEPT from 
> IP=10.30.2.36:51249 (IP=0.0.0.0:389)
> Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 BIND dn="" method=128
> Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 RESULT tag=97 
> err=0 text=
> Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH 
> base="ou=People,dc=simons-rock,dc=edu" scope=2 deref=0 
> filter="(&(&(uid=*))(uid=wclarke))"
> Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH attr=mail uid
> Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SEARCH RESULT 
> tag=101 err=0 nentries=1 text=
> Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=2 UNBIND
> Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 closed
> ---------------------------------------------------------------------------------------------------------------
> Logs from ldap when logging into RT - loglevel 256
> ---------------------------------------------------------------------------------------------------------------
> Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 ACCEPT from 
> IP=10.30.2.36:51262 (IP=0.0.0.0:389)
> Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 BIND dn="" method=128
> Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 RESULT tag=97 
> err=0 text=
> Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH 
> base="ou=People,dc=simons-rock,dc=edu" scope=2 deref=2 
> filter="(&(&(uid=*))(uid=wclarke))"
> Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH attr=uid mail
> Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SEARCH RESULT 
> tag=101 err=0 nentries=1 text=
> Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 closed 
> (connection lost)
> ---------------------------------------------------------------------------------------------------------------
> External Settings from: RT_SiteConfig.pm
> ---------------------------------------------------------------------------------------------------------------
> Set( $ExternalSettings, {
>         'My_LDAP'       =>  {
>             'type'                      =>  'ldap',
>             'server'                    => 'ldap2.simons-rock.edu',
>             'base'                      => 
> 'ou=People,dc=simons-rock,dc=edu',
>             'filter'                    => '(objectClass=*)',
>             'net_ldap_args'             => [    version =>  3   ],
>
>             'attr_match_list' => [
>                 'Name',
>                 'EmailAddress',
>             ],
>             'attr_map' => {
>                 'Name' => 'uid',
>                 'EmailAddress' => 'mail',
>             },
>         },
>     } );
>
> # You must install Plugins on your own, this is only an example
> # of the correct syntax to use when activating them:
> #       Plugin( "RT::Extension::SLA" );
> #       Plugin( "RT::Authen::ExternalAuth" );
>
>         Plugin( "RT::Authen::ExternalAuth" );
> #       Plugin( "RT::Extension::Assets" );
> #       plugin( "RT::Extension::Assets::Import::CSV" );
> 1;
> -- 
>
> William Clarke
> ITS System Administrator
> Bard College at Simon's Rock
> 84 Alford Road
> Great Barrington, MA  01230
> (413) 528-7428 (voice)
> (413) 528-7405 (fax)
> wclarke at simons-rock.edu

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20141003/f21ee2cc/attachment.html>


More information about the rt-users mailing list