[rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP

William Clarke wclarke at simons-rock.edu
Fri Oct 3 10:58:35 EDT 2014


Hi all,

CentOS6.5 \ Apache 2.2.15 \ Perl 5.18.2 \ MariaDB 5.5.39

I followed these instructions for my RT build:
http://binarynature.blogspot.pt/2013/05/install-request-tracker-4.html

I'm very new to RT. I've read up what I could find on CPAN, wiki and 
Google and I'm not quite sure which way to go here. RT is connecting to 
our ldap and a search result is found but the logs in ldap show "closed 
(connection lost)" so I suspect RT isn't seeing\getting the response 
back from LDAP. I have some examples below showing RT's LDAP requests 
with logs as well as the same search run via command line.

The main differences I can see in logs so far is command line test sends 
"scope=2 deref=0" vs RT test "scope=2 deref=2" and also that the RT test 
doesn't unbind and the connection is lost.

Command line: ldapsearch -x -p 389 -h ldap.simons-rock.edu -b 
ou=People,dc=simons-rock,dc=edu "(&(&(uid=*))(uid=wclarke))" mail uid

# extended LDIF
#
# LDAPv3
# base <ou=People,dc=simons-rock,dc=edu> with scope subtree
# filter: (&(&(uid=*))(uid=wclarke))
# requesting: mail uid
#

# wclarke, People, simons-rock.edu
dn: uid=wclarke,ou=People,dc=simons-rock,dc=edu
uid: wclarke
mail: wclarke at simons-rock.edu

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
---------------------------------------------------------------------------------------------------------------
Logs from ldap via command line - loglevel 256
---------------------------------------------------------------------------------------------------------------
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 ACCEPT from 
IP=10.30.2.36:51249 (IP=0.0.0.0:389)
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 BIND dn="" method=128
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 RESULT tag=97 err=0 
text=
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH 
base="ou=People,dc=simons-rock,dc=edu" scope=2 deref=0 
filter="(&(&(uid=*))(uid=wclarke))"
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH attr=mail uid
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=2 UNBIND
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 closed
---------------------------------------------------------------------------------------------------------------
Logs from ldap when logging into RT - loglevel 256
---------------------------------------------------------------------------------------------------------------
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 ACCEPT from 
IP=10.30.2.36:51262 (IP=0.0.0.0:389)
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 BIND dn="" method=128
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 RESULT tag=97 err=0 
text=
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH 
base="ou=People,dc=simons-rock,dc=edu" scope=2 deref=2 
filter="(&(&(uid=*))(uid=wclarke))"
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH attr=uid mail
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 closed (connection 
lost)
---------------------------------------------------------------------------------------------------------------
External Settings from: RT_SiteConfig.pm
---------------------------------------------------------------------------------------------------------------
Set( $ExternalSettings, {
         'My_LDAP'       =>  {
             'type'                      =>  'ldap',
             'server'                    => 'ldap2.simons-rock.edu',
             'base'                      => 
'ou=People,dc=simons-rock,dc=edu',
             'filter'                    => '(objectClass=*)',
             'net_ldap_args'             => [    version =>  3   ],

             'attr_match_list' => [
                 'Name',
                 'EmailAddress',
             ],
             'attr_map' => {
                 'Name' => 'uid',
                 'EmailAddress' => 'mail',
             },
         },
     } );

# You must install Plugins on your own, this is only an example
# of the correct syntax to use when activating them:
#       Plugin( "RT::Extension::SLA" );
#       Plugin( "RT::Authen::ExternalAuth" );

         Plugin( "RT::Authen::ExternalAuth" );
#       Plugin( "RT::Extension::Assets" );
#       plugin( "RT::Extension::Assets::Import::CSV" );
1;

-- 

William Clarke
ITS System Administrator
Bard College at Simon's Rock
84 Alford Road
Great Barrington, MA  01230
(413) 528-7428 (voice)
(413) 528-7405 (fax)
wclarke at simons-rock.edu

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20141003/30c00a8a/attachment.htm>


More information about the rt-users mailing list