[rt-users] RT 4.2.10 and ExternalAuth using LDAP
Trev
trevor at onepost.net
Mon Apr 20 08:22:40 EDT 2015
Hello Indrek,
I had some problems with External Auth as well. I ended up going with
LDAP Import, authentication works based on LDAP credentials being imported.
You have a bit more control as you can filter on groups or user names if
you choose that route.
I threw together a how to:
http://trevthorpe.blogspot.com/2015/01/request-tracker-424-ldap-authentication.html
Hope this offers some help.
Thanks,
Trev
On Mon, Apr 20, 2015 at 5:16 AM, Indrek Paas <indrekpaas at gmail.com> wrote:
> Hi,
>
> I'm setting up an RT server on:
> CentOS 7.1 x64
> Apache 2.4
> PostgreSQL
> Perl v5.16.3
>
> Trying to use ExternalAuth to LDAP (Microsoft AD) using these settings in
> RT_SiteConfig.pm:
>
> Plugin( "RT::Authen::ExternalAuth" );
>
> Set( $ExternalAuthPriority, ["My_LDAP"] );
> Set( $ExternalInfoPriority, ["My_LDAP"] );
>
> Set($ExternalSettings, {
> 'My_LDAP' => {
> 'type' => 'ldap',
> 'server' => '1.1.1.1',
> 'user' => 'rtbinduser at domain.server
> ',
> 'pass' => 'rtbinduserpw',
> 'base' => 'ou=Dom Users,ou=Company
> AD,dc=domain,dc=server',
>
> 'attr_match_list' => [
> 'Name',
> 'EmailAddress',
> ],
> 'attr_map' => {
> 'Name' => 'sAMAccountName',
> 'EmailAddress' => 'mail',
> 'Organization' => 'physicalDeliveryOfficeName',
> 'RealName' => 'cn',
> 'ExternalAuthId' => 'sAMAccountName',
> 'Gecos' => 'sAMAccountName',
> 'WorkPhone' => 'telephoneNumber',
> 'Address1' => 'streetAddress',
> 'City' => 'l',
> 'State' => 'st',
> 'Zip' => 'postalCode',
> 'Country' => 'co'
> },
> },
> } );
>
> I start the RT using it's own server : /opt/rt4/sbin/rt-server --port 8080
> Page loads in the browser and I can log in as root but when I try to log
> in using AD account I see in the logs:
>
> [warning]: Use of uninitialized value $filter in concatenation (.) or
> string at
> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
> line 453.
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:451)
>
> I have been digging through google and the LDAP.pm without success. When I
> messed with the 'base' value error changed:
>
> [25778] [Mon Apr 20 08:55:33 2015] [warning]: Use of uninitialized value
> $filter in concatenation (.) or string at
> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
> line 453.
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:451)
> [25778] [Mon Apr 20 08:55:33 2015] [error]: Can't call method "as_string"
> on an undefined value at
> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
> line 357.
>
> Stack:
>
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357]
>
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:843]
>
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:885]
> [/opt/rt4/sbin/../lib/RT/User.pm:141]
>
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:486]
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:10]
>
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Session:1]
> [/opt/rt4/sbin/../lib/RT/Interface/Web.pm:310]
> [/opt/rt4/share/html/autohandler:53]
> (/opt/rt4/sbin/../lib/RT/Interface/Web/Handler.pm:208)
>
>
> Any suggestions to a right direction are welcome.
>
> PS! Went with LDAP because other services on the server use it
> successfully. I have installed RT using Kerberos auth before but decided to
> use something "simpler". :D
>
> --
> Indrek
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20150420/b3820352/attachment.htm>
More information about the rt-users
mailing list