[rt-users] RT 4.2.10 and ExternalAuth using LDAP
Jeff Blaine
jblaine at kickflop.net
Mon Apr 20 09:19:50 EDT 2015
https://metacpan.org/pod/RT::Authen::ExternalAuth::LDAP
says:
filter
The filter to use to match RT users. You must specify
it and it must be a valid LDAP filter encased in parentheses.
For example:
filter => '(objectClass=*)',
On 4/20/2015 5:16 AM, Indrek Paas wrote:
> Hi,
>
> I'm setting up an RT server on:
> CentOS 7.1 x64
> Apache 2.4
> PostgreSQL
> Perl v5.16.3
>
> Trying to use ExternalAuth to LDAP (Microsoft AD) using these settings
> in RT_SiteConfig.pm:
>
> Plugin( "RT::Authen::ExternalAuth" );
>
> Set( $ExternalAuthPriority, ["My_LDAP"] );
> Set( $ExternalInfoPriority, ["My_LDAP"] );
>
> Set($ExternalSettings, {
> 'My_LDAP' => {
> 'type' => 'ldap',
> 'server' => '1.1.1.1',
> 'user' => 'rtbinduser at domain.server',
> 'pass' => 'rtbinduserpw',
> 'base' => 'ou=Dom Users,ou=Company
> AD,dc=domain,dc=server',
>
> 'attr_match_list' => [
> 'Name',
> 'EmailAddress',
> ],
> 'attr_map' => {
> 'Name' => 'sAMAccountName',
> 'EmailAddress' => 'mail',
> 'Organization' => 'physicalDeliveryOfficeName',
> 'RealName' => 'cn',
> 'ExternalAuthId' => 'sAMAccountName',
> 'Gecos' => 'sAMAccountName',
> 'WorkPhone' => 'telephoneNumber',
> 'Address1' => 'streetAddress',
> 'City' => 'l',
> 'State' => 'st',
> 'Zip' => 'postalCode',
> 'Country' => 'co'
> },
> },
> } );
>
> I start the RT using it's own server : /opt/rt4/sbin/rt-server --port 8080
> Page loads in the browser and I can log in as root but when I try to log
> in using AD account I see in the logs:
>
> [warning]: Use of uninitialized value $filter in concatenation (.) or
> string at
> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
> line 453.
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:451)
>
> I have been digging through google and the LDAP.pm without success. When
> I messed with the 'base' value error changed:
>
> [25778] [Mon Apr 20 08:55:33 2015] [warning]: Use of uninitialized value
> $filter in concatenation (.) or string at
> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
> line 453.
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:451)
> [25778] [Mon Apr 20 08:55:33 2015] [error]: Can't call method
> "as_string" on an undefined value at
> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
> line 357.
>
> Stack:
>
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357]
>
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:843]
>
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:885]
> [/opt/rt4/sbin/../lib/RT/User.pm:141]
>
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:486]
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:10]
>
> [/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Session:1]
> [/opt/rt4/sbin/../lib/RT/Interface/Web.pm:310]
> [/opt/rt4/share/html/autohandler:53]
> (/opt/rt4/sbin/../lib/RT/Interface/Web/Handler.pm:208)
>
>
> Any suggestions to a right direction are welcome.
>
> PS! Went with LDAP because other services on the server use it
> successfully. I have installed RT using Kerberos auth before but decided
> to use something "simpler". :D
>
> --
> Indrek
--
Jeff Blaine
kickflop.net
PGP/GnuPG Key ID: 0x0C8EDD02
More information about the rt-users
mailing list