[rt-users] Regarding External Authentication using LDAP
bharath reddy
vangoor.bharath at gmail.com
Tue Oct 13 22:38:29 EDT 2015
Hi Anton,
I used following block in my RT_SiteConfig :
Set(@Plugins, qw(RT::Authen::ExternalAuth) );
Set($ExternalAuthPriority, ["My_LDAP"]);
Set($ExternalInfoPriority, ["My_LDAP"]);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings, {
'My_LDAP' => { ## GENERIC SECTION
'type' => 'ldap',
'server' => '
vmns1.cs.sunysb.edu',
'user' => 'CN=Recruit
LDAP user,OU=Service Accounts,OU=SBCS,DC=cs,DC=stonybrook,DC=edu',
'pass' => '*******',
'base' =>
'ou=SBCS,dc=cs,dc=stonybrook,DC=edu',
# 'filter' =>
'((&(objectCategory=Users)))',
filter =>
'(objectClass=*)',
'd_filter' =>
'(userAccountControl:1.2.840.113556.1.4.803:=2)',
# 'd_filter' =>
'(&(objectCategory=User) (ObjectClass=Person))' ,
'tls' => 1,
'ssl_version' => 3,
'net_ldap_args' => [
version => 3 ],
# 'group' =>
'CN=Domain Users,CN=Users,DC=cs,DC=stonybrook,DC=edu',
# 'group_attr' =>
'member',
'attr_match_list' => [
'Name',
'EmailAddress'
],
'attr_map' => {
'Name' => 'sAMAccountName',
'EmailAddress' => 'mail' }
}
}
);
Is anything that I'm missing ?
Thanks,
Bharath.
On Tue, Oct 13, 2015 at 8:04 PM, Anton Panetta <
anton.panetta at haircareaust.com> wrote:
> Whats the block you put in your RT_SiteConfig relating to external auth?
>
>
>
>
>
>
>
> *From:* rt-users [mailto:rt-users-bounces at lists.bestpractical.com] *On
> Behalf Of *bharath reddy
> *Sent:* Wednesday, 14 October 2015 3:58 AM
> *To:* RT-List <rt-users at lists.bestpractical.com>
> *Subject:* [rt-users] Regarding External Authentication using LDAP
>
>
>
> Dear All,
>
>
>
> I followed the link https://metacpan.org/pod/RT::Authen::ExternalAuth and
> made required changes and then restarted my apache server. But when I'm
> logging into the RT from web it fails with :
>
> "*Your username or password is incorrect*"
>
>
>
> But user exists in the LDAP.
>
>
>
> Log file contains :
>
> [22441] [Tue Oct 13 16:58:25 2015] [error]: FAILED LOGIN for
> <my_user_name> from 130.245.10.107 (/rt/lib//RT/Interface/Web.pm:810)
>
>
>
> From the code(/rt/lib//RT/Interface/Web.pm) it fails at this point :
>
>
>
> unless ( $user_obj->id && $user_obj->IsPassword( $ARGS->{pass} ) ) {
>
> $RT::Logger->error("FAILED LOGIN for @{[$ARGS->{user}]} from
> $ENV{'REMOTE_ADDR'}");
>
>
>
> Can any one help me how to change the flow to authenticate from LDAP i.e
> it should check the username and password against the LDAP and not from DB.
>
>
>
> Any help or pointers to this issue will be appreciated.
>
>
>
> Thanks,
>
> Bharath.
> The information contained in this email message and any attachments may be
> confidential information. If you are not the intended recipient, any use,
> interference with, disclosure or copying of this material is unauthorised
> and prohibited. If you have received this email in error, please advise us
> immediately and delete the email and all copies. The content and opinions
> in non-business email are not necessarily those of Haircare Australia.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20151013/84691997/attachment.htm>
More information about the rt-users
mailing list