[rt-users] RT 4.4.1 LDAP Authentication issue.

Claude EDUMA claudeduma at gmail.com
Fri Dec 9 08:21:21 EST 2016


Well,

I will try to use user mail for authentication.

here is conf i tested without success :(

-----
 Set($ExternalSettings, {
        'My_LDAP'       =>  {
            'type'             =>  'ldap',
            'server'           =>  'ldap://ypmycorpldap.corp.mycorp.com',
            'user'             =>
 'uid=mycorp-rtir-reader,ou=applicationAccounts,o=corp.mycorp.com',
            'pass'             =>
 'SikH2mmKLtPi0E4ZYcqldTXAgILVxGVhXWlHBF3o21',
            'base'             =>  'o=corp.mycorp.com',
            'filter'           =>  '(objectClass=person)',
            'tls'              => { verify => "require", cafile =>
"/etc/pki/tls/mycorp_CERTIFICATE_CHAIN.crt" },
            'net_ldap_args'    => [    version =>  3, debug => 8   ],
            'attr_match_list'  => [
                'Name' ,
'EmailAddress',
            ],
            # Import the following properties of the user from LDAP upon
            # login
            'attr_map' => {
                'Name'         => 'mail',
                'EmailAddress' => 'mail',
                'RealName'     => 'cn',
            }
        },
    }
);

---

Regards



2016-12-09 13:59 GMT+01:00 Martin Wheldon <
martin.wheldon at greenhills-it.co.uk>:

> Hi,
>
> You could either use another unique attribute i.e mail or add another uid
> to each RT user prefixed by a letter.
>
> dn: uid=123456,dc=my,dc=domain
> uid: 123456
> uid: x123456
>
> Best Regards
>
> Martin
>
>
> On 2016-12-09 12:49, Joop wrote:
>
>> On 9-12-2016 13:38, Claude EDUMA wrote:
>>
>>> Hi Joop,
>>>
>>>
>>> Thank you for your quick answer.
>>> We have tested with non numerical username and result is OK.
>>> Well in my organisation we use ldap uid for username. Any suggestion
>>> to resolve this issue ?
>>>
>>> Please keep the list in the loop.
>>
>> I think the problem is in the function(s) which load the user info.
>> These functions take a name OR an id and then load the corresponding
>> info. When  usernames are IDs that doesn't work any more. Other than
>> patching all functions which use this I don't see another solution than
>> to change the use of uid as a username, sorry.
>>
>> Joop
>>
>> ---------
>> RT 4.4 and RTIR training sessions, and a new workshop day!
>> https://bestpractical.com/training
>> * Los Angeles - January 9-11 2017
>>
> ---------
> RT 4.4 and RTIR training sessions, and a new workshop day!
> https://bestpractical.com/training
> * Los Angeles - January 9-11 2017
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20161209/0d42504a/attachment.htm>


More information about the rt-users mailing list