[rt-users] Issues with RTExternalAuth

John Bako john.bako at nyu.edu
Wed Jul 6 12:31:23 EDT 2016


>From the stack trace is looks like you may not be connecting to your ldap
server.  Use use ldapsearch to confirm that you're connecting.  Here's a
sample of a ldapsearch to my active directory domain.

$ ldapsearch -LLL -ZZ -y password.txt -D
CN=mybindaccount,OU=SERVICE,OU=ACCTS,DC=AD,DC=NYU,DC=EDU -h ad.nyu.edu -b
OU=ACCTS,DC=AD,DC=NYU,DC=EDU
'(&(distinguishedName=OU=BIOG,OU=FAS,OU=WSQ,OU=USERS,OU=ACCTS,DC=ad,DC=nyu,DC=edu))'

For Red Hat 'yum install openldap-clients' will install ldapsearch.  I
don't know what the equivalent is for OpenBSD.

--
John Bako
Manager, Scientific Computing
Department of Biology & Center for Genomics and Systems Biology
New York University
212-998-8207 (office)

On Thu, Jun 30, 2016 at 8:30 AM, Albert Shih <Albert.Shih at obspm.fr> wrote:

> Hi every one.
>
> I try to run a RT 4.4.0.
>
> The
>
>   RT::Authen::ExternalAuth
>
> don't seem to work correctly.
>
> I already check on this mailing list, and try the patch I seem. Nothing
> seem to work correctly.
>
> Here my RT_SiteConfig.pm
>
>   Set($WebExternalAuth, 1 );
>   Set($ExternalAuthPriority,  ['PLM']);
>   Set($ExternalInfoPriority,  ['PLM']);
>   Set($ExternalServiceUsesSSLorTLS,    '0');
>   Set($AutoCreateNonExternalUsers, '1');
>   Set($ExternalSettings, { 'PLM' => {   'type' =>     'ldap',
>     'server' =>     '*****',
>     'user' =>     'uid=nss,o=*****',
>     'pass' =>     '*****',
>     'base' =>     '*****',
>     'filter' =>     '(objectClass=person)',
>     'd_filter' =>     '',
>     'tls' =>     '0',
>     'ssl_version' =>     '3',
>     'net_ldap_args' =>   [ 'version => 3', ],
>     'attr_match_list' =>   [ 'Name',  'EmailAddress', ],
>     'attr_map' =>    {  'Name' => 'mail',  'EmailAddress' => 'mail',
> 'Organization' => 'ou',  'RealName' => 'displayName',  'WorkPhone' =>
> 'telephoneNumber',  'City' => 'l', },
>   }});
>
> in that case I can authenticate in local without problem. But not against
> my LDAP server.
>
> If I add a
>
>     Set($ExternalAuth, 1 );
>
> I can't authenticate at all (either local or LDAP) and I get something
> like :
>
>
> Jun 30 14:22:37 rt RT: [5913] Expected 'PeerHost' at
> /usr/local/lib/perl5/site_perl/Net/LDAP.pm line 164.  Stack:
>  [/usr/local/lib/perl5/site_perl/Carp.pm:167]
>  [/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:485]
>  [/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:386]
>  [/usr/local/lib/perl5/5.20/mach/IO/Socket.pm:49]
>  [/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:353]
>  [/usr/local/lib/perl5/site_perl/Net/LDAP.pm:164]
>  [/usr/local/lib/perl5/site_perl/Net/LDAP.pm:122]
>  [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth/LDAP.pm:646]
>  [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth/LDAP.pm:510]
>  [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth.pm:581]
>  [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth.pm:328]
>  [/usr/local/share/rt44/html/Elements/DoAuth:57]
>  [/usr/local/lib/perl5/site_perl/RT/Interface/Web.pm:308]
>  [/usr/local/share/rt44/html/autohandler:53]
>
> I running a RT 4.4.0 under FreeBSD.
>
> Any idea ?
>
> Regards
>
> JAS
> --
> Albert SHIH
> DIO bâtiment 15
> Observatoire de Paris
> 5 Place Jules Janssen
> 92195 Meudon Cedex
> France
> Téléphone : +33 1 45 07 76 26/+33 6 86 69 95 71
> xmpp: jas at obspm.fr
> Heure local/Local time:
> jeu 30 jui 2016 14:24:34 CEST
> ---------
> RT 4.4 and RTIR Training Sessions https://bestpractical.com/training
> * Los Angeles - September, 2016
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20160706/e028cba7/attachment.htm>


More information about the rt-users mailing list