[rt-users] Issues with RTExternalAuth
John Bako
john.bako at nyu.edu
Wed Jul 6 12:31:23 EDT 2016
>From the stack trace is looks like you may not be connecting to your ldap
server. Use use ldapsearch to confirm that you're connecting. Here's a
sample of a ldapsearch to my active directory domain.
$ ldapsearch -LLL -ZZ -y password.txt -D
CN=mybindaccount,OU=SERVICE,OU=ACCTS,DC=AD,DC=NYU,DC=EDU -h ad.nyu.edu -b
OU=ACCTS,DC=AD,DC=NYU,DC=EDU
'(&(distinguishedName=OU=BIOG,OU=FAS,OU=WSQ,OU=USERS,OU=ACCTS,DC=ad,DC=nyu,DC=edu))'
For Red Hat 'yum install openldap-clients' will install ldapsearch. I
don't know what the equivalent is for OpenBSD.
--
John Bako
Manager, Scientific Computing
Department of Biology & Center for Genomics and Systems Biology
New York University
212-998-8207 (office)
On Thu, Jun 30, 2016 at 8:30 AM, Albert Shih <Albert.Shih at obspm.fr> wrote:
> Hi every one.
>
> I try to run a RT 4.4.0.
>
> The
>
> RT::Authen::ExternalAuth
>
> don't seem to work correctly.
>
> I already check on this mailing list, and try the patch I seem. Nothing
> seem to work correctly.
>
> Here my RT_SiteConfig.pm
>
> Set($WebExternalAuth, 1 );
> Set($ExternalAuthPriority, ['PLM']);
> Set($ExternalInfoPriority, ['PLM']);
> Set($ExternalServiceUsesSSLorTLS, '0');
> Set($AutoCreateNonExternalUsers, '1');
> Set($ExternalSettings, { 'PLM' => { 'type' => 'ldap',
> 'server' => '*****',
> 'user' => 'uid=nss,o=*****',
> 'pass' => '*****',
> 'base' => '*****',
> 'filter' => '(objectClass=person)',
> 'd_filter' => '',
> 'tls' => '0',
> 'ssl_version' => '3',
> 'net_ldap_args' => [ 'version => 3', ],
> 'attr_match_list' => [ 'Name', 'EmailAddress', ],
> 'attr_map' => { 'Name' => 'mail', 'EmailAddress' => 'mail',
> 'Organization' => 'ou', 'RealName' => 'displayName', 'WorkPhone' =>
> 'telephoneNumber', 'City' => 'l', },
> }});
>
> in that case I can authenticate in local without problem. But not against
> my LDAP server.
>
> If I add a
>
> Set($ExternalAuth, 1 );
>
> I can't authenticate at all (either local or LDAP) and I get something
> like :
>
>
> Jun 30 14:22:37 rt RT: [5913] Expected 'PeerHost' at
> /usr/local/lib/perl5/site_perl/Net/LDAP.pm line 164. Stack:
> [/usr/local/lib/perl5/site_perl/Carp.pm:167]
> [/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:485]
> [/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:386]
> [/usr/local/lib/perl5/5.20/mach/IO/Socket.pm:49]
> [/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:353]
> [/usr/local/lib/perl5/site_perl/Net/LDAP.pm:164]
> [/usr/local/lib/perl5/site_perl/Net/LDAP.pm:122]
> [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth/LDAP.pm:646]
> [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth/LDAP.pm:510]
> [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth.pm:581]
> [/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth.pm:328]
> [/usr/local/share/rt44/html/Elements/DoAuth:57]
> [/usr/local/lib/perl5/site_perl/RT/Interface/Web.pm:308]
> [/usr/local/share/rt44/html/autohandler:53]
>
> I running a RT 4.4.0 under FreeBSD.
>
> Any idea ?
>
> Regards
>
> JAS
> --
> Albert SHIH
> DIO bâtiment 15
> Observatoire de Paris
> 5 Place Jules Janssen
> 92195 Meudon Cedex
> France
> Téléphone : +33 1 45 07 76 26/+33 6 86 69 95 71
> xmpp: jas at obspm.fr
> Heure local/Local time:
> jeu 30 jui 2016 14:24:34 CEST
> ---------
> RT 4.4 and RTIR Training Sessions https://bestpractical.com/training
> * Los Angeles - September, 2016
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20160706/e028cba7/attachment.htm>
More information about the rt-users
mailing list