[rt-users] RT4.4 ExternalAuth & LDAPImport Issues

Nathan dundir at gmail.com
Wed Jul 27 14:51:45 EDT 2016


Hi there,

I've been attempting to get RT4.4 up and running with LDAP Authentication
and have run across a number of problems trying to isolate the issue. I'm
hoping someone can help me in the right direction to get authentication
working with import. I've been approaching the setup in stages, the plan
being Basic Setup first(local root login) -> LDAP Setup -> Mailgate Setup.

I'll include the SiteConfig below at the bottom, and here's the problem:

Set($ExternalAuthPriority, ['LDAP']);
Set($ExternalInfoPriority, ['LDAP']);

*Case (1) *Authentication Fails, User cannot be created, hard internal
error.

Set($ExternalAuthPriority, ['LDAP']);
#Set($ExternalInfoPriority, ['LDAP']);

*Case (2)* Authentication Succeeds, User created as Privileged=0, obviously
no Import with Info Commented.

External Settings are set up as such:

Set($ExternalSettings, {
    'LDAP' => {
        'type'    =>    'ldap',
        'server'    => '192.168.2.6',
        'user'         => 'ldapreader',
        'pass'        => 'password',
        'base'        => 'ou=branch,dc=test,dc=local',
        'filter'    => '(objectClass=*)',
        'd_filter'    => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
        'tls'        => 0,
        'ssl_version'        => 3,
        'net_ldap_args'    => [    version => 3    ],
        'attr_match_list'    => [
             'Name', 'EmailAddress',
         ],
         'attr_map' => {
             'Name' => 'sAMAccountName',
             'EmailAddress' =>    'mail',
             'Organization' =>    'physicalDeliveryOfficeName',
             'RealName' => 'cn',
             'ExternalAuthId' =>    'sAMAccountName',
             'Gecos' => 'sAMAccountName',
             'WorkPhone' => 'telephoneNumber',
             'Address1' =>    'streetAddress',
             'City' => 'l',
             'State' => 'st',
             'Zip' => 'postalCode',
             'Country' => 'co'
             },
         #'group' => 'CN=RTUsers,OU=Security
Groups,branch,DC=test,DC=local',
        'group_scope' => 'sub',
         #'group_attr' => 'memberOf',
        #'group_attr_value' => 'cn=RTUsers,ou=Security
Groups,ou=branch,dc=test,dc=local'

 },
 } );

*The log (1)*

[26664] [Wed Jul 27 18:02:06 2016] [debug]: Using internal Perl HTML ->
text conversion (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:1454)
[26664] [Wed Jul 27 18:02:06 2016] [debug]: The RTAddressRegexp option is
not set in the config. Not setting this option results in additional SQL
queries to check whether each address belongs to RT or not. It is
especially important to set this option if RT receives emails on addresses
that are not in the database or config.
(/opt/rt4/sbin/../lib/RT/Config.pm:531)
[26664] [Wed Jul 27 18:02:06 2016] [debug]: Attempting to use external auth
service: LDAP (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:288)
[26664] [Wed Jul 27 18:02:06 2016] [debug]: Calling UserExists with
$username (tuser) and $service (LDAP)
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:329)
[26664] [Wed Jul 27 18:02:06 2016] [debug]: UserExists params:
username: tuser , service: LDAP
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:486)
[26664] [Wed Jul 27 18:02:06 2016] [debug]: LDAP Search ===  Base:
ou=branch,dc=test,dc=local == Filter:
(&(objectClass=*)(sAMAccountName=tuser)) == Attrs:
telephoneNumber,sAMAccountName,streetAddress,postalCode,sAMAccountName,cn,co,st,mail,physicalDeliveryOfficeName,sAMAccountName,l
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:516)
[26664] [Wed Jul 27 18:02:06 2016] [debug]:
RT::User::CanonicalizeUserInfoFromExternalAuth called by RT::User
/opt/rt4/sbin/../lib/RT/User.pm 699 with: Disabled: , EmailAddress: ,
Gecos: tuser, Name: tuser, Privileged:
(/opt/rt4/sbin/../lib/RT/User.pm:735)
[26664] [Wed Jul 27 18:02:06 2016] [debug]: Attempting to get user info
using this external service: LDAP (/opt/rt4/sbin/../lib/RT/User.pm:743)
[26664] [Wed Jul 27 18:02:06 2016] [debug]: Attempting to use this
canonicalization key: Name (/opt/rt4/sbin/../lib/RT/User.pm:752)
[26664] [Wed Jul 27 18:02:06 2016] [debug]: LDAP Search ===  Base:
ou=branch,dc=test,dc=local == Filter:
(&(objectClass=*)(sAMAccountName=tuser)) == Attrs:
telephoneNumber,sAMAccountName,streetAddress,postalCode,sAMAccountName,cn,co,st,mail,physicalDeliveryOfficeName,sAMAccountName,l
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:404)
[26664] [Wed Jul 27 18:02:06 2016] [info]:
RT::User::CanonicalizeUserInfoFromExternalAuth returning Address1: , City:
Geronimo, Country: United States, Disabled: , EmailAddress: tuser at test.com,
ExternalAuthId: tuser, Gecos: tuser, Name: tuser, Organization: ,
Privileged: , RealName: Test User, State: CA, WorkPhone: 111-222-3333 x10,
Zip: 01234 (/opt/rt4/sbin/../lib/RT/User.pm:811)
[26664] [Wed Jul 27 18:02:06 2016] [warning]: DBD::mysql::st execute
failed: Unknown column 'ExternalAuthId' in 'field list' at
/usr/local/share/perl/5.18.2/DBIx/SearchBuilder/Handle.pm line 586, <DATA>
line 755. (/usr/local/share/perl/5.18.2/DBIx/SearchBuilder/Handle.pm:586)
[26664] [Wed Jul 27 18:02:06 2016] [warning]: RT::Handle=HASH(0x9b09a48)
couldn't execute the query 'INSERT INTO Users (City, Organization,
EmailAddress, Gecos, Created, ExternalAuthId, Creator, LastUpdatedBy,
State, RealName, id, Country, Zip, Address1, Name, Password, WorkPhone,
LastUpdated) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'
at /usr/local/share/perl/5.18.2/DBIx/SearchBuilder/Handle.pm line 599,
<DATA> line 755.
    DBIx::SearchBuilder::Handle::SimpleQuery(RT::Handle=HASH(0x9b09a48),
"INSERT INTO Users (City, Organization, EmailAddress, Gecos, C"...,
"Geronimo", undef, "tuser\@test.com", "tuser", "2016-07-27 18:02:06",
"tuser", ...) called at
/usr/local/share/perl/5.18.2/DBIx/SearchBuilder/Handle.pm line 352
    DBIx::SearchBuilder::Handle::Insert(RT::Handle=HASH(0x9b09a48),
"Users", "City", "Geronimo", "Organization", undef, "EmailAddress", "tuser\@
test.com", ...) called at
/usr/local/share/perl/5.18.2/DBIx/SearchBuilder/Handle/mysql.pm line 36
    DBIx::SearchBuilder::Handle::mysql::Insert(RT::Handle=HASH(0x9b09a48),
"Users", "City", "Geronimo", "Organization", undef, "EmailAddress", "tuser\@
test.com", ...) called at
/usr/local/share/perl/5.18.2/DBIx/SearchBuilder/Record.pm line 1320
    DBIx::SearchBuilder::Record::Create(RT::User=HASH(0x9b998c0),
"Organization", undef, "EmailAddress", "tuser\@test.com", "City",
"Geronimo", "Created", ...) called at /opt/rt4/sbin/../lib/RT/Record.pm
line 317
    RT::Record::Create(RT::User=HASH(0x9b998c0), "id", 65, "State", "LP",
"ExternalAuthId", "tuser", "Organization", ...) called at
/opt/rt4/sbin/../lib/RT/User.pm line 187
    RT::User::Create(RT::User=HASH(0x9b998c0), "Privileged", 0, "Name",
"tuser", "Gecos", "tuser") called at
/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm line 350
    RT::Authen::ExternalAuth::DoAuth(HASH(0x9b04988), "tuser", "password")
called at /opt/rt4/share/html/Elements/DoAuth line 57
    HTML::Mason::Commands::__ANON__("pass", "password", "next",
"f32dc9ca801c9ee4f0d23a977b48b74b", "user", "tuser") called at
/usr/local/share/perl/5.18.2/HTML/Mason/Component.pm line 135

HTML::Mason::Component::run(HTML::Mason::Component::FileBased=HASH(0x9b99938),
"pass", "password", "next", "f32dc9ca801c9ee4f0d23a977b48b74b", "user",
"tuser") called at /usr/local/share/perl/5.18.2/HTML/Mason/Request.pm line
1302
    eval {...} called at /usr/local/share/perl/5.18.2/HTML/Mason/Request.pm
line 1292
    HTML::Mason::Request::comp(undef, undef, "pass", "password", "next",
"f32dc9ca801c9ee4f0d23a977b48b74b", "user", "tuser") called at
/opt/rt4/sbin/../lib/RT/Interface/Web.pm line 308
    RT::Interface::Web::HandleRequest(HASH(0x9b65a78)) called at
/opt/rt4/share/html/autohandler line 53
    HTML::Mason::Commands::__ANON__("next",
"f32dc9ca801c9ee4f0d23a977b48b74b", "user", "tuser", "pass", "password")
called at /usr/local/share/perl/5.18.2/HTML/Mason/Component.pm line 135

HTML::Mason::Component::run(HTML::Mason::Component::FileBased=HASH(0x9bc4930),
"next", "f32dc9ca801c9ee4f0d23a977b48b74b", "user", "tuser", "pass",
"password") called at /usr/local/share/perl/5.18.2/HTML/Mason/Request.pm
line 1297
    eval {...} called at /usr/local/share/perl/5.18.2/HTML/Mason/Request.pm
line 1292
    HTML::Mason::Request::comp(undef, undef, undef, "next",
"f32dc9ca801c9ee4f0d23a977b48b74b", "user", "tuser", "pass", ...) called at
/usr/local/share/perl/5.18.2/HTML/Mason/Request.pm line 481
    eval {...} called at /usr/local/share/perl/5.18.2/HTML/Mason/Request.pm
line 481
    eval {...} called at /usr/local/share/perl/5.18.2/HTML/Mason/Request.pm
line 433
    HTML::Mason::Request::exec(RT::Interface::Web::Request=HASH(0x991af70))
called at /usr/local/share/perl/5.18.2/HTML/Mason/PSGIHandler.pm line 96
    eval {...} called at
/usr/local/share/perl/5.18.2/HTML/Mason/PSGIHandler.pm line 96

HTML::Mason::Request::PSGI::exec(RT::Interface::Web::Request=HASH(0x991af70))
called at /usr/local/share/perl/5.18.2/HTML/Mason/Interp.pm line 342
    HTML::Mason::Interp::exec(undef, undef, "next",
"f32dc9ca801c9ee4f0d23a977b48b74b", "user", "tuser", "pass", "password")
called at /usr/local/share/perl/5.18.2/HTML/Mason/PSGIHandler.pm line 59
    eval {...} called at
/usr/local/share/perl/5.18.2/HTML/Mason/PSGIHandler.pm line 59

HTML::Mason::PSGIHandler::invoke_mason(HTML::Mason::PSGIHandler::Streamy=HASH(0x99176d0),
HASH(0x990c3b0), HASH(0x92290f8)) called at
/usr/local/share/perl/5.18.2/HTML/Mason/PSGIHandler/Streamy.pm line 52
    HTML::Mason::PSGIHandler::Streamy::__ANON__(CODE(0x9bb3940)) called at
/usr/local/share/perl/5.18.2/Plack/Util.pm line 339
    Plack::Util::__ANON__(CODE(0x9b57078)) called at
/usr/local/share/perl/5.18.2/Plack/Handler/FCGI.pm line 147
    Plack::Handler::FCGI::run(Plack::Handler::FCGI=HASH(0x9ac96a0),
CODE(0x9a8c870)) called at /usr/local/share/perl/5.18.2/Plack/Loader.pm
line 84
    Plack::Loader::run(Plack::Loader=HASH(0x92092c0),
Plack::Handler::FCGI=HASH(0x9ac96a0)) called at
/usr/local/share/perl/5.18.2/Plack/Runner.pm line 277
    Plack::Runner::run(RT::PlackRunner=HASH(0x287c458)) called at
/opt/rt4/sbin/../lib/RT/PlackRunner.pm line 141
    eval {...} called at /opt/rt4/sbin/../lib/RT/PlackRunner.pm line 141
    RT::PlackRunner::run(RT::PlackRunner=HASH(0x287c458)) called at
/opt/rt4/sbin/rt-server.fcgi line 162
(/usr/local/share/perl/5.18.2/Carp.pm:170)
[26664] [Wed Jul 27 18:02:06 2016] [warning]: Use of uninitialized value
$args{"Organization"} in join or string at /opt/rt4/sbin/../lib/RT/User.pm
line 193, <DATA> line 755. (/opt/rt4/sbin/../lib/RT/User.pm:193)
[26664] [Wed Jul 27 18:02:06 2016] [warning]: Use of uninitialized value
$args{"Address1"} in join or string at /opt/rt4/sbin/../lib/RT/User.pm line
193, <DATA> line 755. (/opt/rt4/sbin/../lib/RT/User.pm:193)
[26664] [Wed Jul 27 18:02:06 2016] [error]: Could not create a new user -
State-CA-ExternalAuthId-tuser-Organization--EmailAddress-tuser at test.com-City-Geronimo-WorkPhone-111-222-3333
x10-Password-*NO-PASSWORD*-Name-tuser-Address1--Zip-01234-Gecos-tuser-Country-United
States-RealName-Test User (/opt/rt4/sbin/../lib/RT/User.pm:193)
[26664] [Wed Jul 27 18:02:06 2016] [error]: Couldn't create user tuser:
Could not create user (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:355)
[26664] [Wed Jul 27 18:02:06 2016] [debug]: Autohandler called
ExternalAuth. Response: (0, No User)
(/opt/rt4/share/html/Elements/DoAuth:58)
[26664] [Wed Jul 27 18:02:06 2016] [error]: FAILED LOGIN for tuser from
10.0.0.50 (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:826)

*The log (2)*

[26431] [Wed Jul 27 17:50:13 2016] [debug]: ExternalInfoPriority not
defined. User information (including user enabled/disabled) cannot be
externally-sourced (/opt/rt4/sbin/../lib/RT/Config.pm:1112)
[26431] [Wed Jul 27 17:50:13 2016] [debug]: Using internal Perl HTML ->
text conversion (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:1454)
[26431] [Wed Jul 27 17:50:13 2016] [debug]: The RTAddressRegexp option is
not set in the config. Not setting this option results in additional SQL
queries to check whether each address belongs to RT or not. It is
especially important to set this option if RT receives emails on addresses
that are not in the database or config.
(/opt/rt4/sbin/../lib/RT/Config.pm:531)
[26431] [Wed Jul 27 17:50:14 2016] [debug]: Attempting to use external auth
service: LDAP (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:288)
[26431] [Wed Jul 27 17:50:14 2016] [debug]: SSO Failed and no user to test
with. Nexting (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:316)
[26431] [Wed Jul 27 17:50:14 2016] [debug]: Autohandler called
ExternalAuth. Response: (0, No User)
(/opt/rt4/share/html/Elements/DoAuth:58)
[26431] [Wed Jul 27 17:50:14 2016] [debug]: Attempting to use external auth
service: LDAP (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:288)
[26431] [Wed Jul 27 17:50:14 2016] [debug]: SSO Failed and no user to test
with. Nexting (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:316)
[26431] [Wed Jul 27 17:50:14 2016] [debug]: Autohandler called
ExternalAuth. Response: (0, No User)
(/opt/rt4/share/html/Elements/DoAuth:58)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: Attempting to use external auth
service: LDAP (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:288)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: Calling UserExists with
$username (nsinger) and $service (LDAP)
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:329)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: UserExists params:
username: tuser , service: LDAP
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:486)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: LDAP Search ===  Base:
ou=branch,dc=test,dc=local == Filter:
(&(objectClass=*)(sAMAccountName=tuser)) == Attrs:
telephoneNumber,physicalDeliveryOfficeName,mail,co,l,postalCode,cn,sAMAccountName,streetAddress,sAMAccountName,st,sAMAccountName
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:516)
[26431] [Wed Jul 27 17:50:22 2016] [info]: Autocreated external user tuser
( 63 ) (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:358)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: Loading new user ( tuser ) into
current session (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:364)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: Password validation required
for service - Executing...
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:381)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: Trying external auth service:
LDAP (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:200)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: LDAP Search ===  Base:
ou=branch,dc=test,dc=local == Filter:
(&(sAMAccountName=tuser)(objectClass=*)) == Attrs: dn
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:233)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: Found LDAP DN: CN=Test
User,OU=Test,OU=Users,OU=branch,DC=test,DC=local
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:267)
[26431] [Wed Jul 27 17:50:22 2016] [info]:
RT::Authen::ExternalAuth::LDAP::GetAuth External Auth OK ( LDAP ): tuser
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:348)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: LDAP password validation
result: 1 (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:560)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: Password Validation Check
Result:  1 (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:385)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: Authentication successful. Now
updating user information and attempting login.
(/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:405)
[26431] [Wed Jul 27 17:50:22 2016] [info]: Successful login for tuser from
UNKNOWN (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:445)
[26431] [Wed Jul 27 17:50:22 2016] [debug]: Autohandler called
ExternalAuth. Response: (1, Successful login)
(/opt/rt4/share/html/Elements/DoAuth:58)



*SiteConfig.PM*use utf8;

#   perl -c /path/to/your/etc/RT_SiteConfig.pm
#
# You must restart your webserver after making changes to this file.
#

# You may also split settings into separate files under the
etc/RT_SiteConfig.d/
# directory.  All files ending in ".pm" will be parsed, in alphabetical
order,
# after this file is loaded.

# Configuration
Set($rtname, 'test.com');
Set($Organization, 'rt.test.com');
Set($Timezone, 'US/Pacific');
Set($WebDomain, 'rt.test.com');
Set($WebPort, 443);
Set($WebPath, '');

# Set Ticket Database User
Set($DatabaseHost, "localhost");
Set($DatabaseUser, "rt_user");
#Set($DatabaseUser, "root");
#Set($DatabasePassword, 'password');
Set($DatabasePassword, 'password');
Set($DatabaseName, 'rt4');
Set($OwnerEmail, 'rt at test.com');
#Set($DatabaseAdmin, "root");

# Logging
Set($LogToSTDERR, 'debug');
Set($LogToFile, 'debug');
Set($LogDir, '/opt/rt4/var/log/');
Set($LogToFileNamed, 'rt.log');
Set($LogToSyslog, 'debug');
Set($LogToScreen, "error");

# Web Fallback
#Set($WebFallbackToInternalAuth, 1);

# You must install Plugins on your own, this is only an example
# of the correct syntax to use when activating them:
#     Plugin( "RT::Authen::ExternalAuth" );

#Set( $WebRemoteUserAutocreate, 1);
Set( $UserAutocreateDefaultsOnLogin, {Privileged => 0});


# LDAP Authentication & Import
# Needed for local login of root
# Set($ExternalAuth, 1); No Longer Needed as ExternalAuth is now set when
External Settings defined. Notes: Difficult to toggle execution of External
Auth during troubleshooting without comment block quotes.


Set($ExternalAuthPriority, ['LDAP']);
#Set($ExternalInfoPriority, ['LDAP']);

Set($AutoCreateDefaultsOnLogin, { Privileged => 0 } );

Set($ExternalServiceUsesSSLorTLS, 0);

Set($AutoCreateNonExternalUsers, 1);


Set($ExternalSettings, {
    'LDAP' => {
        'type'    =>    'ldap',
        'server'    => '192.168.2.6',
        'user'         => 'ldapreader',
        'pass'        => 'password',
        'base'        => 'ou=branch,dc=test,dc=local',
        'filter'    => '(objectClass=*)',
        'd_filter'    => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
        'tls'        => 0,
        'ssl_version'        => 3,
        'net_ldap_args'    => [    version => 3    ],
        'attr_match_list'    => [
             'Name', 'EmailAddress',
         ],
         'attr_map' => {
             'Name' => 'sAMAccountName',
             'EmailAddress' =>    'mail',
             'Organization' =>    'physicalDeliveryOfficeName',
             'RealName' => 'cn',
             'ExternalAuthId' =>    'sAMAccountName',
             'Gecos' => 'sAMAccountName',
             'WorkPhone' => 'telephoneNumber',
             'Address1' =>    'streetAddress',
             'City' => 'l',
             'State' => 'st',
             'Zip' => 'postalCode',
             'Country' => 'co'
             },
         #'group' => 'CN=RTUsers,OU=Security
Groups,branch,DC=test,DC=local',
        'group_scope' => 'sub',
         #'group_attr' => 'member',
        #'group_attr_value' => 'cn=RTUsers,ou=Security
Groups,ou=branch,dc=test,dc=local'

 },
 } );

##LDAP Configurations
#LDAP Authentication
##LDAP USER IMPORT
#Set($LDAPHost, '192.168.2.6');
#Set($LDAPUser, 'ldapreader');
#Set($LDAPPassword, 'password');
#Set($LDAPFilter, '(&(cn = users))');

Set($LDAPCreatePrivileged, 1);
Set($LDAPUpdateUsers, 1);
#
#Set($LDAPMapping, {Name         => 'sAMAccountName', # required
#                     EmailAddress => 'mail',
#                    RealName     => 'cn',
#                      WorkPhone    => 'telephoneNumber',
#                      Organization => 'physicalDeliveryOfficeName'});
#
# Set($LDAPBase, "ou=branch,dc=test,dc=local");
# Set($LDAPGroup, "cn=RTUsers,ou=Security
Groups,ou=branch,dc=test,dc=local");



1;

#-------------------------------------------------------------------------------

Ideally I would like to have it check a group for membership and then allow
privileged login if a member.
The documentation wasn't very clear on how the commented external settings
(group, group, group_attr, and group_attr_value) interact.

The only minor success was with case (2) which is the SiteConfig I
included. The only deviation from the README during the base installation
is the use of www-data instead of www for groups and file permissions.

I went through the archive completely before reaching out.

Any help is much appreciated. - Nathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20160727/5bc349e5/attachment.html>


More information about the rt-users mailing list