[rt-users] RT 4.4.1 on Debian with RT::Authen::ExternalAuth?
Malcolm Galland
mgalland at goodygoody.com
Wed Oct 19 09:37:14 EDT 2016
I've set up RT, and am testing it with rt-server. Everything seems to
be going smoothly except LDAP with RT::Authen::ExternalAuth. I read
the docs and have implemented the suggested changes in
/opt/rt4/etc/RT_SiteConfig.pm like so:
Set( $ExternalAuthPriority, ["My_LDAP"] );
Set( $ExternalInfoPriority, ["My_LDAP"] );
Set($ExternalAuth, 1);
Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings, {
'My_LDAP' => {
'type' => 'ldap',
'server' => 'ggdc1.domain.int',
'user' => 'LDAP_ACCOUNT',
'pass' => 'LDAP_ACCOUNT_PASS',
'base' => 'ou=Production,dc=domain,dc=int',
'filter' => '(objectClass=inetOrgPerson)',
'attr_match_list' => [
'Name',
'EmailAddress',
],
'attr_map' => {
'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'RealName' => 'cn',
'WorkPhone' => 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => 'l',
'State' => 'st',
'Zip' => 'postalCode',
'Country' => 'co',
},
},
} );
The issue is when I try to login the users aren't allowed access, and I
get the following error from rt-server:
[error]: FAILED LOGIN for username_redacted from IP_REDACTED
(/opt/rt4/sbin/../lib/RT/Interface/Web.pm:826)
Just for kicks, if I run /opt/rt4/sbin/rt-ldapimport --debug
I get:
[critical]: Expected 'PeerHost' at
/usr/local/share/perl/5.20.2/Net/LDAP.pm line 164.
(/opt/rt4/sbin/../lib/RT.pm:390)
Any ideas? I read every document I could find, but it's hard to know
which non-official ones you can trust since RT has been around so long
and ExternalAuth was just added to the core. Also, the official docs
are a bit terse.
More information about the rt-users
mailing list