Tim Wilson wrote: > Hi all, > > Anyone using LDAP Auth for RT with Novell eDirectory?
Yep. > I've been working through the LDAP documentation at the wiki > (http://wiki.bestpractical.com/index.cgi?LDAP) and I've got things > mostly working with RT 3.6.1 and Novell eDirectory 8.7.x. I can log in > to RT and everything seems to work fine except that every time I log in, > eDirectory decrements my grace login total. Once I'm down to zero I > can't log in to RT until I go into eDirectory (via ConsoleOne in my > case) and give myself some more grace logins. > > When I look at the eDirectory log I find a socket error (-5871) every > time RT sends a search request. RT does a number of LDAP searches for > every log in attempt. The odd thing is that I don't get an actual NDS > error until RT tries to use the LDAP filter settings that are included > in RT_SiteConfig. For example: > > filter: "(cn=twilson)" isn't a problem. Neither is filter: > "([EMAIL PROTECTED])". After those two searches RT tries > one that looks like this: > > filter: "(&(cn=twilson)(objectclass=person))" > > That one produces an "NDS error: bad password (-222)". Presumably > that's when the grace login count gets decremented. The next time I try > to log in it fails and the eDirectory log shows "NDS error: password > expired (-223)". > > I've disabled the grace login feature for now, but that's not an > effective long-term solution. > > I'd love to hear some suggestions. > > -Tim Unfortunately, I'm not really familiar with NDS grace logins (we don't use them), so I don't know if I can help much. I would think this is only a problem if the user's password has already expired? You may need to post your LDAP-related settings from RT_SiteConfig. Jason _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
