All, I'm having some LDAP woes with RT. I've followed the instructions from - New Installs - This is a new installation of rt-3.6.3
Here are the instructions I've followed: Installation is very straightforward if you haven't installed any previous LDAP auth/info implementations and don't currently have a User_Local.pm. 1. Copy the code from LdapUserLocalOverlay <http://wiki.bestpractical.com/index.cgi?LdapUserLocalOverlay> into ${RTHOME}/local/lib/RT/User_Local.pm (if it doesn't exist, create it) 2. Copy the config settings from LdapSiteConfigSettings <http://wiki.bestpractical.com/index.cgi?LdapSiteConfigSettings> into ${RTHOME}/etc/RT_SiteConfig.pm (I'd put it at the end, but it shouldn't matter) 3. Customize the configuration settings; pay careful attention to LdapAttrMap <http://wiki.bestpractical.com/index.cgi?LdapAttrMap>, which is a hash reference to map RT's attributes to the appropriate fields of your LDAP schema. *It's very unlikely that the LdapAttrMap <http://wiki.bestpractical.com/index.cgi?LdapAttrMap> shown in LdapSiteConfigSettings <http://wiki.bestpractical.com/index.cgi?LdapSiteConfigSettings> will work for you without customization! In particular, ActiveDirectory <http://wiki.bestpractical.com/index.cgi?ActiveDirectory> users should map:* Name => 'sAMAccountName' If your LDAP server does not allow anonymous binding, $LdapUser <http://wiki.bestpractical.com/index.cgi?LdapUser> and $LdapPass <http://wiki.bestpractical.com/index.cgi?LdapPass> should be set to the appropriate DN and password for intial connection. 4. Optionally, copy the code from LdapAutocreateAuthCallback <http://wiki.bestpractical.com/index.cgi?LdapAutocreateAuthCallback> into ${RTHOME}/local/html/Callbacks/LDAP/autohandler/Auth (most likely this doesn't exist, so create it) 5. If you haven't already done so, you will need to install the Perl Net::LDAP module from CPAN. ( perl -MCPAN -eshell ; install Net::LDAP ). 6. Stop your RT instance (e.g., /sbin/service httpd stop ) and CleanMasonCache <http://wiki.bestpractical.com/index.cgi?CleanMasonCache> then start the web server back up. Here's what I've done, so far: I've installed Net::LDAP module, set the $AuthMethod for LDAP only - Internal is disabled. Existing internal users still authenticate. Added the relevant pieces to /opt/rt3/etc/RT_SiteConfig.pm for LDAP support from http://wiki.bestpractical.com/index.cgi?LdapOverlay Configured the parameters for $LdapServer, $LdapBase, $LdapFilter Enabled debugging (aware of the passwords getting logged - using a test account), but that only tells me that it didn't work. Any way to set this for more output? Copied User_Local.pm into /opt/rt3/local/lib Stopped and restarted Apache after making changes and cleared the /opt/rt3/var/mason_data/obj/*, as needed. Sample from rt.log contains: [Thu Apr 26 22:12:23 2007] [error]: FAILED LOGIN for jsamples from <ip-address> (/opt/rt3/share/html/autohandler:249) I can't see anything from the RT side or the LDAP side; /var/log/ldap.log shows nothing out of the ordinary; they're not even talking to each other from what I can tell. Relevant software Web server: Apache 2.0.54 RT version: 3.6.3 Perl version: 5.8.7 OS: Linux LDAP: OpenLDAP 2.2.28 I've been through some of the archives (it's late in the day), but haven't had any luck. Any help or advice is greatly appreciated! Best regards, Randy Thompson _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
