Try this. In RT_SiteConfig.pm Set($WebFallbackToInternalAuth , 1); (or maybe it needs to be True. can't recall.)
Nelson Pereira wrote: > > How do I disable this functionality as this has made my RT unusable… > I’m getting all sorts of issues in the httpd logs…: > > > > [Tue Apr 8 17:19:02 2008] [critical]: RT::User::_GetBoundLdapObj > Can't bind: LDAP_INVALID_CREDENTIALS 49 > (/opt/rt3/local/lib/RT/User_Vendor.pm:1056) > > [Tue Apr 8 17:19:02 2008] [critical]: RT::User::_GetBoundLdapObj > Can't bind: LDAP_INVALID_CREDENTIALS 49 > (/opt/rt3/local/lib/RT/User_Vendor.pm:1056) > > [Tue Apr 8 17:19:02 2008] [critical]: RT::User::_GetBoundLdapObj > Can't bind: LDAP_INVALID_CREDENTIALS 49 > (/opt/rt3/local/lib/RT/User_Vendor.pm:1056) > > [Tue Apr 8 17:19:02 2008] [crit]: User creation failed in > mailgateway: Could not set user info > (/opt/rt3/lib/RT/Interface/Email.pm:243) > > [Tue Apr 8 17:19:02 2008] [crit]: User '[EMAIL PROTECTED]' could > not be loaded in the mail gateway (/opt/rt3/lib/RT/Interface/Email.pm:243) > > [Tue Apr 8 17:19:02 2008] [error]: RT could not load a valid user, > and RT's configuration does not allow > > for the creation of a new user for this email ([EMAIL PROTECTED]). > > > > You might need to grant 'Everyone' the right 'CreateTicket' for the > > queue general. (/opt/rt3/lib/RT/Interface/Email.pm:243) > > [Tue Apr 8 17:19:03 2008] [error]: Could not record email: Could not > load a valid user (/opt/rt3/share/html/REST/1.0/NoAuth/mail-gateway:75) > > > > > > How do I remove this and go back to the standard standalone MySQL auth…? > > ------------------------------------------------------------------------ > > *From:* [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] *On Behalf Of > *Nelson Pereira > *Sent:* Tuesday, April 08, 2008 1:05 PM > *To:* [email protected] > *Subject:* Re: [rt-users] Intergration with LDAP > > > > Ok, So I read the instruction on the link given although I still > cannot login with a valid Active Directory account.... > > > > Installed the CPAN module… > > > > I made the changes in the RT_SiteConfig.pm, restarted the webserver (OK) > > Try to login and I get this error in /var/log/httpd/error_log > > > > [Tue Apr 8 17:07:02 2008] [error]: Could not record email: RT > couldn't find the queue: general > (/opt/rt3/share/html/REST/1.0/NoAuth/mail-gateway:75) > > [Tue Apr 8 17:07:13 2008] [critical]: RT::User::_GetBoundLdapObj > Can't bind: LDAP_INVALID_CREDENTIALS 49 > (/opt/rt3/local/lib/RT/User_Vendor.pm:1056) > > > > What is this saying? > > > > My RT_SiteConfig.pm > > > > > > ##################################################################### > > ###################### LDAP AUthentication########################### > > ##################################################################### > > > > # Order in which the services defined in ExternalSettings > > # should be used to authenticate users. User is authenticated > > # if successfully confirmed by any service - no more services > > # are checked. > > Set($ExternalAuthPriority, [ 'My_LDAP', > > 'My_MySQL' > > ] > > ); > > > > # The order in which the services defined in ExternalSettings > > # should be used to get information about users. This includes > > # RealName, Tel numbers etc, but also whether or not the user > > # should be considered disabled. > > # Once user info is found, no more services are checked. > > Set($ExternalInfoPriority, [ 'My_MySQL', > > 'My_LDAP' > > ] > > ); > > > > # If this is set to true, then the relevant packages will > > # be loaded to use SSL/TLS connections. At the moment, > > # this just means "use Net::SSLeay;" > > Set($ExternalServiceUsesSSLorTLS, 0); > > > > # If this is set to 1, then users should be autocreated by RT > > # as internal users if they fail to authenticate from an > > # external service. > > Set($AutoCreateNonExternalUsers, 1); > > > > # These are the full settings for each external service as a HashOfHashes > > # Note that you may have as many external services as you wish. They will > > # be checked in the order specified in the Priority directives above. > > # e.g. > > # > Set(ExternalAuthPriority,['My_LDAP','My_MySQL','My_Oracle','SecondaryLDAP','Other-DB']); > > # > > Set($ExternalSettings, { # A LDAP SERVICE > > 'My_LDAP' => { ## GENERIC SECTION > > # The type of > service (db/ldap/cookie) > > > 'type' => 'ldap', > > # Should the > service be used for authentication? > > > 'auth' => 1, > > # Should the > service be used for information? > > > 'info' => 1, > > # The server > hosting the service > > > 'server' => 'my.domain.name', > > ## > SERVICE-SPECIFIC SECTION > > # If you can > bind to your LDAP server anonymously you should > > # remove the > user and pass config lines, otherwise specify them here: > > # > > # The username > RT should use to connect to the LDAP server > > > 'user' => 'myldapuser', > > # The password > RT should use to connect to the LDAP server > > > 'pass' => 'myladappass$', > > # > > # The LDAP > search base > > > 'base' => 'cn=Users,dc=protus,dc=org', > > # The filter > to use to match RT-Users > > > 'filter' => > '(FILTER_STRING)', > > # The filter > that will only match disabled users > > 'd_filter' > => '(FILTER_STRING)', > > # Should we > try to use TLS to encrypt connections? > > > 'tls' => 0, > > # What other > args should I pass to Net::LDAP->new($host,@args)? > > > 'net_ldap_args' => [ version => 3 ], > > # Does > authentication depend on group membership? What group name? > > > 'group' => 'GROUP_NAME', > > # What is the > attribute for the group object that determines membership? > > > 'group_attr' => 'GROUP_ATTR', > > ## RT > ATTRIBUTE MATCHING SECTION > > # The list of > RT attributes that uniquely identify a user > > > 'attr_match_list' => [ 'Name', > > > 'EmailAddress', > > > > 'RealName', > > > > 'WorkPhone', > > > > 'Address2' > > > > ], > > # The mapping > of RT attributes on to LDAP attributes > > > 'attr_map' => { 'Name' => 'sAMAccountName', > > > 'EmailAddress' => 'mail', > > > > 'Organization' => 'physicalDeliveryOfficeName', > > > 'RealName' => 'cn', > > > > 'ExternalAuthId' => 'sAMAccountName', > > > > 'Gecos' => 'sAMAccountName', > > > > 'WorkPhone' => 'telephoneNumber', > > > > 'Address1' => 'streetAddress', > > > > 'City' => 'l', > > > > 'State' => 'st', > > > > 'Zip' > => 'postalCode', > > > > 'Country' => 'co' > > > } > > } > > } > > ); > > 1; > > > > > > > > Nelson Pereira > > ------------------------------------------------------------------------ > > _______________________________________________ > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users > > Community help: http://wiki.bestpractical.com > Commercial support: [EMAIL PROTECTED] > > > Discover RT's hidden secrets with RT Essentials from O'Reilly Media. > Buy a copy at http://rtbook.bestpractical.com _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
