James Treleaven wrote: > I have installed the ExternalAuth extension (thanks Mike!) to try and > validate against my Active Directory server, but I am failing with the > following message in my apache error_log: > > [Wed Apr 9 22:20:09 2008] [critical]: RT::User::_GetBoundLdapObj Can't > bind: LDAP_INVALID_CREDENTIALS 49 > (/usr/local/rt3/lib/RT/User_Vendor.pm:1056) > > > This looked to me (and other messages on this list seemed to indicate) > that my problem was one of not providing a correct username/password > pair with which to connect to the AD server. This seemed strange to me > because I was able to validate, on the same machine that is running RT, > against AD using the same username/password pair using ldapsearch. > > > So I had our AD admin configure AD to allow "Anonymous Binding". Now I > am still getting the same error message as above
When you set anonymous binding, did you remove the user and pass lines from the LDAP config? There's no reason I know of why anonymous shouldn't work so long as you don't specify those two lines. As for doing it WITH the credentials it's possible we could be looking at a bug, but it's difficult for me to tell because I don't have a non-anonymous LDAP server to test against. If you want to do any debugging yourself, you need to be looking at the _GetBoundLdapObj function in $RTHOME/local/lib/RT/User_Vendor.pm which is pretty small and just reads in the config as you've written it. This is only a small suggestion, but is there any chance that Active Directory is expecting a username in the form DOMAIN\USERNAME rather than just username? That causes problems all over the place. -- Kind Regards, __________________________________________________ Mike Peachey, IT Tel: +44 114 281 2655 Fax: +44 114 281 2951 Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK Comp Reg No: 3191371 - Registered In England http://www.jennic.com __________________________________________________ _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
