Thu 21 May 2009 15:18:29 GMT Eric Chatham wrote: > I'm still having a problem with this. Does anyone know how to get LDAP > working on RT 3.8.2? Thank you.
Absolutely. > -----Original Message----- > From: Eric Chatham > Sent: Wednesday, May 20, 2009 14:55 > To: 'Eric Chatham'; [email protected] > Subject: RE: Regular Authentication and ExternalAuth RT 3.8.1 > > On Tuesday, May 20, 2009, Eric Chatham wrote: > >> It appears that after I got Apache/MySql working previously, I am unable to >> login with the default username/password (root/password) to the web > >> interface. I started a new topic for this. I also tried adding settings in >> for ExternalAuth to the RT_SiteConfig.pm. I am getting an @INC >> error in Apache when I try restarting the service. Even before I added the >> "External Authentication" variables, "LDAP" variables and the >> "ExternalAuth" Plugin setting, I still could not login using root and >> password. I think part of the problem may be that you seem to be mixing LDAP implementations. >> >> /opt/rt3/etc/RT_SiteConfig.pm settings: > > I fixed some of my problems. I did two things to fix them, but I'm still > stuck. > > 1. I copied my RT_SiteConfig.pm and Apache Config and re-ran the > installation (./configure -> make testdeps -> make install). I copied my > saved RT_SiteConfig.pm and Apache config back to their original location. I > ran "make dropdb" to redo the database installation. There wasn't anything > in there before so I was aware of the warning of all data being lost. > > This fixed the problem I was having trying to log onto the web interface with > the defaults (root and password). I would like to change this password, can > anyone tell me how this is changed? The README file didn't say how or where. > >> APACHE ERROR_LOG: You don't mention actually *installing* RT::Authen::ExternalAuth into your RT install.. > > 2. I partly fixed the problem I was having with LDAP. First, I looked for > the ./RT/Authen/ directory and copied it recursively over to /opt/rt3/bin. > This fixed the problem as far as the Module being included, but it did not > fix the problem I'm having trying to use LDAP. I totally don't see how that would work.. throwing random stuff into a bin dir certainly would have no impact on getting it going.. This further makes me concerned that you might not have actually installed the plugin at all. > > So, here are examples of my problems after the fixings. Could someone double > check them for me? Thank you once again for your assistance. > > RT_SiteConfig.pm settings: > > Set(@Plugins, qw(RT::Authen::ExternalAuth)); This line is right and is what causes the plugin to get loaded assuming it's properly installed. > # External Authentication > Set($ExternalAuthPriority, ['My_LDAP']); > Set($ExternalInfoPriority, ['My_LDAP']); > Set($AutoCreateNonExternalUsers, 1); > Set($ExternalAuthPriority, ['My_LDAP', 'My_MySQL', 'My_Oracle', > 'SecondaryLDAP', 'Other-DB']); Why are you overriding ExternalAuthPriority with invalid entries after having set it correctly the first time? > Set($AuthMethods, ['My_LDAP', 'Internal']); This is not a valid setting any more. Delete it. It was deprecated by ExternalAuthPriority. > Set($LdapExternalAuth, 0); > Set($LdapExternalInfo, 0); > Set($LdapAutoCreateNonLdapUsers, 1); These are nothing to do with ExternalAuth, you must have picked them up from somewhere else. Delete them. > Set($LdapAttrMap, {'Name' => 'sAMAccountName', > 'EmailAddress' => 'mail', > 'Orginization' => 'o', > 'RealName' => 'cn', > 'ExternalContactInfoId' => 'dn', > 'ExternalAuthId' => 'sAMAccountName', > 'Gecos', => 'sAMAccountName', > 'WorkPhone', => 'telephoneNumber', > 'Address1' => 'streetAddress', > 'City' => 'l', > 'State' => 'st', > 'Zip' => 'postalCode', > 'Country' => 'co'}); > Set($LdapRTAttrMatchList, ['ExternalContactInfoId', 'Name', > 'EmailAddress', 'RealName', > 'WorkPhone', 'Address2']); > Set($LdapEmailAttrMatchList, ['mail', 'mailRoutingAddress', > 'mailAlternateAddress']); > Set($LdapEmailAttrMatchPrefix, ['', 'smtp', 'SMTP:']); > Set($LdapServer, 'clehbdc01.broadvox.local'); > Set($LdapBase, 'OU=USA,DC=broadvox,DC=local'); > Set($LdapFilter, '(objectClass=*)'); ALL of these are irrelevant to ExternalAuth. ExternalAuth uses a single config variable called ExternalSettings with the settings for all external configurations inside it. > > Here are my APACHE ERROR_LOG listings: > The apache error_log is useless for debugging EA, you need to have debug logging enabled and look at the rt log. You need to go back to basics and start again. First things first, go to cpan and get the latest tarball for RT-Authen-ExternalAuth v0.08. http://search.cpan.org/CPAN/authors/id/Z/ZO/ZORDRAK/RT-Authen-ExternalAuth-0.08.tar.gz Open the README and read it top to bottom. http://search.cpan.org/src/ZORDRAK/RT-Authen-ExternalAuth-0.08/README Open the example configuration file and read through. If it's not provided as an example entry there, you shouldn't have it in your RT_SiteConfig.pm. http://cpansearch.perl.org/src/ZORDRAK/RT-Authen-ExternalAuth-0.08/etc/RT_SiteConfig.pm Once done, strip your RT_SiteConfig.pm down to basics and add the directives you need from the example, modifying them to suit and work with your LDAP environment. -- Kind Regards, __________________________________________________ Mike Peachey, IT Tel: +44 114 281 2655 Fax: +44 114 281 2951 Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK Comp Reg No: 3191371 - Registered In England http://www.jennic.com __________________________________________________ _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [email protected] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
