Hi, Mike, Thanks, I tried your suggestions, base should be correct, because we have other service also using this ldap server. I limmted attr_map to just email and externalAuthId, it still gave same error message. Following are are detailed debug information. Thanks and Regards, Ben [Wed Sep 2 22:47:45 2009] [critical]: RT::User::_GetBoundLdapObj Can't bind: LDAP_INVALID_DN_SYNTAX 34 (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:1056) [Wed Sep 2 22:47:45 2009] [debug]: RT::User::IsExternalPassword Trying External authentication (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:52) [Wed Sep 2 22:47:45 2009] [debug]: Attempting to use external auth service: My_LDAP (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:63) [Wed Sep 2 22:47:45 2009] [critical]: RT::User::_GetBoundLdapObj Can't bind: LDAP_INVALID_DN_SYNTAX 34 (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:1056) [Wed Sep 2 22:47:45 2009] [info]: RT::User::IsExternalPassword External Auth Failed: yhuang (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:294) [Wed Sep 2 22:47:45 2009] [debug]: RT::User::IsPassword External auth FAILED (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:360) [Wed Sep 2 22:47:45 2009] [info]: RT::User::IsInternalPassword AUTH FAILED: ben (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:331) [Wed Sep 2 22:47:45 2009] [debug]: RT::User::IsPassword Internal auth FAILED (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:366) [Wed Sep 2 22:47:45 2009] [error]: FAILED LOGIN for ben from 10.64.16.119 (/usr/share/rt3/html/autohandler:251)
--- On Wed, 9/2/09, Michael Ellis <[email protected]> wrote: From: Michael Ellis <[email protected]> Subject: RE: [rt-users] RT::Authen::ExternalAuth error To: "'Ben'" <[email protected]>, [email protected] Date: Wednesday, September 2, 2009, 5:00 PM Hi Ben, Barring things like the user not being authorized, or your base being incorrect, try limiting your attr_map down to just the essentials. I got errors trying to map things that I thought should work just fine. I can’t remember what error I got, but it wasn’t descriptive and it caused a complete failure of the process. -Mike From: [email protected] [mailto:[email protected]] On Behalf Of Ben Sent: September-02-09 2:20 PM To: [email protected] Subject: [rt-users] RT::Authen::ExternalAuth error Hi, All, I have errors with RT 3.6.5 and RT-Authen-ExternalAuth-0.05 on my centos box. following are error messages: [Tue Sep 1 23:39:32 2009] [critical]: RT::User::_GetBoundLdapObj Can't bind: LDAP_INVALID_DN_SYNTAX 34 (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:1056) [Tue Sep 1 23:39:32 2009] [critical]: RT::User::_GetBoundLdapObj Can't bind: LDAP_INVALID_DN_SYNTAX 34 (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:1056) And my configuration: Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set($ExternalAuthPriority, [ 'My_LDAP' ]); Set($ExternalInfoPriority, [ 'My_LDAP' ]); Set($ExternalServiceUsesSSLorTLS, 0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'My_LDAP' => { 'type'=>'ldap', 'auth'=>1, 'info'=> 1, 'server'=> 'tldap01.smith.com', 'user' => 'rt3', 'pass' => 'mypassword', 'base'=> 'ou=people,dc=smith,dc=com', 'filter'=> '(objectClass=person)', 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)', 'tls' => 0, 'net_ldap_args' => [ version => 3 ], # 'group' => 'GROUP_NAME', # 'group_attr' => 'GROUP_ATTR', 'attr_match_list' => [ 'Name', 'EmailAddress', 'RealName', 'WorkPhone', 'Address2' ], 'attr_map' => { 'Name' => 'sAMAccountName', 'EmailAddress' => 'mail', 'Organization' => 'physicalDeliveryOfficeName', 'RealName' => 'cn', 'ExternalAuthId' => 'sAMAccountName', 'Gecos' => 'sAMAccountName', 'WorkPhone' => 'telephoneNumber', 'Address1' => 'streetAddress', 'City' => 'l', 'State' => 'st', 'Zip' => 'postalCode', 'Country' => 'co' } } } Am I doing soething wrong? Thanks, Please advise. Regards, Ben
_______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [email protected] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
