Sorry, but my post was not directed towards your issue. Just a general howto post to accomplish authentication against multiple LDAP servers.
Ariel From: [email protected] [mailto:[email protected]] Sent: Thursday, June 10, 2010 12:38 PM To: Ariel Saia Subject: Re: [rt-users] Authenticate with multiple LDAP Domains That looks nice, but I believe my issue is with the following: #THE LDAP SERVER Set(@Plugins, qw(RT::Authen::ExternalAuth)); Set($EmailCompletionUnprivileged,"privileged"); If I comment them out, everything is fine, apache2 can restart, but if uncomment apache2 will fail. What is the work around for that? thanks, -----Original Message----- From: Ariel Saia <[email protected]> To: RT-Users <[email protected]> Sent: Thu, Jun 10, 2010 1:44 pm Subject: [rt-users] Authenticate with multiple LDAP Domains Just wanted to post this as it may help someone. I needed to authenticate against multiple AD domains and in the archives someone had asked how to do this. Here is my ExternalAuth: RT_SiteConfig.pm file. ---------------------------------------------------------------------------------------------------------------------------- Set($ExternalAuthPriority, [ 'My_LDAP', 'My_LDAP2' ] ); Set($ExternalInfoPriority, [ 'My_LDAP', 'My_LDAP2' ] ); Set($ExternalServiceUsesSSLorTLS, 0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'My_LDAP' => { 'type' => 'ldap', 'server' => '192.168.0.1', 'user' => 'CN=rt, OU=TEST-CO, DC=Domain1, DC=COM', 'pass' => 'passowrd', 'base' => 'DC=Domain1,DC=COM', 'filter' => '(ObjectClass=*)', # 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)', 'tls' => 0, # 'ssl_version' => 3, 'net_ldap_args' => [ version => 3 ], # 'group' => 'cn=RT Users,ou=Services,dc=internal,dc=local', # 'group_attr' => 'member', 'attr_match_list' => [ 'Name', 'EmailAddress' ], 'attr_map' => { 'Name' => 'sAMAccountName', 'EmailAddress' => 'mail', 'Organization' => 'physicalDeliveryOfficeName', 'RealName' => 'cn', 'ExternalAuthId' => 'sAMAccountName', 'Gecos' => 'sAMAccountName', 'WorkPhone' => 'telephoneNumber', 'Address1' => 'streetAddress', 'City' => 'l', 'State' => 'st', 'Zip' => 'postalCode', 'Country' => 'co' } }, 'My_LDAP2' => { 'type' => 'ldap', 'server' => '192.168.1.1', 'user' => 'CN=rt, OU=TEST-CO, DC=Domain2, DC=COM', 'pass' => 'password', 'base' => 'DC=Domain2,DC=COM', 'filter' => '(ObjectClass=*)', # 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)', 'tls' => 0, # 'ssl_version' => 3, 'net_ldap_args' => [ version => 3 ], # 'group' => 'cn=RT Users,ou=Services,dc=internal,dc=local', # 'group_attr' => 'member', 'attr_match_list' => [ 'Name', 'EmailAddress' ], 'attr_map' => { 'Name' => 'sAMAccountName', 'EmailAddress' => 'mail', 'Organization' => 'physicalDeliveryOfficeName', 'RealName' => 'cn', 'ExternalAuthId' => 'sAMAccountName', 'Gecos' => 'sAMAccountName', 'WorkPhone' => 'telephoneNumber', 'Address1' => 'streetAddress', 'City' => 'l', 'State' => 'st', 'Zip' => 'postalCode', 'Country' => 'co' } } } ); 1; Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
