Hi, Try turning on RT's logging in debug mode. That helped me figure out what was going on with my ExternalAuth. In the log, before the FAILED line you should see a few lines showing you if it's connecting to your LDAP, finding user etc.
Work from there! Mike. On Wed, Jul 28, 2010 at 3:23 AM, Anthony BRODARD <[email protected]>wrote: > Hi, > > I've installed RT 3.8.7 on a debian lenny with the manual procedure listed > here: http://wiki.bestpractical.com/view/ExternalAuth > > So, now i try to configure my RT_Siteconfig.pm to acces at RT via my LDAPS > serveur. > > This is a part of my configuration: > > #PLUGINS: > Set(@Plugins,(qw( > RT::Extension::MandatorySubject > RT::Extension::MandatoryRequestor > RT::Extension::SearchResults::XLS > RT::Extension::UserDetails > RT::FM > RT::IR > RTx::Tags > RT::Extension::WatchedQueues > RT::Extension::ServiceUpdates > RT::Authen::ExternalAuth > ))); > # AUTHENTICATION > > Set($ExternalAuthPriority, ['LDAP',] > ); > > Set($ExternalInfoPriority, ['LDAP',] > ); > > Set($ExternalServiceUsesSSLorTLS, 1); > > # DATABASES CONFIGURATION > Set($ExternalSettings, > { > 'LDAP' => { > 'type' => 'ldap', > 'server' => 'ldap.BLANKED', > 'user' => 'BLANKED', > 'pass' => 'BLANKED', > 'base' => 'dc=blanked,dc=fr', > 'filter' => '(uid=*)', > 'd_filter' => > '(objectClass=foobar)', > 'tls' => 1, > 'ssl_version' => 3, > 'net_ldap_args' => [ version => 3 ], > # 'group' => 'GROUP-NAME', > # 'group_attr' => 'GROUP_ATTR', > 'attr_match_list' => 'uid', > 'attr_map' => { > 'Name' => 'uid', > 'EmailAddress' => 'mail', > # 'Organization' => '', > 'RealName' => 'cn', > # 'ExternalAuthId' => '', > # 'Gecos' => '', > # 'WorkPhone' => 'telephonenumber', > # 'Address1' => '', > # 'City' => '', > # 'State' => '', > # 'Zip' => '', > # 'Country' => '' > } > } > }, > ); > 1; > > When i try to log on, i have a message which said that m'y username or my > password isn't correct. > > In the log files (/var/log/apache2/error.log), i have only : > > [Tue Jul 27 14:35:28 2010] [error]: FAILED LOGIN for anthony.brodard from > MY_IP (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424) > > > Do you know where is the mistake? > > After that, i want to activate a session's timeout on RT with mod_perl. Do > you know how can i do? > > Regards, > Anthony BRODARD > > > > > > > Discover RT's hidden secrets with RT Essentials from O'Reilly Media. > Buy a copy at http://rtbook.bestpractical.com > -- Mike Johnson Datatel Programmer/Analyst Northern Ontario School of Medicine 955 Oliver Road Thunder Bay, ON P7B 5E1 Phone: (807) 766-7331 Email: [email protected]
Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
