Re: [rt-users] RT::Authen::ExternalAuth

[Dan Stilts]

As far as I know, this only gets updated when the user goes to login. 
However, I'm sure it's also very easily scriptable to pull rt3.Users and 
then pull the users from LDAP (AD) and update the user via sql in 
rt3.Users. Whether this would end up breaking anything, I'm not sure as 
this is just off the top of my head thinking, but I wouldn't think so.

Just a thought.
-Dan


On 9/1/10 8:21 AM, Peter Barton wrote:
Thanks a bunch Dan!!  That did the trick perfectly!  I am now able to
authenticate successfully from AD and from the local system.

Since it was so easy for you to spot my problem maybe you can help me
with one more request.  Like I said at the end of my last email I have
run the "rt_logins_email2ldap" script and everyone has appropriate
usernames to match AD.  Is there a way to have RT go through and
populate all the user information for each of the users that already
exist in my system?  Or is this supposed to be a dynamic step?  When I
open a ticket that existed prior to the installation of
RT::Authen::ExternalAuth the user information is not populated with
anything.

Any direction you can give would be greatly appreciated.

Thanks in advance,

----------
Peter Barton

-----Original Message-----
From: rt-users-boun...@lists.bestpractical.com
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Dan
Stilts
Sent: Tuesday, August 31, 2010 5:38 PM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT::Authen::ExternalAuth

Peter,

Looks like you have two plugin lines:

Set(@Plugins, qw(RT::Authen::ExternalAuth));
Set(@Plugins, qw(RTx::Calendar));

Try:
Set(@Plugins,(qw(RT::Authen::ExternalAuth RTx::Calendar)));

Your second plugin line is overwriting the first one.

-Dan

On 8/31/10 3:05 PM, Peter Barton wrote:
I have been searching all day long and I am having some issues getting
this running. Here is a quick copy of my RT_SiteConfig.pm:

Set(@Plugins, qw(RT::Authen::ExternalAuth));

Set(@Plugins, qw(RTx::Calendar));

Set($LogToFile,'debug');

Set($TrustHTMLAttachments, 1);

Set($ExternalAuthPriority, [ 'My_LDAP'

]

);

Set($ExternalInfoPriority, [ 'My_LDAP'

]

);

Set($ExternalServiceUsesSSLorTLS, 0);

Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, { # AN EXAMPLE DB SERVICE

'My_MySQL' =>  { ## GENERIC SECTION

'type' =>  'mysql',

'server' =>  'localhost',

'database' =>  'rt3',

'table' =>  'USERS_TABLE',

'user' =>  'rt_user',

'pass' =>  'blahblah',

'port' =>  '3306',

'dbi_driver' =>  'mysql',

'u_field' =>  'username',

'p_field' =>  'password',

'p_enc_pkg' =>  'Crypt::MySQL',

'p_enc_sub' =>  'password',

'd_field' =>  'disabled',

'd_values' =>  ['0'],

'attr_match_list' =>  [ 'Gecos',

'Name'

],

'attr_map' =>  { 'Name' =>  'username',

'EmailAddress' =>  'email',

'ExternalAuthId' =>  'username',

'Gecos' =>  'userID'

}

},

# AN EXAMPLE LDAP SERVICE

'My_LDAP' =>  { ## GENERIC SECTION

'type' =>  'ldap',

'server' =>  'iesicorp.tf.prv',

'user' =>  'cn=user,dc=tf,dc=prv',

'pass' =>  'blahblah',

'base' =>  'dc=tf,dc=prv',

'filter' =>  '(objectClass=user)',

'd_filter' =>  '(objectClass=FooBarBaz)',

'tls' =>  0,

'ssl_version' =>  3,

'net_ldap_args' =>  [ version =>  3 ],

# 'group' =>  'Domain Users',

# 'group_attr' =>  'memberof',

'attr_match_list' =>  [ 'Name',

'EmailAddress',

'RealName',

'WorkPhone',

'Address2'

],

# The mapping of RT attributes on to LDAP attributes

'attr_map' =>  { 'Name' =>  'sAMAccountName',

'EmailAddress' =>  'mail',

'Organization' =>  'physicalDeliveryOfficeName',

'RealName' =>  'cn',

'ExternalAuthId' =>  'sAMAccountName',

'Gecos' =>  'sAMAccountName',

'WorkPhone' =>  'telephoneNumber',

'Address1' =>  'streetAddress',

'City' =>  'l',

'State' =>  'st',

'Zip' =>  'postalCode',

'Country' =>  'co'

}

},

When I restart apache2 everything works fine. I see no errors. Yet
when
I log into the web page I get this:

[Tue Aug 31 21:44:27 2010] [info]: Successful login for pbarton from
192.168.10.60 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:430)

I check the "System Configuration" and I see no reference to
RT::Authen::ExternalAuth anywhere in there. From all the logs it does
not even appear that I am loading this plugin.

BTW, I am running Ubuntu 8.0.4 LTS and RT version 3.8.6 and I
installed
RT::Authen::ExternalAuth from cpan version 0.08.

I have successfully run the "rt_logins_email2ldap" script and was able
to make all the necessary changes to accomoodate the change from local
user auth to LDAP auth. Any help anyone

Can provide I would be greatly appreciative.

Thanks,

----------

Peter Barton




RT Training in Washington DC, USA on Oct 25&   26 2010
Last one this year -- Learn how to get the most out of RT!

RT Training in Washington DC, USA on Oct 25&  26 2010
Last one this year -- Learn how to get the most out of RT!

RT Training in Washington DC, USA on Oct 25&  26 2010
Last one this year -- Learn how to get the most out of RT!

RT Training in Washington DC, USA on Oct 25 & 26 2010
Last one this year -- Learn how to get the most out of RT!