The machine name is specified elsewhere, but that is what the root DN looks like. Now whether that is the right format for that variable value or not, I don't know.
W. On 1/11/2011 5:49 AM, Josh Narins wrote: > > I have fiddled only a little with LDAP. > > > > The error message sounds like it isn't recognizing something as a DN. > > > > To me, your username doesn't look quite right. Is there really an LDAP > server at ucsc.edu? Shouldn't it be more like DC=ldap1,DC=ucsc,DC=edu, > to specify the machine name? > > > > I'm not even very good with windows, so, I could be way off, here. > > > > > > // > > *Josh Narins* > > Director of Application Development > SeniorBridge > 845 Third Ave > 7th Floor > New York, NY 10022 > Tel: (212) 994-6194 > Fax: (212) 994-4260 > Mobile: (917) 488-6248 > [email protected] > seniorbridge.com <http://www.seniorbridge.com/> > > SeniorBridge > > > > ------------------------------------------------------------------------ > *SeniorBridge Statement of Confidentiality:* The contents of this > email message are intended for the exclusive use of the addressee(s) > and may contain confidential or privileged information. Any > dissemination, distribution or copying of this email by an unintended > or mistaken recipient is strictly prohibited. In said event, kindly > reply to the sender and destroy all entries of this message and any > attachments from your system. Thank you. > > *From:*[email protected] > [mailto:[email protected]] *On Behalf Of *Wes Modes > *Sent:* Monday, January 10, 2011 9:04 PM > *To:* RT Users > *Subject:* [rt-users] ExternalAuth help needed > > > > I am using ExternalAuth to connect RT3.8.8 to LDAP. > > Detailed documentation seems to be woefully absent, and I've scoured > the web and tried the dozens of conflicting suggestions, so I'm > turning to y'all. > > Here's the error I get: > > [Tue Jan 11 01:41:56 2011] [critical]: > RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind: > LDAP_INVALID_DN_SYNTAX 34 > (/usr/local/rt/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:467) > > > Here's the LDAP section from my RT_Authen-ExternalAuth.pm > > 'My_LDAP' => { > ## GENERIC SECTION > # The type of service (db/ldap/cookie) > 'type' => 'ldap', > # The server hosting the service > 'server' => 'dir1.library.ucsc.edu', > ## SERVICE-SPECIFIC SECTION > # If you can bind to your LDAP server anonymously you should > # remove the user and pass config lines, otherwise specify > them here: > # > # The username RT should use to connect to the LDAP server > 'user' => 'cn=admin,dc=ucsc,dc=edu', > # The password RT should use to connect to the LDAP server > 'pass' => 'PASSWORD', > # > # The LDAP search base > 'base' => 'ou=people,dc=ucsc,dc=edu', > # > # ALL FILTERS MUST BE VALID LDAP FILTERS ENCASED IN PARENTHESES! > # YOU **MUST** SPECIFY A filter AND A d_filter!! > # > # The filter to use to match RT-Users > 'filter' => '(objectClass=person)', > # A catch-all example filter: '(objectClass=*)' > # > # The filter that will only match disabled users > 'd_filter' => '(objectClass=FooBarBaz)', > # A catch-none example d_filter: '(objectClass=FooBarBaz)' > # > # Should we try to use TLS to encrypt connections? > 'tls' => 0, > # SSL Version to provide to Net::SSLeay *if* using SSL > 'ssl_version' => 3, > # What other args should I pass to Net::LDAP->new($host,@args)? > 'net_ldap_args' => [ version => 3 ], > # Does authentication depend on group membership? What group name? > 'group' => 'staff', > # What is the attribute for the group object that determines > membership? > 'group_attr' => 'ou=group,dc=ucsc,dc=edu', > ## RT ATTRIBUTE MATCHING SECTION > # The list of RT attributes that uniquely identify a user > > # This example shows what you *can* specify.. I recommend > reducing this > > # to just the Name and EmailAddress to save encountering > problems later. > 'attr_match_list' => [ 'Name', > 'EmailAddress', > ], > # The mapping of RT attributes on to LDAP attributes > 'attr_map' => { 'Name' => 'uid', > 'EmailAddress' => 'mail', > 'RealName' => 'cn', > 'ExternalAuthId' => 'uid', > 'Gecos' => 'gecos', > 'WorkPhone' => > 'telephoneNumber', > } > > }, > > > What more do you need to know to help me get this working? > > Wes >
