On Thu, Jan 13, 2011 at 01:41:34PM -0800, Wes Modes wrote: Your previous errors were actually in GetBoundLDAPObj so this is different.
> [Thu Jan 13 21:39:34 2011] [critical]: Search for
> (ou=group,dc=ucsc,dc=edu=uid=wmodes,ou=people,dc=ucsc,dc=edu) failed:
> LDAP_INVALID_DN_SYNTAX
> 34
> (/usr/local/rt/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:116)
As noted earlier, this seems to be because your config is interesting and
isn't specifying an attribute for the group_attr.
RT-Authen-ExternalAuth's group membership expects to work based on a search for
group_attr = DN of user
with a base of the group's DN
being a valid query. You should see a debug output of something like:
$RT::Logger->debug( "LDAP Search === ",
"Base:",
$base,
"== Filter:",
$filter->as_string,
"== Attrs:",
join(',',@attrs));
> 'group' => 'staff',
> # What is the attribute for the group object that determines
> membership?
> 'group_attr' => 'ou=group,dc=ucsc,dc=edu',
-kevin
pgpBoGEzAYmIC.pgp
Description: PGP signature
