On Mon, Aug 29, 2011 at 03:50:57PM -0800, James Zuelow wrote: > Josh, > > I have been just barely following this thread, so please forgive me if I'm > off base here. > > I think an issue is this: > > 'attr_match_list' => [ 'ExternalAuthId','EmailAddress' ],
attr_match_list is documented as # The list of RT attributes that uniquely identify a user not an LDAP aatribute. The error message you point to means that the user was aunable to be canonicalized from LDAP. If it was supposed to be there, then the search args are wrong (or the user logging into RT doesn't have rights on LDAP to canonicalize themselves). If the user wasn't supposed to be in LDAP, but should be created, then the user wants to read the docs for AutoCreateNonExternalUsers. -kevin > And your LDAP is failing because: > > > (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/E > > xternalAuth.pm:458) [Mon Aug 29 23:15:41 2011] [debug]: Attempting to > > use this canonicalization key: ExternalAuthId > > (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/E > > xternalAuth.pm:472) [Mon Aug 29 23:15:41 2011] [debug]: This > > attribute ( > > ExternalAuthId ) is > > null or incorrectly defined in the attr_map for this service ( > > Active_Directory ) > > Your AD schema does not have an "ExternalAuthID" field in it. > > You have ExternalAuthID mapped to sAMAccountName. What happens if you try: > > 'attr_match_list' => [ 'sAMAccountName','EmailAddress' ],
pgpohQz4dxLv2.pgp
Description: PGP signature
-------- RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA September 26 & 27, 2011 * San Francisco, CA, USA October 18 & 19, 2011 * Washington DC, USA October 31 & November 1, 2011 * Melbourne VIC, Australia November 28 & 29, 2011 * Barcelona, Spain November 28 & 29, 2011
