We run RT on RedHat Enterprise Server 6.1, with Perl 5.14.2. We set up
RT::ExternalAuth to authenticate against our OpenLDAP server, and it
works fine with RT 4.0.2. But after upgrading to RT 4.0.4, LDAP
authentication breaks. I'd appreciate any helpful ideas. Here's the
relevant log entry--it's an LDAP bind() error:
Nov 23 11:27:28 serv07 RT:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_OPERATIONS_ERROR 1
(/path_to_our_RT/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:467)
This is the relevant section of our RT_SiteConfig.pm file (where values
beginning with "our" have been changed for posting):
# To enable RT::Authen::ExternalAuth
Set(@Plugins, qw(RT::Authen::ExternalAuth));
# RT::Authen::ExternalAuth settings
# For information on configuring RT::Authen::ExternalAuth, see
# $RT_HOME/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm
Set($ExternalAuthPriority, ['DIVMS_LDAP',]);
Set($ExternalInfoPriority, ['DIVMS_LDAP',]);
Set($ExternalServiceUsesSSLorTLS, 1);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings,
{
'DIVMS_LDAP' => {
'type' => 'ldap',
'server' => 'our_server',
'user' => 'our_cn',
'pass' => 'our_password',
'base' => 'our_base',
'filter' => '(objectClass=*)',
'd_filter' => '(objectClass=FooBarBaz)',
'tls' => 1,
'ssl_version' => 1,
'net_ldap_args' => [ port => 389, version => 3 ],
'group' => '',
'group_attr' => '',
'attr_match_list' => [ 'Name', 'EmailAddress', ],
'attr_map' => {
'Name' => 'uid',
'EmailAddress' => 'mail',
'RealName' => 'gecos',
'ExternalAuthId' => 'uid',
'Gecos' => 'uid',
}
}
}
);
--
Karl Boyken, system administrator
[email protected]
303A MLH, Dept. of Comp. Sci.
http://www.cs.uiowa.edu/~boyken/
The U. of Iowa, Iowa City, IA 52242 319-335-2730 (voice)
319-335-3668 (fax)
--------
RT Training Sessions (http://bestpractical.com/services/training.html)
* Barcelona, Spain November 28 & 29, 2011
