Here is the debug log for a successful attempt.... [Fri Feb 3 18:20:32 2012] [warning]: Couldn't enable user 28 (/opt/rt4/sbin/../lib/RT/User.pm:1066) [Fri Feb 3 18:20:32 2012] [info]: User marked as ENABLED ( test.account ) per External Service (, ) (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:274) [Fri Feb 3 18:20:32 2012] [debug]: RT::Authen::ExternalAuth::CanonicalizeUserInfo called by RT::Authen::ExternalAuth /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 553 with: Name: test.account (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:450) [Fri Feb 3 18:20:32 2012] [debug]: Attempting to get user info using this external service: My_LDAP (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:458) [Fri Feb 3 18:20:32 2012] [debug]: Attempting to use this canonicalization key: Name (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:472) [Fri Feb 3 18:20:32 2012] [debug]: LDAP Search === Base: DC=xxxxxx,DC=xxx,DC=edu == Filter: (&(&(ObjectCategory=User)(ObjectClass=Person))(sAMAccountName=test.account)) == Attrs: l,cn,st,mail,sAMAccountName,co,streetAddress,postalCode,telephoneNumber,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:195) [Fri Feb 3 18:20:32 2012] [info]: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Address1: , City: , Country: , EmailAddress: [email protected], ExternalAuthId: test.account, Gecos: test.account, Name: test.account, Organization: , RealName: Test Account, State: , WorkPhone: , Zip: (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536) [Fri Feb 3 18:20:32 2012] [debug]: UPDATED user ( test.account ) from External Service (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:307) [Fri Feb 3 18:20:32 2012] [info]: Successful login for test.account from 10.1.5.9 (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:219) [Fri Feb 3 18:20:32 2012] [debug]: Autohandler called ExternalAuth. Response: (1, Successful login) (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:11)
Van Howell System Administrator Lubbock Christian University -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Kevin Falcone Sent: Friday, February 03, 2012 11:32 AM To: [email protected] Subject: Re: [rt-users] External Auth using Active Directory 2008 On Thu, Feb 02, 2012 at 06:21:20PM +0000, Howell, Van wrote: > I added Set($LogToSyslog, "debug"); to my RT_SiteConfig.pm file I > don't seem to be getting an more logging. > I restarted the httpd service, didn't see any more logging so I restarted the > server. Unfortunately - it seems you have syslog itself set to discard debug messages. You can try turning up $LogToScreen to debug and then check your webserver logs instead of your syslog logs. -kevin > This is the entire tail of the messages log.... > > [root@OpenNMS etc]# tail /var/log/messages Feb 2 11:56:45 localhost > abrtd: Dump directory is a duplicate of > /var/spool/abrt/ccpp-2012-02-01-14:08:36-18683 > Feb 2 11:56:45 localhost abrtd: Deleting dump directory > ccpp-2012-02-02-11:54:56-2567 (dup of ccpp-2012-02-01-14:08:36-18683), > sending dbus signal Feb 2 12:00:42 localhost RT: The actual HTTP_HOST > (192.168.1.200) does NOT match the configured WebDomain (lcu.edu). > Perhaps you should Set($WebDomain, '192.168.1.200'); in > RT_SiteConfig.pm, otherwise your internal links may be broken. > (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:1087) > Feb 2 12:05:43 localhost RT: The actual HTTP_HOST (192.168.1.200) > does NOT match the configured WebDomain (lcu.edu). Perhaps you should > Set($WebDomain, '192.168.1.200'); in RT_SiteConfig.pm, otherwise your > internal links may be broken. > (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:1087) > Feb 2 12:10:44 localhost RT: The actual HTTP_HOST (192.168.1.200) > does NOT match the configured WebDomain (helpdesk.lcu.edu). Perhaps > you should Set($WebDomain, '192.168.1.200'); in RT_SiteConfig.pm, > otherwise your internal links may be broken. > (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:1087) > Feb 2 12:14:00 localhost RT: My_LDAP AUTH FAILED: van.howell > (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalA > uth/LDAP.pm:127) Feb 2 12:14:00 localhost RT: FAILED LOGIN for > van.howell from 10.1.5.9 > (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:655) > Feb 2 12:15:45 localhost RT: The actual HTTP_HOST (192.168.1.200) > does NOT match the configured WebDomain (helpdesk.lcu.edu). Perhaps > you should Set($WebDomain, '192.168.1.200'); in RT_SiteConfig.pm, > otherwise your internal links may be broken. > (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:1087) > Feb 2 12:16:16 localhost RT: My_LDAP AUTH FAILED: van.howell > (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalA > uth/LDAP.pm:127) Feb 2 12:16:16 localhost RT: FAILED LOGIN for > van.howell from 10.1.5.9 > (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:655) > > Thanks for helping with this. > > Van Howell > System Administrator > Lubbock Christian University > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Kevin > Falcone > Sent: Thursday, February 02, 2012 11:17 AM > To: [email protected] > Subject: Re: [rt-users] External Auth using Active Directory 2008 > > On Thu, Feb 02, 2012 at 04:16:53PM +0000, Howell, Van wrote: > > I do not have Debugging turned on. I am going to need some help turning it > > on since this is new to me. > > > > Here are some errors from /var/log/messages... > > > > This is a failed attempt... > > > > Feb 1 16:02:25 localhost RT: My_LDAP AUTH FAILED mary.servantez > > (can't bind: LDAP_INVALID_CREDENTIALS 49 ) > > (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/Externa > > lA > > uth/LDAP.pm:82) Feb 1 16:02:25 localhost RT: FAILED LOGIN for > > mary.servantez from 10.1.41.95 > > (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:655) > > > > Here is a successful attemt.... > > > > Feb 2 10:14:02 localhost RT: > > RT::Authen::ExternalAuth::LDAP::GetAuth > > External Auth OK ( My_LDAP ): test.account > > (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/Externa > > lA > > uth/LDAP.pm:139) Feb 2 10:14:02 localhost RT: Couldn't enable user > > 28 > > (/opt/rt4/sbin/../lib/RT/User.pm:1066) > > Feb 2 10:14:02 localhost RT: User marked as ENABLED ( test.account > > ) per External Service (, ) > > (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/Externa > > lA > > uth.pm:274) Feb 2 10:14:02 localhost RT: > > RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Address1: , > > City: , Country: , EmailAddress: [email protected], ExternalAuthId: > > test.account, Gecos: test.account, Name: test.account, Organization: > > , > > RealName: Test Account, State: , WorkPhone: , Zip: > > (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/Externa > > lA > > uth.pm:536) Feb 2 10:14:02 localhost RT: Successful login for > > test.account from 10.1.5.9 > > (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/Externa > > lA > > uth.pm:219) > > Since you're seeing these in /var/log/messages I assume you're using the > syslog configuration. > > You want to read about LogToSyslog in etc/RT_Config.pm then copy that setting > to RT_SiteConfig.pm and change it to debug. > > Restart RT and try the failed login again. > > -kevin > > -------- > RT Training Sessions (http://bestpractical.com/services/training.html) > * Boston March 5 & 6, 2012 -------- RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 & 6, 2012
