Your My_LDAP 'user' needs to be the fully qualified 'CN=s_dqs_svn, ou=people,dc=mdanderson,dc=edu'. And I hope that is a bogus password! Otherwise, I would change it.
=+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University =+=+=+=+=+=+=+=+=+ On Fri, Mar 2, 2012 at 10:16 AM, Zhang,Jun <jhzh...@mdanderson.org> wrote: > Thomas, > Since I'm new to RT, could you please tell where I did wrong in > configuration? May be I need to change the order of the > ExternalAuthPriority. Below is my RT_SiteConfig.pm file content. > Thanks. > > Jun > > Set( $DatabaseUser, 'rt_user' ); > Set( $CorrespondAddress, 'x...@mdanderson.org' ); > Set( $rtname, 'xrt.mdanderson.edu' ); > Set( $DatabaseRequireSSL, '' ); > Set( $WebPort, '80' ); > Set( $Organization, 'mdanderson.edu' ); > Set( $DatabaseType, 'mysql' ); > Set( $DatabasePort, '' ); > Set( $DatabasePassword, 'password' ); > Set( $DatabaseAdmin, 'root' ); > Set( $SendmailPath, '/usr/sbin/sendmail' ); > Set( $WebDomain, 'xrt.mdanderson.edu' ); > Set( $DatabaseAdminPassword, '' ); > Set( $CommentAddress, 'x...@mdanderson.org' ); > Set( $DatabaseHost, 'localhost' ); > Set( $DatabaseName, 'rt4' ); > Set( $OwnerEmail, 'x...@mdanderson.org' ); > Set( @Plugins, qw(RT::Authen::ExternalAuth) ); > > Set($ExternalAuthPriority, [ 'My_MySQL', > 'My_LDAP' > ] > ); > Set($ExternalServiceUsesSSLorTLS, 0); > Set($AutoCreateNonExternalUsers, 0); > Set($ExternalSettings, { > 'My_MySQL' => { > 'type' > => 'db', > 'server' > => 'dqsrt.mdanderson.edu', > 'database' > => 'rt4', > 'table' > => 'Users', > 'user' > => 'rt_user', > 'pass' > => 'password', > 'port' > => '3306', > 'dbi_driver' > => 'mysql', > 'u_field' > => 'Name', > 'p_field' > => 'Password', > 'p_enc_pkg' > => 'Crypt::MySQL', > 'p_enc_sub' > => 'password', > 'd_field' > => 'disabled', > 'd_values' > => ['0'], > 'attr_map' > => { 'Name' => 'Name', > } > }, > 'My_LDAP' => { > 'type' > => 'ldap', > 'server' > => 'dcpwpdc1.mdanderson.edu', > 'user' > => 's_dqs_svn', > 'pass' > => 'Juoo9k88', > 'base' > => 'ou=people,dc=mdanderson,dc=edu', > 'd_filter' => > '(userAccountControl:1.2.840.113556.1.4.803:=2)', > 'tls' > => 0, > 'ssl_version' > => 3, > 'net_ldap_args' > => [ version => 3 ], > 'attr_map' > => { 'Name' => 'samaccountname', > > 'EmailAddress' => 'mail', > > 'Organization' => 'physicaldeliveryofficename', > > 'RealName' => 'gecos', > > 'ExternalAuthId' => 'sAMAccountName', > > 'Gecos' => 'gecos', > > 'WorkPhone' => 'telephoneNumber', > > 'Address1' => 'streetAddress', > > 'City' => 'l', > > 'State' => 'st', > > 'Zip' => 'postalCode', > > 'Country' => 'co' > > } > } > } > ); > 1; > > -----Original Message----- > From: rt-users-boun...@lists.bestpractical.com [mailto: > rt-users-boun...@lists.bestpractical.com] On Behalf Of Thomas Sibley > Sent: Friday, March 02, 2012 11:57 AM > To: rt-users@lists.bestpractical.com > Subject: Re: [rt-users] Transitory error on login (LDAP against AD) > > On 03/02/2012 12:48 PM, Zhang,Jun wrote: > > I got the same error and I understand this must be minors, since my AD > > user is authenticated. The Users table in my rt4 database doesn't have > > a column called 'disable'. Removing the d_field line in > > RT_SiteConfig.pm and the error no longer show up. Looks like a bug. > > It is a severe misconfiguration to add the internal RT Users table as a > DBI auth source in RT::Authen::ExternalAuth. Don't do that. > -------- > RT Training Sessions (http://bestpractical.com/services/training.html) > * Boston March 5 & 6, 2012 > -------- > RT Training Sessions (http://bestpractical.com/services/training.html) > * Boston March 5 & 6, 2012 >
-------- RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 & 6, 2012