I didn't use the real password. Authentication works against AD, does that mean a short user name could be used? Thank you very much for raising the question. At this stage, I'm sure about nothing.
Jun From: Ryan Backman [mailto:rback...@georgefox.edu] Sent: Friday, March 02, 2012 12:56 PM To: Zhang,Jun Cc: rt-users@lists.bestpractical.com Subject: Re: [rt-users] Transitory error on login (LDAP against AD) Your My_LDAP 'user' needs to be the fully qualified 'CN=s_dqs_svn,ou=people,dc=mdanderson,dc=edu'. And I hope that is a bogus password! Otherwise, I would change it. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University =+=+=+=+=+=+=+=+=+ On Fri, Mar 2, 2012 at 10:16 AM, Zhang,Jun <jhzh...@mdanderson.org<mailto:jhzh...@mdanderson.org>> wrote: Thomas, Since I'm new to RT, could you please tell where I did wrong in configuration? May be I need to change the order of the ExternalAuthPriority. Below is my RT_SiteConfig.pm file content. Thanks. Jun Set( $DatabaseUser, 'rt_user' ); Set( $CorrespondAddress, 'x...@mdanderson.org<mailto:x...@mdanderson.org>' ); Set( $rtname, 'xrt.mdanderson.edu<http://xrt.mdanderson.edu>' ); Set( $DatabaseRequireSSL, '' ); Set( $WebPort, '80' ); Set( $Organization, 'mdanderson.edu<http://mdanderson.edu>' ); Set( $DatabaseType, 'mysql' ); Set( $DatabasePort, '' ); Set( $DatabasePassword, 'password' ); Set( $DatabaseAdmin, 'root' ); Set( $SendmailPath, '/usr/sbin/sendmail' ); Set( $WebDomain, 'xrt.mdanderson.edu<http://xrt.mdanderson.edu>' ); Set( $DatabaseAdminPassword, '' ); Set( $CommentAddress, 'x...@mdanderson.org<mailto:x...@mdanderson.org>' ); Set( $DatabaseHost, 'localhost' ); Set( $DatabaseName, 'rt4' ); Set( $OwnerEmail, 'x...@mdanderson.org<mailto:x...@mdanderson.org>' ); Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set($ExternalAuthPriority, [ 'My_MySQL', 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS, 0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'My_MySQL' => { 'type' => 'db', 'server' => 'dqsrt.mdanderson.edu<http://dqsrt.mdanderson.edu>', 'database' => 'rt4', 'table' => 'Users', 'user' => 'rt_user', 'pass' => 'password', 'port' => '3306', 'dbi_driver' => 'mysql', 'u_field' => 'Name', 'p_field' => 'Password', 'p_enc_pkg' => 'Crypt::MySQL', 'p_enc_sub' => 'password', 'd_field' => 'disabled', 'd_values' => ['0'], 'attr_map' => { 'Name' => 'Name', } }, 'My_LDAP' => { 'type' => 'ldap', 'server' => 'dcpwpdc1.mdanderson.edu<http://dcpwpdc1.mdanderson.edu>', 'user' => 's_dqs_svn', 'pass' => 'Juoo9k88', 'base' => 'ou=people,dc=mdanderson,dc=edu', 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)', 'tls' => 0, 'ssl_version' => 3, 'net_ldap_args' => [ version => 3 ], 'attr_map' => { 'Name' => 'samaccountname', 'EmailAddress' => 'mail', 'Organization' => 'physicaldeliveryofficename', 'RealName' => 'gecos', 'ExternalAuthId' => 'sAMAccountName', 'Gecos' => 'gecos', 'WorkPhone' => 'telephoneNumber', 'Address1' => 'streetAddress', 'City' => 'l', 'State' => 'st', 'Zip' => 'postalCode', 'Country' => 'co' } } } ); 1; -----Original Message----- From: rt-users-boun...@lists.bestpractical.com<mailto:rt-users-boun...@lists.bestpractical.com> [mailto:rt-users-boun...@lists.bestpractical.com<mailto:rt-users-boun...@lists.bestpractical.com>] On Behalf Of Thomas Sibley Sent: Friday, March 02, 2012 11:57 AM To: rt-users@lists.bestpractical.com<mailto:rt-users@lists.bestpractical.com> Subject: Re: [rt-users] Transitory error on login (LDAP against AD) On 03/02/2012 12:48 PM, Zhang,Jun wrote: > I got the same error and I understand this must be minors, since my AD > user is authenticated. The Users table in my rt4 database doesn't have > a column called 'disable'. Removing the d_field line in > RT_SiteConfig.pm and the error no longer show up. Looks like a bug. It is a severe misconfiguration to add the internal RT Users table as a DBI auth source in RT::Authen::ExternalAuth. Don't do that. -------- RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 & 6, 2012 -------- RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 & 6, 2012
-------- RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 & 6, 2012