Re: [rt-users] Assistance w/ LDAP Logins

Mon, 09 Jul 2012 09:32:09 -0700 

On 07/09/2012 11:54 AM, Mario DiNatale wrote:

Think I'm close, but could use some help from some experts... I have 
$LogtoScreen set to 'debug', but it doesn't appear to Be giving me any 
additional information than it was before...

Local login works fine, but the ldap logins keep getting rejected With 
incorrect password. Here is the relevant portion of my
config:
Set( $ExternalAuthPriority, ['My_LDAP'] ); Set( $ExternalInfoPriority, ['My_LDAP'] ); Set( 
$ExternalServiceUsesSSLorTLS, 0 ); Set( $AutoCreateNonExternalUsers, 0 ); Set( $ExternalSettings, { 
'My_LDAP' =>  { 'type' =>  'ldap', 'server' =>  'dc1.XXX.local', 'rt_ldap_username' =>  
'cn=rt,ou=Users,dc=XXX,dc=local', 'rt_ldap_password' =>  'ldap', 'base' =>  'dc=XXX,dc=local', 
'filter' =>  '(&(ObjectCategory=User)(ObjectClass=Person))',
'd_filter' =>  '(userAccountControl:1.2.840.113556.1.4.803:=2)',
'tls' =>  0,
# 'ssl_version' =>  3,
'net_ldap_args' =>  [ version =>  3 ],
'attr_match_list' =>  [ 'Name','EmailAddress' ], 'attr_map' =>  { 'Name' =>  
'sAMAccountName', 'EmailAddress' =>  'mail', 'RealName' =>  'cn', 'ExternalAuthId' =>  
'sAMAccountName', 'Gecos' =>  'sAMAccountName'
} } }, );
Hey Mario! I have just recently set up 4.0.x with LDAP, perhaps this will help? 

Set( $ExternalAuthPriority, ['WORK_LDAP']);
Set( $ExternalServiceUsesSSLorTLS, 0);
Set( $AutoCreateNonExternalUsers, 1);
Set( $ExternalInfoPriority,  ['WORK_LDAP']);
Set( $ExternalSettings,      {'WORK_LDAP'       =>  {
                'type'                      =>  'ldap',
                'server'                   =>  'dc01.work.com',
                'port'                      => '389',
                'user'                      => '[email protected]',
                'pass'                      => 'pAs5w0Rdy3a4r1g4t',
                'base'                     =>  'dc=work,dc=com',
                'filter'                      =>  '(objectClass=*)',
'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)', 
                'net_ldap_args'       => [    version =>  3  ],
                'attr_match_list'      => [    'Name', 'EmailAddress' ],
                'attr_map'               =>  {
                'Name'                    => 'sAMAccountName',
                'EmailAddress'        => 'mail',
                'RealName'             => 'cn',
                'ExternalAuthId'      => 'sAMAccountName',
                'Gecos'                    => 'sAMAccountName',
                'WorkPhone'            => 'telephoneNumber',
                }
                                                    },
                });

Hope this helps you out..
Best,
--Glenn

--
Glenn E. Sieb
System Administrator
+1 201 809-4958

eFashionSolutions
80 Enterprise Avenue South
Secaucus, NJ 07094

Reply via email to