Continuing onwards with my attempt to pull groups and their members from Active Directory into Request Tracker I've made some progress. However, I'm currently stymied - LDAPImport will successfully connect and search for users but when re-using the LDAP connection it fails to connect for the group search.
Here's the debugging information from an rtldapimport run: Running test import, no data will be changed Rerun command with --import to perform the import Rerun command with --debug for more information connecting to ldap://domaincontroller.alaska.gov binding as CN=dor-requesttracker,OU=Security Groups and Accounts,OU=IT,OU=Divisions,OU=DOR,OU=State Departments,DC=soa,DC=alaska,DC=gov searching with: base => 'OU=Security Groups and Accounts,OU=IT,OU=Divisions,OU=DOR,OU=State Departments,DC=soa,DC=alaska,DC=gov' control => 'Net::LDAP::Control::Paged=HASH(0x524cd80)' filter => '(&(cn = users))' search found 0 objects No results found, no import Testing group import searching with: base => 'OU=Security Groups and Accounts,OU=IT,OU=Divisions,OU=DOR,OU=State Departments,DC=soa,DC=alaska,DC=gov' control => 'Net::LDAP::Control::Paged=HASH(0x86973b8)' filter => '(|(CN=dor-requesttracker-admins)(CN=dor-asd-rt-staff))' [Mon Aug 5 17:10:47 2013] [error]: LDAP search failed Can't contact LDAP server (/usr/local/share/request-tracker4/plugins/RT-Extension-LDAPImport/lib/RT/Extension/LDAPImport.pm:1237) LDAP search failed Can't contact LDAP server search found 0 objects No results found, no group import Finished test Looking at the perl for LDAPImport.pm shows me that the _run_search method is generating the "LDAP search failed" part of the debugging output. I'm assuming this means that Net::LDAP is generating the "Can't contact LDAP server" from $result->code. I feel this hypothesis is further supported by the fact that a 'grep "contact" LDAPImport.pm' turn up nothing. It looks like Net:LDAP just gets the base and filter and off it goes. I've confirmed that my filter works with ldapsearch. I there something different I need to do get a successful LDAP bind when looking performing the group import? --- Kevin Elliott Networking Specialist II Alaska Department of Revenue, ASD-IT (907) 465-2314
