Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Authentification ?
Solved with a help from a colleague
Here's the solution:
Set($ExternalSettings,{'My_LDAP' ={ ## GENERIC SECTION
'type' = 'ldap',
'server' = 'xxx.xxx.local',
'user' =
'CN=User,OU=Benutzer,OU=xxx,DC=xxx,DC=xx', # THat was the crucial point
'pass' = 'pass',
'base' =
'OU=xxx,OU=xxx,DC=xxx,DC=local',
'filter' =
'(memberOf=CN=RT,OU=Gruppen,OU=xxx,DC=xxx,DC=xxx)', #and the filter is
modified
'd_filter' =
'(userAccountControl=514)',
'tls'= 1,
'ssl_version' = 3,
'net_ldap_args' = [version =
3 ],
'attr_match_list' = ['Name',
'EmailAddress',
],
'attr_map' = { 'Name' =
'sAMAccountName',
'RealName' = 'cn',
'EmailAddress' =
'mail',
'Organization' =
'physicalDeliveryOfficeName',
'ExternalAuthId' =
'sAMAccountName',
'WorkPhone' =
'telephoneNumber',
'Address1' =
'streetAddress',
'City' = 'l',
'Zip' =
'postalCode',
}
}
}
best regards john s.
--
View this message in context:
http://old.nabble.com/RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-Authentification---tp31342791p31635938.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
@Mike Johnson20
My gut feeling is your Base DN is wrong.
Not really, right direction but still wrong :)
But joking aside
I have it done it with a help from a colleague
It was a hard piece of work with many trial and error parts .
here is my solution:
Set($ExternalSettings,{'My_LDAP' ={ ## GENERIC SECTION
'type' = 'ldap',
'server' = 'xxx.xxx.local',
'user' =
'CN=User,OU=Benutzer,OU=xxx,DC=xxx,DC=xx', # THat was the crucial point
'pass' = 'pass',
'base' =
'OU=xxx,OU=xxx,DC=xxx,DC=local',
'filter' =
'(memberOf=CN=RT,OU=Gruppen,OU=xxx,DC=xxx,DC=xxx)', #and the filter is
modified
'd_filter' =
'(userAccountControl=514)',
'tls'= 1,
'ssl_version' = 3,
'net_ldap_args' = [version =
3 ],
'attr_match_list' = ['Name',
'EmailAddress',
],
'attr_map' = { 'Name' =
'sAMAccountName',
'RealName' = 'cn',
'EmailAddress' =
'mail',
'Organization' =
'physicalDeliveryOfficeName',
'ExternalAuthId' =
'sAMAccountName',
'WorkPhone' =
'telephoneNumber',
'Address1' =
'streetAddress',
'City' = 'l',
'Zip' =
'postalCode',
}
}
}
many thanks to all guys which are trying to help me
ps: could anyone clean up this threadfrom double entries
best regards john s.
--
View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31503157.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
I agree with Raphael on this one, The error you are seeing is basically saying it cannot find the user based on the searching parameters you used. A useful troubleshooting tool for this would be an LDAP Browser(I used Softerra's). The browser allows you to test your Base DN. My gut feeling is your Base DN is wrong. Good luck! Mike. 2011/4/26 Raphaël MOUNEYRES raphael.mouney...@sagemcom.com Hello, the LDAP answer is clear : User not found in your config you search in this Base: ou=User,dc=xxx,dc=xxx,dc=local are you sure the xxx.xxx.local domain exist in your AD configuration ? or did you change company values to hide from the list ? it looks like you don't have the good parameters between RT and your AD config so you can match and find the USER Raphaël *john s. firesk...@gmx.de* Envoyé par : rt-users-boun...@lists.bestpractical.com 26/04/2011 10:44 A rt-users@lists.bestpractical.com cc Objet Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Turn your RT debug logging on and check that log to see what it's doing.# Hello mike the rt.log says the following: username: USER , service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)pr 26 06:58:11 2011] [debug]: LDAP Search === Base: ou=User,dc=xxx,dc=xxx,dc=local == Filter: ((ObjectClass=*)(sAMAccountName=User)) == Attrs: cn,sAMAccountName (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304) [Tue Apr 26 06:58:11 2011] [debug]: User Check Failed :: ( My_LDAP ) USER User not found (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:318) So sth goes awry Any further hints,clues or advices would be helpfully best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31476578.html Sent from the Request Tracker - User mailing list archive at Nabble.com. http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31476578.html # Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés. ** This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system. # -- Mike Johnson Datatel Programmer/Analyst Northern Ontario School of Medicine 955 Oliver Road Thunder Bay, ON P7B 5E1 Phone: (807) 766-7331 Email: mike.john...@nosm.ca
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Turn your RT debug logging on and check that log to see what it's doing.# Hello mike the rt.log says the following: username: USER , service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)pr 26 06:58:11 2011] [debug]: LDAP Search === Base: ou=User,dc=xxx,dc=xxx,dc=local == Filter: ((ObjectClass=*)(sAMAccountName=User)) == Attrs: cn,sAMAccountName (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304) [Tue Apr 26 06:58:11 2011] [debug]: User Check Failed :: ( My_LDAP ) USER User not found (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:318) So sth goes awry Any further hints,clues or advices would be helpfully best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31476578.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Is it clear what i want? No? okay i try to describe a litte bit more exaclty
as far as possible from myself
okay my ldapseach command which runs perfectly is:
sudo ldapsearch -h xxx.xxx.local -D xxx\User -w password -b 'dc=xxx,
dc=local -s sub sAMAccountName=USER
So here are my RT Config Parameter again:
Set($ExternalSettings,{'My_LDAP' ={ ## GENERIC SECTION
'type' = 'ldap',
'server' = '192.168.123.45',
'user' = 'USER',
'pass' = 'password',
'base' =
'ou=companyou,ou=User,dc=xxx,dc=xxx,dc=local',
'filter' = '(ObjectClass=*)',
'd_filter' =
'(userAccountControl=514)'
# 'tls'= 0,
# 'ssl_version' = 3,
'net_ldap_args' = [version = 3 ],
# 'group' = 'Benutzer',
# 'group_attr' = 'GROUP_ATTR',
'attr_match_list' = ['Name',
#'EmailAddress',
],
'attr_map' = { 'Name' =
'sAMAccountName',
'RealName' = 'cn',
'EmailAddress' =
'mail',
'Organization' =
'physicalDeliveryOfficeName',
'RealName' = 'cn',
'ExternalAuthId' =
'sAMAccountName',
'Gecos' =
'sAMAccountName',
'WorkPhone' =
'telephoneNumber',
'Address1' =
'streetAddress',
'City' = 'l',
'State' = 'st',
'Zip' =
'postalCode',
'Country' = 'co'
}
}
I'll try to find out, which parameter doesn't match with the ldap one ...
cause if i try to authorize on rt with an ad user my AD gives the following
message out:
xxx.xxx.xxx.xxx:2799 NTDS NoneTCP4 32 NonDSE Can't find
object 0.0 0
best regards john s.
--
View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448102.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
hello,
i would say that as you have commented ou the EmailAdress in the attribute
match list, you need to remove the , (comma) after the Name attribute
I think i remember having some error similar ; the last parameter must NOT
have the comma, at the end of the line
so your config would look like :
'attr_match_list' = ['Name'
#'EmailAddress',
],
Raphaël
Raphaël MOUNEYRES
Ingénieur Moyens Tests
Avenue Paul Gellos 64990 Mouguerre
Phone: +33 (0)5 59 58 41 51
Email: raphael.mouney...@sagemcom.com
john s. firesk...@gmx.de
Envoyé par : rt-users-boun...@lists.bestpractical.com
21/04/2011 11:31
A
rt-users@lists.bestpractical.com
cc
Objet
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Is it clear what i want? No? okay i try to describe a litte bit more
exaclty
as far as possible from myself
okay my ldapseach command which runs perfectly is:
sudo ldapsearch -h xxx.xxx.local -D xxx\User -w password -b 'dc=xxx,
dc=local -s sub sAMAccountName=USER
So here are my RT Config Parameter again:
Set($ExternalSettings,{'My_LDAP' ={ ## GENERIC SECTION
'type' = 'ldap',
'server' = '192.168.123.45',
'user' = 'USER',
'pass' = 'password',
'base' =
'ou=companyou,ou=User,dc=xxx,dc=xxx,dc=local',
'filter' = '(ObjectClass=*)',
'd_filter' =
'(userAccountControl=514)'
# 'tls'= 0,
# 'ssl_version' = 3,
'net_ldap_args' = [version = 3 ],
# 'group' = 'Benutzer',
# 'group_attr' = 'GROUP_ATTR',
'attr_match_list' = ['Name',
#'EmailAddress',
],
'attr_map' = { 'Name' =
'sAMAccountName',
'RealName' =
'cn',
'EmailAddress' =
'mail',
'Organization' =
'physicalDeliveryOfficeName',
'RealName' =
'cn',
'ExternalAuthId'
=
'sAMAccountName',
'Gecos' =
'sAMAccountName',
'WorkPhone' =
'telephoneNumber',
'Address1' =
'streetAddress',
'City' = 'l',
'State' = 'st',
'Zip' =
'postalCode',
'Country' = 'co'
}
}
I'll try to find out, which parameter doesn't match with the ldap one ...
cause if i try to authorize on rt with an ad user my AD gives the
following
message out:
xxx.xxx.xxx.xxx:2799 NTDS NoneTCP4 32 NonDSE Can't find
object 0.0 0
best regards john s.
--
View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448102.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.
#
Ce courriel et les documents qui lui sont joints peuvent contenir des
informations confidentielles ou ayant un caractère privé. S'ils ne vous sont
pas destinés, nous vous signalons qu'il est strictement interdit de les
divulguer, de les reproduire ou d'en utiliser de quelque manière que ce
soit le contenu. Si ce message vous a été transmis par erreur, merci d'en
informer l'expéditeur et de supprimer immédiatement de votre système
informatique ce courriel ainsi que tous les documents qui y sont attachés.
**
This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, you are
notified that any dissemination, copying of this e-mail and any attachments
thereto or use of their contents by any means whatsoever is strictly
prohibited. If you have received this e-mail in error, please advise the
sender immediately and delete this e-mail and all attached documents
from your computer system.
#
image/gifimage/gif
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hello Raphael No nothing has changed at all... still the same error sth. goes really wrong ... i have to track the issue in order to determine the issue but i don't know how .. any idea or a clue ? Her is the tcpdumpo log: 13:27:25.872995 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [.], ack 1, win 5840, length 0 13:27:25.875403 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [P.], seq 1:33, ack 1, win 5840, length 32 13:27:25.875739 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 33, win 64240, length 0 13:27:25.877367 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [P.], seq 1:23, ack 33, win 64240, length 22 13:27:25.877460 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [.], ack 23, win 5840, length 0 13:27:25.889275 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [P.], seq 33:282, ack 23, win 5840, length 249 13:27:25.889595 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 282, win 64240, length 0 13:27:25.890369 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [P.], seq 23:165, ack 282, win 64240, length 142 13:27:25.895897 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [F.], seq 282, ack 165, win 6432, length 0 13:27:25.897013 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 283, win 64239, length 0 13:27:25.897328 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [R.], seq 165, ack 283, win 64239, length 0 may it could help best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448783.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
reading your previous messages : your RT log shows :...:: ( My_LDAP ) RT-USER User not found that mean your LDAP server is sending a response that the RT-USER is not existing in his database then you mention successfully : sudo ldapsearch -h xxx.xxx.local -D xxx\User -w password -b 'dc=xxx, dc=local -s sub sAMAccountName= USER that mean USER is existing in the database so are you using the good login on RT screen ? john s. firesk...@gmx.de Envoyé par : rt-users-boun...@lists.bestpractical.com 21/04/2011 13:43 A rt-users@lists.bestpractical.com cc Objet Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Hello Raphael No nothing has changed at all... still the same error sth. goes really wrong ... i have to track the issue in order to determine the issue but i don't know how .. any idea or a clue ? Her is the tcpdumpo log: 13:27:25.872995 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [.], ack 1, win 5840, length 0 13:27:25.875403 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [P.], seq 1:33, ack 1, win 5840, length 32 13:27:25.875739 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 33, win 64240, length 0 13:27:25.877367 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [P.], seq 1:23, ack 33, win 64240, length 22 13:27:25.877460 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [.], ack 23, win 5840, length 0 13:27:25.889275 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [P.], seq 33:282, ack 23, win 5840, length 249 13:27:25.889595 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 282, win 64240, length 0 13:27:25.890369 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [P.], seq 23:165, ack 282, win 64240, length 142 13:27:25.895897 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [F.], seq 282, ack 165, win 6432, length 0 13:27:25.897013 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 283, win 64239, length 0 13:27:25.897328 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [R.], seq 165, ack 283, win 64239, length 0 may it could help best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448783.html Sent from the Request Tracker - User mailing list archive at Nabble.com. # Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés. ** This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system. #
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
One thing that stands out in your config is your d_filter. I read on the RT
wiki somewhere that d_filter for an AD you needed to put what I have below:
'd_filter' = '(userAccountControl:1.2.840.113556.1.4.803:=2)',
Read these 2 microsoft support KB to learn more on why
http://support.microsoft.com/kb/305144
http://support.microsoft.com/kb/269181
Also, you have tls, ssl_version, group and group_attr commented out. Someone
else can correct me, but I believe you need to define those in your
settings.
Best I can do with my limited knowledge.
Good luck!
Mike.
On Thu, Apr 21, 2011 at 5:31 AM, john s. firesk...@gmx.de wrote:
Is it clear what i want? No? okay i try to describe a litte bit more
exaclty
as far as possible from myself
okay my ldapseach command which runs perfectly is:
sudo ldapsearch -h xxx.xxx.local -D xxx\User -w password -b 'dc=xxx,
dc=local -s sub sAMAccountName=USER
So here are my RT Config Parameter again:
Set($ExternalSettings,{'My_LDAP' ={ ## GENERIC SECTION
'type' = 'ldap',
'server' = '192.168.123.45',
'user' = 'USER',
'pass' = 'password',
'base' =
'ou=companyou,ou=User,dc=xxx,dc=xxx,dc=local',
'filter' = '(ObjectClass=*)',
'd_filter' =
'(userAccountControl=514)'
# 'tls'= 0,
# 'ssl_version' = 3,
'net_ldap_args' = [version = 3 ],
# 'group' = 'Benutzer',
# 'group_attr' = 'GROUP_ATTR',
'attr_match_list' = ['Name',
#'EmailAddress',
],
'attr_map' = { 'Name' =
'sAMAccountName',
'RealName' = 'cn',
'EmailAddress' =
'mail',
'Organization' =
'physicalDeliveryOfficeName',
'RealName' = 'cn',
'ExternalAuthId' =
'sAMAccountName',
'Gecos' =
'sAMAccountName',
'WorkPhone' =
'telephoneNumber',
'Address1' =
'streetAddress',
'City' = 'l',
'State' = 'st',
'Zip' =
'postalCode',
'Country' = 'co'
}
}
I'll try to find out, which parameter doesn't match with the ldap one ...
cause if i try to authorize on rt with an ad user my AD gives the following
message out:
xxx.xxx.xxx.xxx:2799 NTDS NoneTCP4 32 NonDSE Can't find
object 0.0 0
best regards john s.
--
View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448102.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.
--
Mike Johnson
Datatel Programmer/Analyst
Northern Ontario School of Medicine
955 Oliver Road
Thunder Bay, ON P7B 5E1
Phone: (807) 766-7331
Email: mike.john...@nosm.ca
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
@Raphael so are you using the good login on RT screen ? Waht do you mean with an good login? @Mike Hello Mike I have readed the 2 Articles and modified my config in such way ... but the same error occurs ... but i have found sth... on my AD, i 'll try to copy the infos which should be necessary ... xxx.xxx.xxx.xxx:2206 NTDS None TCP 4 32 NonDSE Can't find Objekt 0.0 0 0.0 xxx.xxx.xxx.xxx:2200 NTDS None TCP 4 32 NonDSE Can't find Objekt 0.0 0 0.0 thats one of it ... xxx.xxx.xxx.xxx:2200 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0 xxx.xxx.xxx.xxx.2206 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0 This is the same log but i comes a litte bit later i wonder why success And now it comes really strange: Thats the search log Client Instanz Objektname Filtername Reply/s Response Time (ms) CPU% Internal NTDS [](displayName=RT-USER) 0 0 0 0 Internal NTDS [] (displayName=RT-USER)0 0 00 I don't understand it looks like , that he can't resolve the objectname. best regards john. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31450244.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Turn your RT debug logging on and check that log to see what it's doing. I believe the debug log shows you the actual LDAP call it's doing... then you can verify what is failing based on that. Good luck! Mike. On Thu, Apr 21, 2011 at 10:55 AM, john s. firesk...@gmx.de wrote: @Raphael so are you using the good login on RT screen ? Waht do you mean with an good login? @Mike Hello Mike I have readed the 2 Articles and modified my config in such way ... but the same error occurs ... but i have found sth... on my AD, i 'll try to copy the infos which should be necessary ... xxx.xxx.xxx.xxx:2206 NTDS None TCP 4 32 NonDSE Can't find Objekt 0.0 0 0.0 xxx.xxx.xxx.xxx:2200 NTDS None TCP 4 32 NonDSE Can't find Objekt 0.0 0 0.0 thats one of it ... xxx.xxx.xxx.xxx:2200 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0 xxx.xxx.xxx.xxx.2206 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0 This is the same log but i comes a litte bit later i wonder why success And now it comes really strange: Thats the search log Client Instanz Objektname Filtername Reply/s Response Time (ms) CPU% Internal NTDS [](displayName=RT-USER) 0 0 0 0 Internal NTDS [] (displayName=RT-USER) 0 0 00 I don't understand it looks like , that he can't resolve the objectname. best regards john. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31450244.html Sent from the Request Tracker - User mailing list archive at Nabble.com. -- Mike Johnson Datatel Programmer/Analyst Northern Ontario School of Medicine 955 Oliver Road Thunder Bay, ON P7B 5E1 Phone: (807) 766-7331 Email: mike.john...@nosm.ca
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Greetings Luis
okay i have trimmed my config a little bit and now it look like this:
Set($ExternalAuthPriority, [ ' My_LDAP' ]);
Set($ExternalInfoPriority, ['My_LDAP']);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION
'type' = 'ldap',
'server' =
'ipserver',
'user' = 'USER',
'pass' = 'pass',
'base' = 'ou=OU
Unit,dc=sb,dc=local',
'filter' =
'(ObjectClass=*)',
'd_filter' =
'(userAccountControl=514)'
# 'tls'= 0,
'ssl_version' =
3,
'net_ldap_args' = [
version = 3 ],
'group' =
'Benutzer',
'group_attr' =
'GROUP_ATTR',
'attr_match_list'
= ['Name',
'EmailAddress',
],
'attr_map'
= { 'Name' = 'sAMAccountName',
}
}
}
);
And now i have also posted the apache logfile, cause this comments the steps
from which lines i had to comment out that apache will start... so thats the
basic without any outlines... and this one doesn't work...
http://pastebin.com/PHpDsi7S http://pastebin.com/PHpDsi7S
and now the config which let apache started:
#RT Authenth#
Set($ExternalAuthPriority, [ ' My_LDAP' ]);
Set($ExternalInfoPriority, ['My_LDAP']);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION
'type' = 'ldap',
'server' =
'192.168.10.40',
'user' = 'RT-USER',
'pass' =
'sl-pg33011',
'base' = 'ou=SBAOU
Unit,dc=sbah,dc=local',
'filter' =
'(ObjectClass=*)',
'd_filter' =
'(userAccountControl=514)'
# 'tls'= 0,
# 'ssl_version' =
3,
# 'net_ldap_args' =
[version = 3 ],
# 'group' =
'Benutzer',
# 'group_attr' =
'GROUP_ATTR',
# 'attr_match_list'
= ['Name',
# 'EmailAddress',
# ],
# 'attr_map'
= { 'Name' = 'sAMAccountName',
#'EmailAddress' = 'mail',
# 'Organization' = 'physicalDeliveryOfficeName',
# 'RealName' = 'cn',
# 'ExternalAuthId' = 'sAMAccountName',
# 'Gecos' = 'sAMAccountName',
# 'WorkPhone' = 'telephoneNumber',
# 'Address1' = 'streetAddress',
# 'City' = 'l',
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Addition: So i have make an tracelog over port 389 with tcpdump The Result: No request is going out if I try to authorize on RT so i think the plugin doesn't work anymore ... best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31423760.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hi John,
It looks that you missed a comma after 'd_filter' =
'(userAccountControl=514)'
In addition, please check you settings here
'attr_map' = { 'Name' = 'sAMAccountName',...
Nothing else to match? If so, just to be sure, please delete the comma after
'sAMAccountName'.
Finally, I would recommend you to comment 'ssl_version' = 3,
After you get this configuration to work, then you can play with the SSL
configuration.
Good luck,
Best,
-
4. Re: RT-Authen-ExternalAuth-0.08 which packages i need for
(john s.)
Message: 4
Date: Mon, 18 Apr 2011 04:07:28 -0700 (PDT)
From: john s. firesk...@gmx.de
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i
need for
Message-ID: 31422830.p...@talk.nabble.com
Content-Type: text/plain; charset=us-ascii
Greetings Luis
okay i have trimmed my config a little bit and now it look like this:
Set($ExternalAuthPriority, [ ' My_LDAP' ]);
Set($ExternalInfoPriority, ['My_LDAP']);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION
'type' = 'ldap',
'server' =
'ipserver',
'user' = 'USER',
'pass' = 'pass',
'base' = 'ou=OU
Unit,dc=sb,dc=local',
'filter' =
'(ObjectClass=*)',
'd_filter' =
'(userAccountControl=514)'
# 'tls'= 0,
'ssl_version' =
3,
'net_ldap_args' = [
version = 3 ],
'group' =
'Benutzer',
'group_attr' =
'GROUP_ATTR',
'attr_match_list'
= ['Name',
'EmailAddress',
],
'attr_map'
= { 'Name' = 'sAMAccountName',
}
}
}
);
And now i have also posted the apache logfile, cause this comments the steps
from which lines i had to comment out that apache will start... so thats the
basic without any outlines... and this one doesn't work...
http://pastebin.com/PHpDsi7S http://pastebin.com/PHpDsi7S
and now the config which let apache started:
#RT Authenth#
Set($ExternalAuthPriority, [ ' My_LDAP' ]);
Set($ExternalInfoPriority, ['My_LDAP']);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION
'type' = 'ldap',
'server' =
'192.168.10.40',
'user' = 'RT-USER',
'pass' =
'sl-pg33011',
'base' = 'ou=SBAOU
Unit,dc=sbah,dc=local',
'filter' =
'(ObjectClass=*)',
'd_filter' =
'(userAccountControl=514)'
# 'tls'= 0,
# 'ssl_version' =
3,
# 'net_ldap_args' =
[version = 3 ],
# 'group' =
'Benutzer',
# 'group_attr' =
'GROUP_ATTR',
# 'attr_match_list'
= ['Name',
# 'EmailAddress',
# ],
# 'attr_map'
= { 'Name' = 'sAMAccountName',
#'EmailAddress' = 'mail',
# 'Organization' = 'physicalDeliveryOfficeName',
# 'RealName' = 'cn',
# 'ExternalAuthId' = 'sAMAccountName',
# 'Gecos' = 'sAMAccountName',
# 'WorkPhone' = 'telephoneNumber',
# 'Address1' = 'streetAddress',
# 'City' = 'l',
# 'State' = 'st',
# 'Zip' = 'postalCode',
# 'Country' = 'co'
}
}
#}
);
So as far as you can see, the other version with clean comments and # signs
doesn't work.
But i don't know why
or if i walking completely off the track at the moment :-(
Best regards john s.
--
View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-nee
d-for-tp31388437p31422830
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
you also have a space befor My_LDAP here, wich does not match the later
defined service
Set($ExternalAuthPriority, [ ' My_LDAP' ]);
...
Set($ExternalSettings, {'My_LDAP' = {
Luis Avendaño lavend...@acmgrp.com
Envoyé par : rt-users-boun...@lists.bestpractical.com
18/04/2011 15:32
A
rt-users@lists.bestpractical.com
cc
Objet
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hi John,
It looks that you missed a comma after 'd_filter' =
'(userAccountControl=514)'
In addition, please check you settings here
'attr_map' = { 'Name' = 'sAMAccountName',...
Nothing else to match? If so, just to be sure, please delete the comma
after
'sAMAccountName'.
Finally, I would recommend you to comment 'ssl_version' = 3,
After you get this configuration to work, then you can play with the SSL
configuration.
Good luck,
Best,
-
4. Re: RT-Authen-ExternalAuth-0.08 which packages i need for
(john s.)
Message: 4
Date: Mon, 18 Apr 2011 04:07:28 -0700 (PDT)
From: john s. firesk...@gmx.de
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i
need for
Message-ID: 31422830.p...@talk.nabble.com
Content-Type: text/plain; charset=us-ascii
Greetings Luis
okay i have trimmed my config a little bit and now it look like this:
Set($ExternalAuthPriority, [ ' My_LDAP' ]);
Set($ExternalInfoPriority, ['My_LDAP']);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION
'type' = 'ldap',
'server' =
'ipserver',
'user' = 'USER',
'pass' = 'pass',
'base' = 'ou=OU
Unit,dc=sb,dc=local',
'filter' =
'(ObjectClass=*)',
'd_filter' =
'(userAccountControl=514)'
# 'tls'= 0,
'ssl_version' =
3,
'net_ldap_args' =
[
version = 3 ],
'group' =
'Benutzer',
'group_attr' =
'GROUP_ATTR',
'attr_match_list'
= ['Name',
'EmailAddress',
],
'attr_map'
= { 'Name' = 'sAMAccountName',
}
}
}
);
And now i have also posted the apache logfile, cause this comments the
steps
from which lines i had to comment out that apache will start... so thats
the
basic without any outlines... and this one doesn't work...
http://pastebin.com/PHpDsi7S http://pastebin.com/PHpDsi7S
and now the config which let apache started:
#RT Authenth#
Set($ExternalAuthPriority, [ ' My_LDAP' ]);
Set($ExternalInfoPriority, ['My_LDAP']);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION
'type' = 'ldap',
'server' =
'192.168.10.40',
'user' =
'RT-USER',
'pass' =
'sl-pg33011',
'base' =
'ou=SBAOU
Unit,dc=sbah,dc=local',
'filter' =
'(ObjectClass=*)',
'd_filter' =
'(userAccountControl=514)'
# 'tls'= 0,
# 'ssl_version' =
3,
# 'net_ldap_args'
=
[version = 3 ],
# 'group' =
'Benutzer',
# 'group_attr' =
'GROUP_ATTR',
# 'attr_match_list'
= ['Name',
# 'EmailAddress',
# ],
# 'attr_map'
= { 'Name' = 'sAMAccountName',
#'EmailAddress' = 'mail',
# 'Organization' = 'physicalDeliveryOfficeName',
# 'RealName' = 'cn',
# 'ExternalAuthId' = 'sAMAccountName',
# 'Gecos' = 'sAMAccountName',
# 'WorkPhone' = 'telephoneNumber',
# 'Address1' = 'streetAddress',
# 'City' = 'l',
# 'State' = 'st',
# 'Zip' = 'postalCode
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Greetign Raphael i have changed this ... and nothing happens ... here is an outline from my apachelogfile: [Mon Apr 18 15:33:33 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 18 15:33:33 2011] [debug]: Calling UserExists with $username (RT-USER) and $service (My_LDAP) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105) [Mon Apr 18 15:33:33 2011] [debug]: UserExists params: username: RT-USER , service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274) [Mon Apr 18 15:33:33 2011] [debug]: LDAP Search === Base: ou=SBAOU Unit,dc=srv41,dc=sbah,dc=local == Filter: ((ObjectClass=*)(sAMAccountName=RT-USER)) == Attrs: cn,sAMAccountName (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304) [Mon Apr 18 15:33:33 2011] [debug]: User Check Failed :: ( My_LDAP ) RT-USER User not found (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:318) [Mon Apr 18 15:33:33 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26) [Mon Apr 18 15:33:33 2011] [error]: FAILED LOGIN for RT-USER from 192.168.112.1 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424) [Mon Apr 18 15:33:33 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 18 15:33:33 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92) [Mon Apr 18 15:33:33 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26) [Mon Apr 18 15:33:34 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 18 15:33:34 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92) [Mon Apr 18 15:33:34 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/ so as far as i can see he find the user ... but the user check fails but i don't know what does it mean exactly ps: i thought perl doesn't pay much attention on spaces best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31425121.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Greetings Louis Despite your piece of good advice my Syntax is correct also, Cause i only used the # Sign to comment out the Lines which will apache2 get into trouble.If try to run normally the same issue appears. And in refer to the Readme .. you can also write: 'attr_match_list' = ['Name', 'EmailAddress', 'RealName', 'WorkPhone', 'Address2' ], the only important thing is to set the brackets correctly and this will benoticed if you try to restart apache So.. thats not the problem any other clue or idea? best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31404102.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hi John, you have a syxtax error somewhere, and it's pretty close when you set EmailAddress. Your error is: Couldn't load RT config file RT_SiteConfig.pm:nnsyntax error at /opt/rt3/etc/RT_SiteConfig.pm line 146, near 'EmailAddress'nCompilation failed in require at /opt/rt3/bin/../lib/RT/Config.pm line 562.nCompilation failed in require at (eval 2) line 1.n Try to make a configuration file without all the comments you have within the Authen:External008.. conf (delete all the #). You might be missing something. Best Regards, - Greetings Louis Despite your piece of good advice my Syntax is correct also, Cause i only used the # Sign to comment out the Lines which will apache2 get into trouble.If try to run normally the same issue appears. And in refer to the Readme .. you can also write: 'attr_match_list' = [ 'Name', 'EmailAddress', 'RealName', 'WorkPhone', 'Address2' ], the only important thing is to set the brackets correctly and this will benoticed if you try to restart apache So.. thats not the problem any other clue or idea? best regards john s. Message: 3 Date: Fri, 15 Apr 2011 02:26:11 -0700 (PDT) From: john s. To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Message-ID: Content-Type: text/plain; charset=us-ascii Greetings Louis Despite your piece of good advice my Syntax is correct also, Cause i only used the # Sign to comment out the Lines which will apache2 get into trouble.If try to run normally the same issue appears. And in refer to the Readme .. you can also write: 'attr_match_list' = [ 'Name', 'EmailAddress', 'RealName', 'WorkPhone', 'Address2' ], the only important thing is to set the brackets correctly and this will benoticed if you try to restart apache So.. thats not the problem any other clue or idea? best regards john s. -- View this message in context: Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hello Luis
First of all many thanks for you help
I have set my ldap configuration in this way which you have described,
but there are still coming some error messages in relation to the apache2
log file:
cutout apache.log:
Couldn't load RT config file RT_SiteConfig.pm:\n\nsyntax error at
/opt/rt3/etc/RT_SiteConfig.pm line 146, near 'EmailAddress'\nCompilation
failed in require at /opt/rt3/bin/../lib/RT/Config.pm line 562.\nCompilation
failed in require at (eval 2) line 1.\n
Similar errors comes if try to activate the following command lines:
'tls'= 0,
ssl_version' = 3,
'net_ldap_args' = [version = 3 ],
'group' = 'User',
'group' = 'GROUP_NAME',
'attr_match_list' = ['Name',
# 'EmailAddress', ],
# 'attr_map'
= { 'Name' = 'sAMAccountName',
#'EmailAddress' = 'mail',
# 'Organization' = #
'Organization' = 'physicalDeliveryOfficeName',
# 'RealName' = 'cn',
# 'ExternalAuthId' = 'sAMAccountName',
# 'Gecos' = 'sAMAccountName',
# 'WorkPhone' = 'telephoneNumber',
# 'Address1' = 'streetAddress',
# 'City' = 'l',
# 'State' = 'st',
# 'Zip' = 'postalCode',
# 'Country' = 'co'
}
}
);
So i had to comment out some command lines in order to determine whats
going wrong and the the apache server will runing fine :
Her is my new config:
#RT Authenth#
Set($ExternalAuthPriority, [ ' My_LDAP' ]);
Set($ExternalInfoPriority, ['My_LDAP']);
Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION
# The type of service
(db/ldap/cookie)
'type' = 'ldap',
# The server hosting
the service
'server' =
'192.168.23.40',
## SERVICE-SPECIFIC
SECTION
# If you can bind to
your LDAP server anonymously you should
# remove the user
and pass config lines, otherwise specify them here:
#
# The username RT
should use to connect to the LDAP server
'user' = 'USER',
# The password RT
should use to connect to the LDAP server
'pass' =
'password',
#
# The LDAP search
base
'base' = 'ou=
Unit,dc=s***,dc=local',
#
# ALL FILTERS MUST
BE VALID LDAP FILTERS ENCASED IN PARENTHESES!
# YOU **MUST**
SPECIFY A filter AND A d_filter!!
#
# The filter to use
to match RT-Users
'filter' =
'(ObjectClass=*)',
# A catch-all
example filter: '(objectClass=*)'
#
# The filter that
will only match disabled users
'd_filter' =
'(userAccountControl=514)'
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hi John,
apparently your problem is this:
'attr_match_list' = [ 'Name',
# 'EmailAddress', ],
# 'attr_map'
= { 'Name' = 'sAMAccountName',
...
You have to ensure formatting correctly the list. For example:
'attr_match_list' = [ 'Name' ]... you are doing this: 'attr_match_list' =
[ 'Name',
In addition, check also attr_map. For example:
'attr_map' = { 'Name' =
'sAMAccountName',
'EmailAddress' = 'mail',
'RealName' = 'cn',
'WorkPhone'
= 'telephoneNumber'
}
The error you are getting is that the SiteConfig is not correctly formed.
Hope this helps,
Best,
Luis Avendaño
Grupo Latinoamericano ACM
Av. Venezuela Torre America,
Piso 1 Ofic 116, Bello Monte.
Caracas, Venezuela
Phone: (+58) 212-763.4104
Fax: (+58) 212-763.1847
http://www.acmgrp.com
USO DE CORREO ELECTRÓNICO DE
ACM **
Este mensaje puede contener información únicamente de interés para ACM
GROUP o sus negocios y es enviado solamente al destinatario designado, y
puede contener información privilegiada, patentada o privada. La copia,
distribución, revelación o cualquier uso de la información contenida en
este mensaje es permitida solo a personas autorizadas. Si ha recibido este
correo electrónico por error, por favor destruyalo y notifique
inmediatamente a webmas...@acmgrp.com o al remitente
** ACM GROUP INTERNET E-MAIL USE
***
This message may contain information solely of the interest of ACM or its
businesses and is delivered for the designated recipient only and may
containprivileged, proprietary, or otherwise privatetion. Copying,
distribution, disclosure or any use of the information contained in this
transmission is permitted only to authorized parties. If you have received
this e-mail by error, please destroy it and notify webmas...@acmgrp.com or
the sender immediately
**
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Authentification ?
Someone out there ? best regards john s. -- View this message in context: http://old.nabble.com/RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-Authentification---tp31342791p31385180.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hi Jhon,
Based on the Rt_SiteConfig piece you sent, there is a missing variable
setting in your configuration.
You put this:
Set($AutoCreateNonExternalUsers, 0);
'My_LDAP' = { ## GENERIC
.
It should be like this:
Set($ExternalSettings, { # AN EXAMPLE DB SERVICE
'My_LDAP' =
In addition, based on the log you sent, you are also configuring My_SSO and
My_MySQL. If you are not using these services to authenticate, please delete
them from the RT_SiteConfig file. If you are using them I would recommend
you going step by step. First configure the LDAP, then go for the next
source
This is an example of a working conf, using RT 3.8.9 and LDAP = Active
Directory:
#Set($WebExternalAuth, 1);
#Set($WebExternalAuthContinuous, 1);
#Set($WebExternalGecos , undef);
#Set($WebExternalAuto , true);
#Set($WebFallbackToInternalAuth , undef);
Set($ExternalAuthPriority, [ 'My_LDAP' ]);
Set($ExternalInfoPriority, ['My_LDAP']);
Set($ExternalServiceUsesSSLorTLS,0);
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {
'My_LDAP' = { ## GENERIC SECTION
'type'
= 'ldap',
'server'
= '***.***.***.***',
'user'
= '*\*',
'pass'
= '',
'base'
= 'DC=*,DC=com,DC=ve',
'filter'
= '(objectClass=*)',
'd_filter'
= '(userAccountControl=514)',
'tls'
= 0,
'net_ldap_args'
= [version = 3 ],
#'group'
= 'GROUP_NAME',
#'group_attr'
= 'GROUP_ATTR',
'attr_match_list'
= ['Name',
'EmailAddress'
# 'RealName',
# 'WorkPhone'
],
'attr_map'
= { 'Name' = 'sAMAccountName',
'EmailAddress' = 'mail',
'RealName' = 'cn',
'WorkPhone' = 'telephoneNumber'
}
}
}
);
o Set( @Plugins, qw( RT::Authen::ExternalAuth ) );
Give a shot with this, and then get back with the resulted log file and
final configuration.
Hope this helps,
Best,
Luis Avendaño
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Authentification ?
You don't say your RT version, or what fails, it is possible you need .08_01 if you're running RT 3.8.9 Hello Kevin Sorry i forgot i currently useig the Version 3.8.9 So i had followed your advice and now the RT-Authen-ExternalAuth-0.08_01 is still running. At first it looks better than before, now i get response from the rt.log.. but there still some problems ... here is the relevant piece of information from my log file: Reloading RT::User to work around a bug in RT-3.8.0 and RT-3.8.1 (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:14) [Mon Apr 11 12:13:55 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:13:55 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92) [Mon Apr 11 12:13:55 2011] [debug]: Attempting to use external auth service: My_MySQL (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:13:55 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92) [Mon Apr 11 12:13:55 2011] [debug]: Attempting to use external auth service: My_SSO_Cookie (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:13:55 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92) [Mon Apr 11 12:13:55 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26) [Mon Apr 11 12:14:06 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:14:06 2011] [debug]: Calling UserExists with $username (RT-USER) and $service (My_LDAP) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105) [Mon Apr 11 12:14:06 2011] [debug]: Invalid service type for UserExists: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:361) [Mon Apr 11 12:14:06 2011] [debug]: Attempting to use external auth service: My_MySQL (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:14:06 2011] [debug]: Calling UserExists with $username (RT-USER) and $service (My_MySQL) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105) [Mon Apr 11 12:14:06 2011] [debug]: Invalid service type for UserExists: My_MySQL (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:361) [Mon Apr 11 12:14:06 2011] [debug]: Attempting to use external auth service: My_SSO_Cookie (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:14:06 2011] [debug]: Calling UserExists with $username (RT-USER) and $service (My_SSO_Cookie) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105) [Mon Apr 11 12:14:06 2011] [debug]: Invalid service type for UserExists: My_SSO_Cookie (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:361) [Mon Apr 11 12:14:06 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26) [Mon Apr 11 12:14:06 2011] [error]: FAILED LOGIN for RT-USER from 192.168.112.1 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424) Thanks in advance best regrads john s. -- View this message in context: http://old.nabble.com/RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-Authentification---tp31342791p31369863.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
[rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Authentification ?
Hello all
I try to integrate ExternalAuth-0.08 Modul in RT.
But i don't know exactly which system packages i need for it.. for only an
Authentifiaction with RT no
Samba or other stuff
My System is : Ubuntu 10.04
here is my Ldap Config:
# AN EXAMPLE LDAP SERVICE
Set($ExternalAuthPriority, [ 'My_LDAP' ] );
Set($ExternalInfoPriority, [ 'My_LDAP' ] );
Set($ExternalServiceUsesSSLorTLS,0);
Set($AutoCreateNonExternalUsers, 0);
'My_LDAP' = { ## GENERIC
SECTION
# The type of
service (db/ldap/cookie)
'type'
= 'ldap',
# The server hosting
the service
'server'
= '192.168.123.41',
## SERVICE-SPECIFIC
SECTION
# If you can bind to
your LDAP server anonymously you should
# remove the user
and pass config lines, otherwise specify them here:
#
# The username RT
should use to connect to the LDAP server
'user'
= 'USER',
# The password RT
should use to connect to the LDAP server
'pass'
= 'password',
#
# The LDAP search
base
'base'
= 'ou=Benutzer,ou=SBAOU,dc=sbah,dc=local',
#
# ALL FILTERS MUST
BE VALID LDAP FILTERS ENCASED IN PARENTHESES!
# YOU **MUST**
SPECIFY A filter AND A d_filter!!
#
# The filter to use
to match RT-Users
'filter'
= '(objectClass=User)',
# A catch-all
example filter: '(objectClass=*)'
#
# The filter that
will only match disabled users
'd_filter'
= '(objectClass=FooBarBaz)',
# A catch-none
example d_filter: '(objectClass=FooBarBaz)'
#
# Should we try to
use TLS to encrypt connections?
'tls'
= 0,
# SSL Version to
provide to Net::SSLeay *if* using SSL
'ssl_version'
= 3,
# What other args
should I pass to Net::LDAP-new($host,@args)?
'net_ldap_args'
= [version = 3 ],
# Does
authentication depend on group membership? What group name?
'group'
= 'GROUP_NAME',
# What is the
attribute for the group object that determines membership?
'group_attr'
= 'GROUP_ATTR',
## RT ATTRIBUTE
MATCHING SECTION
# The list of RT
attributes that uniquely identify a user
# This example shows
what you *can* specify.. I recommend reducing this
# to just the Name
and EmailAddress to save encountering problems later.
'attr_match_list'
= ['Name',
'EmailAddress',
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Authentification ?
On Thu, Apr 07, 2011 at 06:58:04AM -0700, john s. wrote:
I try to integrate ExternalAuth-0.08 Modul in RT.
You don't say your RT version, or what fails, it is possible you need
.08_01 if you're running RT 3.8.9
But i don't know exactly which system packages i need for it.. for only an
Authentifiaction with RT no
Samba or other stuff
My System is : Ubuntu 10.04
here is my Ldap Config:
# AN EXAMPLE LDAP SERVICE
Set($ExternalAuthPriority, [ 'My_LDAP' ] );
Set($ExternalInfoPriority, [ 'My_LDAP' ] );
Set($ExternalServiceUsesSSLorTLS,0);
Set($AutoCreateNonExternalUsers, 0);
'My_LDAP' = { ## GENERIC
SECTION
# The type of
service (db/ldap/cookie)
'type'
= 'ldap',
# The server hosting
the service
'server'
= '192.168.123.41',
## SERVICE-SPECIFIC
SECTION
# If you can bind to
your LDAP server anonymously you should
# remove the user
and pass config lines, otherwise specify them here:
#
# The username RT
should use to connect to the LDAP server
'user'
= 'USER',
# The password RT
should use to connect to the LDAP server
'pass'
= 'password',
#
# The LDAP search
base
'base'
= 'ou=Benutzer,ou=SBAOU,dc=sbah,dc=local',
#
# ALL FILTERS MUST
BE VALID LDAP FILTERS ENCASED IN PARENTHESES!
# YOU **MUST**
SPECIFY A filter AND A d_filter!!
#
# The filter to use
to match RT-Users
'filter'
= '(objectClass=User)',
# A catch-all
example filter: '(objectClass=*)'
#
# The filter that
will only match disabled users
'd_filter'
= '(objectClass=FooBarBaz)',
# A catch-none
example d_filter: '(objectClass=FooBarBaz)'
#
# Should we try to
use TLS to encrypt connections?
'tls'
= 0,
# SSL Version to
provide to Net::SSLeay *if* using SSL
'ssl_version'
= 3,
# What other args
should I pass to Net::LDAP-new($host,@args)?
'net_ldap_args'
= [version = 3 ],
# Does
authentication depend on group membership? What group name?
'group'
= 'GROUP_NAME',
# What is the
attribute for the group object that determines membership?
'group_attr'
= 'GROUP_ATTR',
## RT ATTRIBUTE
MATCHING SECTION
# The list of RT
attributes that uniquely identify a user
# This example shows
what you *can* specify.. I recommend reducing this
# to just the Name
and EmailAddress to save encountering problems later.
