Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Authentification ?
Solved with a help from a colleague Here's the solution: Set($ExternalSettings,{'My_LDAP' ={ ## GENERIC SECTION 'type' = 'ldap', 'server' = 'xxx.xxx.local', 'user' = 'CN=User,OU=Benutzer,OU=xxx,DC=xxx,DC=xx', # THat was the crucial point 'pass' = 'pass', 'base' = 'OU=xxx,OU=xxx,DC=xxx,DC=local', 'filter' = '(memberOf=CN=RT,OU=Gruppen,OU=xxx,DC=xxx,DC=xxx)', #and the filter is modified 'd_filter' = '(userAccountControl=514)', 'tls'= 1, 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], 'attr_match_list' = ['Name', 'EmailAddress', ], 'attr_map' = { 'Name' = 'sAMAccountName', 'RealName' = 'cn', 'EmailAddress' = 'mail', 'Organization' = 'physicalDeliveryOfficeName', 'ExternalAuthId' = 'sAMAccountName', 'WorkPhone' = 'telephoneNumber', 'Address1' = 'streetAddress', 'City' = 'l', 'Zip' = 'postalCode', } } } best regards john s. -- View this message in context: http://old.nabble.com/RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-Authentification---tp31342791p31635938.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
@Mike Johnson20 My gut feeling is your Base DN is wrong. Not really, right direction but still wrong :) But joking aside I have it done it with a help from a colleague It was a hard piece of work with many trial and error parts . here is my solution: Set($ExternalSettings,{'My_LDAP' ={ ## GENERIC SECTION 'type' = 'ldap', 'server' = 'xxx.xxx.local', 'user' = 'CN=User,OU=Benutzer,OU=xxx,DC=xxx,DC=xx', # THat was the crucial point 'pass' = 'pass', 'base' = 'OU=xxx,OU=xxx,DC=xxx,DC=local', 'filter' = '(memberOf=CN=RT,OU=Gruppen,OU=xxx,DC=xxx,DC=xxx)', #and the filter is modified 'd_filter' = '(userAccountControl=514)', 'tls'= 1, 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], 'attr_match_list' = ['Name', 'EmailAddress', ], 'attr_map' = { 'Name' = 'sAMAccountName', 'RealName' = 'cn', 'EmailAddress' = 'mail', 'Organization' = 'physicalDeliveryOfficeName', 'ExternalAuthId' = 'sAMAccountName', 'WorkPhone' = 'telephoneNumber', 'Address1' = 'streetAddress', 'City' = 'l', 'Zip' = 'postalCode', } } } many thanks to all guys which are trying to help me ps: could anyone clean up this threadfrom double entries best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31503157.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
I agree with Raphael on this one, The error you are seeing is basically saying it cannot find the user based on the searching parameters you used. A useful troubleshooting tool for this would be an LDAP Browser(I used Softerra's). The browser allows you to test your Base DN. My gut feeling is your Base DN is wrong. Good luck! Mike. 2011/4/26 Raphaël MOUNEYRES raphael.mouney...@sagemcom.com Hello, the LDAP answer is clear : User not found in your config you search in this Base: ou=User,dc=xxx,dc=xxx,dc=local are you sure the xxx.xxx.local domain exist in your AD configuration ? or did you change company values to hide from the list ? it looks like you don't have the good parameters between RT and your AD config so you can match and find the USER Raphaël *john s. firesk...@gmx.de* Envoyé par : rt-users-boun...@lists.bestpractical.com 26/04/2011 10:44 A rt-users@lists.bestpractical.com cc Objet Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Turn your RT debug logging on and check that log to see what it's doing.# Hello mike the rt.log says the following: username: USER , service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)pr 26 06:58:11 2011] [debug]: LDAP Search === Base: ou=User,dc=xxx,dc=xxx,dc=local == Filter: ((ObjectClass=*)(sAMAccountName=User)) == Attrs: cn,sAMAccountName (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304) [Tue Apr 26 06:58:11 2011] [debug]: User Check Failed :: ( My_LDAP ) USER User not found (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:318) So sth goes awry Any further hints,clues or advices would be helpfully best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31476578.html Sent from the Request Tracker - User mailing list archive at Nabble.com. http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31476578.html # Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés. ** This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system. # -- Mike Johnson Datatel Programmer/Analyst Northern Ontario School of Medicine 955 Oliver Road Thunder Bay, ON P7B 5E1 Phone: (807) 766-7331 Email: mike.john...@nosm.ca
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Turn your RT debug logging on and check that log to see what it's doing.# Hello mike the rt.log says the following: username: USER , service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)pr 26 06:58:11 2011] [debug]: LDAP Search === Base: ou=User,dc=xxx,dc=xxx,dc=local == Filter: ((ObjectClass=*)(sAMAccountName=User)) == Attrs: cn,sAMAccountName (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304) [Tue Apr 26 06:58:11 2011] [debug]: User Check Failed :: ( My_LDAP ) USER User not found (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:318) So sth goes awry Any further hints,clues or advices would be helpfully best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31476578.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Is it clear what i want? No? okay i try to describe a litte bit more exaclty as far as possible from myself okay my ldapseach command which runs perfectly is: sudo ldapsearch -h xxx.xxx.local -D xxx\User -w password -b 'dc=xxx, dc=local -s sub sAMAccountName=USER So here are my RT Config Parameter again: Set($ExternalSettings,{'My_LDAP' ={ ## GENERIC SECTION 'type' = 'ldap', 'server' = '192.168.123.45', 'user' = 'USER', 'pass' = 'password', 'base' = 'ou=companyou,ou=User,dc=xxx,dc=xxx,dc=local', 'filter' = '(ObjectClass=*)', 'd_filter' = '(userAccountControl=514)' # 'tls'= 0, # 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], # 'group' = 'Benutzer', # 'group_attr' = 'GROUP_ATTR', 'attr_match_list' = ['Name', #'EmailAddress', ], 'attr_map' = { 'Name' = 'sAMAccountName', 'RealName' = 'cn', 'EmailAddress' = 'mail', 'Organization' = 'physicalDeliveryOfficeName', 'RealName' = 'cn', 'ExternalAuthId' = 'sAMAccountName', 'Gecos' = 'sAMAccountName', 'WorkPhone' = 'telephoneNumber', 'Address1' = 'streetAddress', 'City' = 'l', 'State' = 'st', 'Zip' = 'postalCode', 'Country' = 'co' } } I'll try to find out, which parameter doesn't match with the ldap one ... cause if i try to authorize on rt with an ad user my AD gives the following message out: xxx.xxx.xxx.xxx:2799 NTDS NoneTCP4 32 NonDSE Can't find object 0.0 0 best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448102.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
hello, i would say that as you have commented ou the EmailAdress in the attribute match list, you need to remove the , (comma) after the Name attribute I think i remember having some error similar ; the last parameter must NOT have the comma, at the end of the line so your config would look like : 'attr_match_list' = ['Name' #'EmailAddress', ], Raphaël Raphaël MOUNEYRES Ingénieur Moyens Tests Avenue Paul Gellos 64990 Mouguerre Phone: +33 (0)5 59 58 41 51 Email: raphael.mouney...@sagemcom.com john s. firesk...@gmx.de Envoyé par : rt-users-boun...@lists.bestpractical.com 21/04/2011 11:31 A rt-users@lists.bestpractical.com cc Objet Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Is it clear what i want? No? okay i try to describe a litte bit more exaclty as far as possible from myself okay my ldapseach command which runs perfectly is: sudo ldapsearch -h xxx.xxx.local -D xxx\User -w password -b 'dc=xxx, dc=local -s sub sAMAccountName=USER So here are my RT Config Parameter again: Set($ExternalSettings,{'My_LDAP' ={ ## GENERIC SECTION 'type' = 'ldap', 'server' = '192.168.123.45', 'user' = 'USER', 'pass' = 'password', 'base' = 'ou=companyou,ou=User,dc=xxx,dc=xxx,dc=local', 'filter' = '(ObjectClass=*)', 'd_filter' = '(userAccountControl=514)' # 'tls'= 0, # 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], # 'group' = 'Benutzer', # 'group_attr' = 'GROUP_ATTR', 'attr_match_list' = ['Name', #'EmailAddress', ], 'attr_map' = { 'Name' = 'sAMAccountName', 'RealName' = 'cn', 'EmailAddress' = 'mail', 'Organization' = 'physicalDeliveryOfficeName', 'RealName' = 'cn', 'ExternalAuthId' = 'sAMAccountName', 'Gecos' = 'sAMAccountName', 'WorkPhone' = 'telephoneNumber', 'Address1' = 'streetAddress', 'City' = 'l', 'State' = 'st', 'Zip' = 'postalCode', 'Country' = 'co' } } I'll try to find out, which parameter doesn't match with the ldap one ... cause if i try to authorize on rt with an ad user my AD gives the following message out: xxx.xxx.xxx.xxx:2799 NTDS NoneTCP4 32 NonDSE Can't find object 0.0 0 best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448102.html Sent from the Request Tracker - User mailing list archive at Nabble.com. # Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés. ** This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system. # image/gifimage/gif
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hello Raphael No nothing has changed at all... still the same error sth. goes really wrong ... i have to track the issue in order to determine the issue but i don't know how .. any idea or a clue ? Her is the tcpdumpo log: 13:27:25.872995 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [.], ack 1, win 5840, length 0 13:27:25.875403 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [P.], seq 1:33, ack 1, win 5840, length 32 13:27:25.875739 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 33, win 64240, length 0 13:27:25.877367 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [P.], seq 1:23, ack 33, win 64240, length 22 13:27:25.877460 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [.], ack 23, win 5840, length 0 13:27:25.889275 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [P.], seq 33:282, ack 23, win 5840, length 249 13:27:25.889595 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 282, win 64240, length 0 13:27:25.890369 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [P.], seq 23:165, ack 282, win 64240, length 142 13:27:25.895897 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [F.], seq 282, ack 165, win 6432, length 0 13:27:25.897013 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 283, win 64239, length 0 13:27:25.897328 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [R.], seq 165, ack 283, win 64239, length 0 may it could help best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448783.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
reading your previous messages : your RT log shows :...:: ( My_LDAP ) RT-USER User not found that mean your LDAP server is sending a response that the RT-USER is not existing in his database then you mention successfully : sudo ldapsearch -h xxx.xxx.local -D xxx\User -w password -b 'dc=xxx, dc=local -s sub sAMAccountName= USER that mean USER is existing in the database so are you using the good login on RT screen ? john s. firesk...@gmx.de Envoyé par : rt-users-boun...@lists.bestpractical.com 21/04/2011 13:43 A rt-users@lists.bestpractical.com cc Objet Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Hello Raphael No nothing has changed at all... still the same error sth. goes really wrong ... i have to track the issue in order to determine the issue but i don't know how .. any idea or a clue ? Her is the tcpdumpo log: 13:27:25.872995 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [.], ack 1, win 5840, length 0 13:27:25.875403 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [P.], seq 1:33, ack 1, win 5840, length 32 13:27:25.875739 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 33, win 64240, length 0 13:27:25.877367 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [P.], seq 1:23, ack 33, win 64240, length 22 13:27:25.877460 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [.], ack 23, win 5840, length 0 13:27:25.889275 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [P.], seq 33:282, ack 23, win 5840, length 249 13:27:25.889595 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 282, win 64240, length 0 13:27:25.890369 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [P.], seq 23:165, ack 282, win 64240, length 142 13:27:25.895897 IP ubunturt3.52185 xxx.xxx.local.ldap: Flags [F.], seq 282, ack 165, win 6432, length 0 13:27:25.897013 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [.], ack 283, win 64239, length 0 13:27:25.897328 IP xxx.xxx.local.ldap ubunturt3.52185: Flags [R.], seq 165, ack 283, win 64239, length 0 may it could help best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448783.html Sent from the Request Tracker - User mailing list archive at Nabble.com. # Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés. ** This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system. #
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
One thing that stands out in your config is your d_filter. I read on the RT wiki somewhere that d_filter for an AD you needed to put what I have below: 'd_filter' = '(userAccountControl:1.2.840.113556.1.4.803:=2)', Read these 2 microsoft support KB to learn more on why http://support.microsoft.com/kb/305144 http://support.microsoft.com/kb/269181 Also, you have tls, ssl_version, group and group_attr commented out. Someone else can correct me, but I believe you need to define those in your settings. Best I can do with my limited knowledge. Good luck! Mike. On Thu, Apr 21, 2011 at 5:31 AM, john s. firesk...@gmx.de wrote: Is it clear what i want? No? okay i try to describe a litte bit more exaclty as far as possible from myself okay my ldapseach command which runs perfectly is: sudo ldapsearch -h xxx.xxx.local -D xxx\User -w password -b 'dc=xxx, dc=local -s sub sAMAccountName=USER So here are my RT Config Parameter again: Set($ExternalSettings,{'My_LDAP' ={ ## GENERIC SECTION 'type' = 'ldap', 'server' = '192.168.123.45', 'user' = 'USER', 'pass' = 'password', 'base' = 'ou=companyou,ou=User,dc=xxx,dc=xxx,dc=local', 'filter' = '(ObjectClass=*)', 'd_filter' = '(userAccountControl=514)' # 'tls'= 0, # 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], # 'group' = 'Benutzer', # 'group_attr' = 'GROUP_ATTR', 'attr_match_list' = ['Name', #'EmailAddress', ], 'attr_map' = { 'Name' = 'sAMAccountName', 'RealName' = 'cn', 'EmailAddress' = 'mail', 'Organization' = 'physicalDeliveryOfficeName', 'RealName' = 'cn', 'ExternalAuthId' = 'sAMAccountName', 'Gecos' = 'sAMAccountName', 'WorkPhone' = 'telephoneNumber', 'Address1' = 'streetAddress', 'City' = 'l', 'State' = 'st', 'Zip' = 'postalCode', 'Country' = 'co' } } I'll try to find out, which parameter doesn't match with the ldap one ... cause if i try to authorize on rt with an ad user my AD gives the following message out: xxx.xxx.xxx.xxx:2799 NTDS NoneTCP4 32 NonDSE Can't find object 0.0 0 best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448102.html Sent from the Request Tracker - User mailing list archive at Nabble.com. -- Mike Johnson Datatel Programmer/Analyst Northern Ontario School of Medicine 955 Oliver Road Thunder Bay, ON P7B 5E1 Phone: (807) 766-7331 Email: mike.john...@nosm.ca
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
@Raphael so are you using the good login on RT screen ? Waht do you mean with an good login? @Mike Hello Mike I have readed the 2 Articles and modified my config in such way ... but the same error occurs ... but i have found sth... on my AD, i 'll try to copy the infos which should be necessary ... xxx.xxx.xxx.xxx:2206 NTDS None TCP 4 32 NonDSE Can't find Objekt 0.0 0 0.0 xxx.xxx.xxx.xxx:2200 NTDS None TCP 4 32 NonDSE Can't find Objekt 0.0 0 0.0 thats one of it ... xxx.xxx.xxx.xxx:2200 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0 xxx.xxx.xxx.xxx.2206 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0 This is the same log but i comes a litte bit later i wonder why success And now it comes really strange: Thats the search log Client Instanz Objektname Filtername Reply/s Response Time (ms) CPU% Internal NTDS [](displayName=RT-USER) 0 0 0 0 Internal NTDS [] (displayName=RT-USER)0 0 00 I don't understand it looks like , that he can't resolve the objectname. best regards john. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31450244.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Turn your RT debug logging on and check that log to see what it's doing. I believe the debug log shows you the actual LDAP call it's doing... then you can verify what is failing based on that. Good luck! Mike. On Thu, Apr 21, 2011 at 10:55 AM, john s. firesk...@gmx.de wrote: @Raphael so are you using the good login on RT screen ? Waht do you mean with an good login? @Mike Hello Mike I have readed the 2 Articles and modified my config in such way ... but the same error occurs ... but i have found sth... on my AD, i 'll try to copy the infos which should be necessary ... xxx.xxx.xxx.xxx:2206 NTDS None TCP 4 32 NonDSE Can't find Objekt 0.0 0 0.0 xxx.xxx.xxx.xxx:2200 NTDS None TCP 4 32 NonDSE Can't find Objekt 0.0 0 0.0 thats one of it ... xxx.xxx.xxx.xxx:2200 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0 xxx.xxx.xxx.xxx.2206 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0 This is the same log but i comes a litte bit later i wonder why success And now it comes really strange: Thats the search log Client Instanz Objektname Filtername Reply/s Response Time (ms) CPU% Internal NTDS [](displayName=RT-USER) 0 0 0 0 Internal NTDS [] (displayName=RT-USER) 0 0 00 I don't understand it looks like , that he can't resolve the objectname. best regards john. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31450244.html Sent from the Request Tracker - User mailing list archive at Nabble.com. -- Mike Johnson Datatel Programmer/Analyst Northern Ontario School of Medicine 955 Oliver Road Thunder Bay, ON P7B 5E1 Phone: (807) 766-7331 Email: mike.john...@nosm.ca
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Greetings Luis okay i have trimmed my config a little bit and now it look like this: Set($ExternalAuthPriority, [ ' My_LDAP' ]); Set($ExternalInfoPriority, ['My_LDAP']); #Set($ExternalServiceUsesSSLorTLS, 0 ); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION 'type' = 'ldap', 'server' = 'ipserver', 'user' = 'USER', 'pass' = 'pass', 'base' = 'ou=OU Unit,dc=sb,dc=local', 'filter' = '(ObjectClass=*)', 'd_filter' = '(userAccountControl=514)' # 'tls'= 0, 'ssl_version' = 3, 'net_ldap_args' = [ version = 3 ], 'group' = 'Benutzer', 'group_attr' = 'GROUP_ATTR', 'attr_match_list' = ['Name', 'EmailAddress', ], 'attr_map' = { 'Name' = 'sAMAccountName', } } } ); And now i have also posted the apache logfile, cause this comments the steps from which lines i had to comment out that apache will start... so thats the basic without any outlines... and this one doesn't work... http://pastebin.com/PHpDsi7S http://pastebin.com/PHpDsi7S and now the config which let apache started: #RT Authenth# Set($ExternalAuthPriority, [ ' My_LDAP' ]); Set($ExternalInfoPriority, ['My_LDAP']); #Set($ExternalServiceUsesSSLorTLS, 0 ); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION 'type' = 'ldap', 'server' = '192.168.10.40', 'user' = 'RT-USER', 'pass' = 'sl-pg33011', 'base' = 'ou=SBAOU Unit,dc=sbah,dc=local', 'filter' = '(ObjectClass=*)', 'd_filter' = '(userAccountControl=514)' # 'tls'= 0, # 'ssl_version' = 3, # 'net_ldap_args' = [version = 3 ], # 'group' = 'Benutzer', # 'group_attr' = 'GROUP_ATTR', # 'attr_match_list' = ['Name', # 'EmailAddress', # ], # 'attr_map' = { 'Name' = 'sAMAccountName', #'EmailAddress' = 'mail', # 'Organization' = 'physicalDeliveryOfficeName', # 'RealName' = 'cn', # 'ExternalAuthId' = 'sAMAccountName', # 'Gecos' = 'sAMAccountName', # 'WorkPhone' = 'telephoneNumber', # 'Address1' = 'streetAddress', # 'City' = 'l',
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Addition: So i have make an tracelog over port 389 with tcpdump The Result: No request is going out if I try to authorize on RT so i think the plugin doesn't work anymore ... best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31423760.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hi John, It looks that you missed a comma after 'd_filter' = '(userAccountControl=514)' In addition, please check you settings here 'attr_map' = { 'Name' = 'sAMAccountName',... Nothing else to match? If so, just to be sure, please delete the comma after 'sAMAccountName'. Finally, I would recommend you to comment 'ssl_version' = 3, After you get this configuration to work, then you can play with the SSL configuration. Good luck, Best, - 4. Re: RT-Authen-ExternalAuth-0.08 which packages i need for (john s.) Message: 4 Date: Mon, 18 Apr 2011 04:07:28 -0700 (PDT) From: john s. firesk...@gmx.de To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Message-ID: 31422830.p...@talk.nabble.com Content-Type: text/plain; charset=us-ascii Greetings Luis okay i have trimmed my config a little bit and now it look like this: Set($ExternalAuthPriority, [ ' My_LDAP' ]); Set($ExternalInfoPriority, ['My_LDAP']); #Set($ExternalServiceUsesSSLorTLS, 0 ); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION 'type' = 'ldap', 'server' = 'ipserver', 'user' = 'USER', 'pass' = 'pass', 'base' = 'ou=OU Unit,dc=sb,dc=local', 'filter' = '(ObjectClass=*)', 'd_filter' = '(userAccountControl=514)' # 'tls'= 0, 'ssl_version' = 3, 'net_ldap_args' = [ version = 3 ], 'group' = 'Benutzer', 'group_attr' = 'GROUP_ATTR', 'attr_match_list' = ['Name', 'EmailAddress', ], 'attr_map' = { 'Name' = 'sAMAccountName', } } } ); And now i have also posted the apache logfile, cause this comments the steps from which lines i had to comment out that apache will start... so thats the basic without any outlines... and this one doesn't work... http://pastebin.com/PHpDsi7S http://pastebin.com/PHpDsi7S and now the config which let apache started: #RT Authenth# Set($ExternalAuthPriority, [ ' My_LDAP' ]); Set($ExternalInfoPriority, ['My_LDAP']); #Set($ExternalServiceUsesSSLorTLS, 0 ); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION 'type' = 'ldap', 'server' = '192.168.10.40', 'user' = 'RT-USER', 'pass' = 'sl-pg33011', 'base' = 'ou=SBAOU Unit,dc=sbah,dc=local', 'filter' = '(ObjectClass=*)', 'd_filter' = '(userAccountControl=514)' # 'tls'= 0, # 'ssl_version' = 3, # 'net_ldap_args' = [version = 3 ], # 'group' = 'Benutzer', # 'group_attr' = 'GROUP_ATTR', # 'attr_match_list' = ['Name', # 'EmailAddress', # ], # 'attr_map' = { 'Name' = 'sAMAccountName', #'EmailAddress' = 'mail', # 'Organization' = 'physicalDeliveryOfficeName', # 'RealName' = 'cn', # 'ExternalAuthId' = 'sAMAccountName', # 'Gecos' = 'sAMAccountName', # 'WorkPhone' = 'telephoneNumber', # 'Address1' = 'streetAddress', # 'City' = 'l', # 'State' = 'st', # 'Zip' = 'postalCode', # 'Country' = 'co' } } #} ); So as far as you can see, the other version with clean comments and # signs doesn't work. But i don't know why or if i walking completely off the track at the moment :-( Best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-nee d-for-tp31388437p31422830
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
you also have a space befor My_LDAP here, wich does not match the later defined service Set($ExternalAuthPriority, [ ' My_LDAP' ]); ... Set($ExternalSettings, {'My_LDAP' = { Luis Avendaño lavend...@acmgrp.com Envoyé par : rt-users-boun...@lists.bestpractical.com 18/04/2011 15:32 A rt-users@lists.bestpractical.com cc Objet Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Hi John, It looks that you missed a comma after 'd_filter' = '(userAccountControl=514)' In addition, please check you settings here 'attr_map' = { 'Name' = 'sAMAccountName',... Nothing else to match? If so, just to be sure, please delete the comma after 'sAMAccountName'. Finally, I would recommend you to comment 'ssl_version' = 3, After you get this configuration to work, then you can play with the SSL configuration. Good luck, Best, - 4. Re: RT-Authen-ExternalAuth-0.08 which packages i need for (john s.) Message: 4 Date: Mon, 18 Apr 2011 04:07:28 -0700 (PDT) From: john s. firesk...@gmx.de To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Message-ID: 31422830.p...@talk.nabble.com Content-Type: text/plain; charset=us-ascii Greetings Luis okay i have trimmed my config a little bit and now it look like this: Set($ExternalAuthPriority, [ ' My_LDAP' ]); Set($ExternalInfoPriority, ['My_LDAP']); #Set($ExternalServiceUsesSSLorTLS, 0 ); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION 'type' = 'ldap', 'server' = 'ipserver', 'user' = 'USER', 'pass' = 'pass', 'base' = 'ou=OU Unit,dc=sb,dc=local', 'filter' = '(ObjectClass=*)', 'd_filter' = '(userAccountControl=514)' # 'tls'= 0, 'ssl_version' = 3, 'net_ldap_args' = [ version = 3 ], 'group' = 'Benutzer', 'group_attr' = 'GROUP_ATTR', 'attr_match_list' = ['Name', 'EmailAddress', ], 'attr_map' = { 'Name' = 'sAMAccountName', } } } ); And now i have also posted the apache logfile, cause this comments the steps from which lines i had to comment out that apache will start... so thats the basic without any outlines... and this one doesn't work... http://pastebin.com/PHpDsi7S http://pastebin.com/PHpDsi7S and now the config which let apache started: #RT Authenth# Set($ExternalAuthPriority, [ ' My_LDAP' ]); Set($ExternalInfoPriority, ['My_LDAP']); #Set($ExternalServiceUsesSSLorTLS, 0 ); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION 'type' = 'ldap', 'server' = '192.168.10.40', 'user' = 'RT-USER', 'pass' = 'sl-pg33011', 'base' = 'ou=SBAOU Unit,dc=sbah,dc=local', 'filter' = '(ObjectClass=*)', 'd_filter' = '(userAccountControl=514)' # 'tls'= 0, # 'ssl_version' = 3, # 'net_ldap_args' = [version = 3 ], # 'group' = 'Benutzer', # 'group_attr' = 'GROUP_ATTR', # 'attr_match_list' = ['Name', # 'EmailAddress', # ], # 'attr_map' = { 'Name' = 'sAMAccountName', #'EmailAddress' = 'mail', # 'Organization' = 'physicalDeliveryOfficeName', # 'RealName' = 'cn', # 'ExternalAuthId' = 'sAMAccountName', # 'Gecos' = 'sAMAccountName', # 'WorkPhone' = 'telephoneNumber', # 'Address1' = 'streetAddress', # 'City' = 'l', # 'State' = 'st', # 'Zip' = 'postalCode
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Greetign Raphael i have changed this ... and nothing happens ... here is an outline from my apachelogfile: [Mon Apr 18 15:33:33 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 18 15:33:33 2011] [debug]: Calling UserExists with $username (RT-USER) and $service (My_LDAP) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105) [Mon Apr 18 15:33:33 2011] [debug]: UserExists params: username: RT-USER , service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274) [Mon Apr 18 15:33:33 2011] [debug]: LDAP Search === Base: ou=SBAOU Unit,dc=srv41,dc=sbah,dc=local == Filter: ((ObjectClass=*)(sAMAccountName=RT-USER)) == Attrs: cn,sAMAccountName (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304) [Mon Apr 18 15:33:33 2011] [debug]: User Check Failed :: ( My_LDAP ) RT-USER User not found (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:318) [Mon Apr 18 15:33:33 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26) [Mon Apr 18 15:33:33 2011] [error]: FAILED LOGIN for RT-USER from 192.168.112.1 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424) [Mon Apr 18 15:33:33 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 18 15:33:33 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92) [Mon Apr 18 15:33:33 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26) [Mon Apr 18 15:33:34 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 18 15:33:34 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92) [Mon Apr 18 15:33:34 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/ so as far as i can see he find the user ... but the user check fails but i don't know what does it mean exactly ps: i thought perl doesn't pay much attention on spaces best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31425121.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Greetings Louis Despite your piece of good advice my Syntax is correct also, Cause i only used the # Sign to comment out the Lines which will apache2 get into trouble.If try to run normally the same issue appears. And in refer to the Readme .. you can also write: 'attr_match_list' = ['Name', 'EmailAddress', 'RealName', 'WorkPhone', 'Address2' ], the only important thing is to set the brackets correctly and this will benoticed if you try to restart apache So.. thats not the problem any other clue or idea? best regards john s. -- View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31404102.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hi John, you have a syxtax error somewhere, and it's pretty close when you set EmailAddress. Your error is: Couldn't load RT config file RT_SiteConfig.pm:nnsyntax error at /opt/rt3/etc/RT_SiteConfig.pm line 146, near 'EmailAddress'nCompilation failed in require at /opt/rt3/bin/../lib/RT/Config.pm line 562.nCompilation failed in require at (eval 2) line 1.n Try to make a configuration file without all the comments you have within the Authen:External008.. conf (delete all the #). You might be missing something. Best Regards, - Greetings Louis Despite your piece of good advice my Syntax is correct also, Cause i only used the # Sign to comment out the Lines which will apache2 get into trouble.If try to run normally the same issue appears. And in refer to the Readme .. you can also write: 'attr_match_list' = [ 'Name', 'EmailAddress', 'RealName', 'WorkPhone', 'Address2' ], the only important thing is to set the brackets correctly and this will benoticed if you try to restart apache So.. thats not the problem any other clue or idea? best regards john s. Message: 3 Date: Fri, 15 Apr 2011 02:26:11 -0700 (PDT) From: john s. To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Message-ID: Content-Type: text/plain; charset=us-ascii Greetings Louis Despite your piece of good advice my Syntax is correct also, Cause i only used the # Sign to comment out the Lines which will apache2 get into trouble.If try to run normally the same issue appears. And in refer to the Readme .. you can also write: 'attr_match_list' = [ 'Name', 'EmailAddress', 'RealName', 'WorkPhone', 'Address2' ], the only important thing is to set the brackets correctly and this will benoticed if you try to restart apache So.. thats not the problem any other clue or idea? best regards john s. -- View this message in context: Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hello Luis First of all many thanks for you help I have set my ldap configuration in this way which you have described, but there are still coming some error messages in relation to the apache2 log file: cutout apache.log: Couldn't load RT config file RT_SiteConfig.pm:\n\nsyntax error at /opt/rt3/etc/RT_SiteConfig.pm line 146, near 'EmailAddress'\nCompilation failed in require at /opt/rt3/bin/../lib/RT/Config.pm line 562.\nCompilation failed in require at (eval 2) line 1.\n Similar errors comes if try to activate the following command lines: 'tls'= 0, ssl_version' = 3, 'net_ldap_args' = [version = 3 ], 'group' = 'User', 'group' = 'GROUP_NAME', 'attr_match_list' = ['Name', # 'EmailAddress', ], # 'attr_map' = { 'Name' = 'sAMAccountName', #'EmailAddress' = 'mail', # 'Organization' = # 'Organization' = 'physicalDeliveryOfficeName', # 'RealName' = 'cn', # 'ExternalAuthId' = 'sAMAccountName', # 'Gecos' = 'sAMAccountName', # 'WorkPhone' = 'telephoneNumber', # 'Address1' = 'streetAddress', # 'City' = 'l', # 'State' = 'st', # 'Zip' = 'postalCode', # 'Country' = 'co' } } ); So i had to comment out some command lines in order to determine whats going wrong and the the apache server will runing fine : Her is my new config: #RT Authenth# Set($ExternalAuthPriority, [ ' My_LDAP' ]); Set($ExternalInfoPriority, ['My_LDAP']); Set($ExternalServiceUsesSSLorTLS, 0 ); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, {'My_LDAP' = { ## GENERIC SECTION # The type of service (db/ldap/cookie) 'type' = 'ldap', # The server hosting the service 'server' = '192.168.23.40', ## SERVICE-SPECIFIC SECTION # If you can bind to your LDAP server anonymously you should # remove the user and pass config lines, otherwise specify them here: # # The username RT should use to connect to the LDAP server 'user' = 'USER', # The password RT should use to connect to the LDAP server 'pass' = 'password', # # The LDAP search base 'base' = 'ou= Unit,dc=s***,dc=local', # # ALL FILTERS MUST BE VALID LDAP FILTERS ENCASED IN PARENTHESES! # YOU **MUST** SPECIFY A filter AND A d_filter!! # # The filter to use to match RT-Users 'filter' = '(ObjectClass=*)', # A catch-all example filter: '(objectClass=*)' # # The filter that will only match disabled users 'd_filter' = '(userAccountControl=514)'
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hi John, apparently your problem is this: 'attr_match_list' = [ 'Name', # 'EmailAddress', ], # 'attr_map' = { 'Name' = 'sAMAccountName', ... You have to ensure formatting correctly the list. For example: 'attr_match_list' = [ 'Name' ]... you are doing this: 'attr_match_list' = [ 'Name', In addition, check also attr_map. For example: 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'RealName' = 'cn', 'WorkPhone' = 'telephoneNumber' } The error you are getting is that the SiteConfig is not correctly formed. Hope this helps, Best, Luis Avendaño Grupo Latinoamericano ACM Av. Venezuela Torre America, Piso 1 Ofic 116, Bello Monte. Caracas, Venezuela Phone: (+58) 212-763.4104 Fax: (+58) 212-763.1847 http://www.acmgrp.com USO DE CORREO ELECTRÓNICO DE ACM ** Este mensaje puede contener información únicamente de interés para ACM GROUP o sus negocios y es enviado solamente al destinatario designado, y puede contener información privilegiada, patentada o privada. La copia, distribución, revelación o cualquier uso de la información contenida en este mensaje es permitida solo a personas autorizadas. Si ha recibido este correo electrónico por error, por favor destruyalo y notifique inmediatamente a webmas...@acmgrp.com o al remitente ** ACM GROUP INTERNET E-MAIL USE *** This message may contain information solely of the interest of ACM or its businesses and is delivered for the designated recipient only and may containprivileged, proprietary, or otherwise privatetion. Copying, distribution, disclosure or any use of the information contained in this transmission is permitted only to authorized parties. If you have received this e-mail by error, please destroy it and notify webmas...@acmgrp.com or the sender immediately **
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Authentification ?
Someone out there ? best regards john s. -- View this message in context: http://old.nabble.com/RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-Authentification---tp31342791p31385180.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hi Jhon, Based on the Rt_SiteConfig piece you sent, there is a missing variable setting in your configuration. You put this: Set($AutoCreateNonExternalUsers, 0); 'My_LDAP' = { ## GENERIC . It should be like this: Set($ExternalSettings, { # AN EXAMPLE DB SERVICE 'My_LDAP' = In addition, based on the log you sent, you are also configuring My_SSO and My_MySQL. If you are not using these services to authenticate, please delete them from the RT_SiteConfig file. If you are using them I would recommend you going step by step. First configure the LDAP, then go for the next source This is an example of a working conf, using RT 3.8.9 and LDAP = Active Directory: #Set($WebExternalAuth, 1); #Set($WebExternalAuthContinuous, 1); #Set($WebExternalGecos , undef); #Set($WebExternalAuto , true); #Set($WebFallbackToInternalAuth , undef); Set($ExternalAuthPriority, [ 'My_LDAP' ]); Set($ExternalInfoPriority, ['My_LDAP']); Set($ExternalServiceUsesSSLorTLS,0); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, { 'My_LDAP' = { ## GENERIC SECTION 'type' = 'ldap', 'server' = '***.***.***.***', 'user' = '*\*', 'pass' = '', 'base' = 'DC=*,DC=com,DC=ve', 'filter' = '(objectClass=*)', 'd_filter' = '(userAccountControl=514)', 'tls' = 0, 'net_ldap_args' = [version = 3 ], #'group' = 'GROUP_NAME', #'group_attr' = 'GROUP_ATTR', 'attr_match_list' = ['Name', 'EmailAddress' # 'RealName', # 'WorkPhone' ], 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'RealName' = 'cn', 'WorkPhone' = 'telephoneNumber' } } } ); o Set( @Plugins, qw( RT::Authen::ExternalAuth ) ); Give a shot with this, and then get back with the resulted log file and final configuration. Hope this helps, Best, Luis Avendaño
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Authentification ?
You don't say your RT version, or what fails, it is possible you need .08_01 if you're running RT 3.8.9 Hello Kevin Sorry i forgot i currently useig the Version 3.8.9 So i had followed your advice and now the RT-Authen-ExternalAuth-0.08_01 is still running. At first it looks better than before, now i get response from the rt.log.. but there still some problems ... here is the relevant piece of information from my log file: Reloading RT::User to work around a bug in RT-3.8.0 and RT-3.8.1 (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:14) [Mon Apr 11 12:13:55 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:13:55 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92) [Mon Apr 11 12:13:55 2011] [debug]: Attempting to use external auth service: My_MySQL (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:13:55 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92) [Mon Apr 11 12:13:55 2011] [debug]: Attempting to use external auth service: My_SSO_Cookie (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:13:55 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92) [Mon Apr 11 12:13:55 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26) [Mon Apr 11 12:14:06 2011] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:14:06 2011] [debug]: Calling UserExists with $username (RT-USER) and $service (My_LDAP) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105) [Mon Apr 11 12:14:06 2011] [debug]: Invalid service type for UserExists: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:361) [Mon Apr 11 12:14:06 2011] [debug]: Attempting to use external auth service: My_MySQL (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:14:06 2011] [debug]: Calling UserExists with $username (RT-USER) and $service (My_MySQL) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105) [Mon Apr 11 12:14:06 2011] [debug]: Invalid service type for UserExists: My_MySQL (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:361) [Mon Apr 11 12:14:06 2011] [debug]: Attempting to use external auth service: My_SSO_Cookie (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64) [Mon Apr 11 12:14:06 2011] [debug]: Calling UserExists with $username (RT-USER) and $service (My_SSO_Cookie) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105) [Mon Apr 11 12:14:06 2011] [debug]: Invalid service type for UserExists: My_SSO_Cookie (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:361) [Mon Apr 11 12:14:06 2011] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26) [Mon Apr 11 12:14:06 2011] [error]: FAILED LOGIN for RT-USER from 192.168.112.1 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424) Thanks in advance best regrads john s. -- View this message in context: http://old.nabble.com/RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-Authentification---tp31342791p31369863.html Sent from the Request Tracker - User mailing list archive at Nabble.com.
[rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Authentification ?
Hello all I try to integrate ExternalAuth-0.08 Modul in RT. But i don't know exactly which system packages i need for it.. for only an Authentifiaction with RT no Samba or other stuff My System is : Ubuntu 10.04 here is my Ldap Config: # AN EXAMPLE LDAP SERVICE Set($ExternalAuthPriority, [ 'My_LDAP' ] ); Set($ExternalInfoPriority, [ 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS,0); Set($AutoCreateNonExternalUsers, 0); 'My_LDAP' = { ## GENERIC SECTION # The type of service (db/ldap/cookie) 'type' = 'ldap', # The server hosting the service 'server' = '192.168.123.41', ## SERVICE-SPECIFIC SECTION # If you can bind to your LDAP server anonymously you should # remove the user and pass config lines, otherwise specify them here: # # The username RT should use to connect to the LDAP server 'user' = 'USER', # The password RT should use to connect to the LDAP server 'pass' = 'password', # # The LDAP search base 'base' = 'ou=Benutzer,ou=SBAOU,dc=sbah,dc=local', # # ALL FILTERS MUST BE VALID LDAP FILTERS ENCASED IN PARENTHESES! # YOU **MUST** SPECIFY A filter AND A d_filter!! # # The filter to use to match RT-Users 'filter' = '(objectClass=User)', # A catch-all example filter: '(objectClass=*)' # # The filter that will only match disabled users 'd_filter' = '(objectClass=FooBarBaz)', # A catch-none example d_filter: '(objectClass=FooBarBaz)' # # Should we try to use TLS to encrypt connections? 'tls' = 0, # SSL Version to provide to Net::SSLeay *if* using SSL 'ssl_version' = 3, # What other args should I pass to Net::LDAP-new($host,@args)? 'net_ldap_args' = [version = 3 ], # Does authentication depend on group membership? What group name? 'group' = 'GROUP_NAME', # What is the attribute for the group object that determines membership? 'group_attr' = 'GROUP_ATTR', ## RT ATTRIBUTE MATCHING SECTION # The list of RT attributes that uniquely identify a user # This example shows what you *can* specify.. I recommend reducing this # to just the Name and EmailAddress to save encountering problems later. 'attr_match_list' = ['Name', 'EmailAddress',
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for Authentification ?
On Thu, Apr 07, 2011 at 06:58:04AM -0700, john s. wrote: I try to integrate ExternalAuth-0.08 Modul in RT. You don't say your RT version, or what fails, it is possible you need .08_01 if you're running RT 3.8.9 But i don't know exactly which system packages i need for it.. for only an Authentifiaction with RT no Samba or other stuff My System is : Ubuntu 10.04 here is my Ldap Config: # AN EXAMPLE LDAP SERVICE Set($ExternalAuthPriority, [ 'My_LDAP' ] ); Set($ExternalInfoPriority, [ 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS,0); Set($AutoCreateNonExternalUsers, 0); 'My_LDAP' = { ## GENERIC SECTION # The type of service (db/ldap/cookie) 'type' = 'ldap', # The server hosting the service 'server' = '192.168.123.41', ## SERVICE-SPECIFIC SECTION # If you can bind to your LDAP server anonymously you should # remove the user and pass config lines, otherwise specify them here: # # The username RT should use to connect to the LDAP server 'user' = 'USER', # The password RT should use to connect to the LDAP server 'pass' = 'password', # # The LDAP search base 'base' = 'ou=Benutzer,ou=SBAOU,dc=sbah,dc=local', # # ALL FILTERS MUST BE VALID LDAP FILTERS ENCASED IN PARENTHESES! # YOU **MUST** SPECIFY A filter AND A d_filter!! # # The filter to use to match RT-Users 'filter' = '(objectClass=User)', # A catch-all example filter: '(objectClass=*)' # # The filter that will only match disabled users 'd_filter' = '(objectClass=FooBarBaz)', # A catch-none example d_filter: '(objectClass=FooBarBaz)' # # Should we try to use TLS to encrypt connections? 'tls' = 0, # SSL Version to provide to Net::SSLeay *if* using SSL 'ssl_version' = 3, # What other args should I pass to Net::LDAP-new($host,@args)? 'net_ldap_args' = [version = 3 ], # Does authentication depend on group membership? What group name? 'group' = 'GROUP_NAME', # What is the attribute for the group object that determines membership? 'group_attr' = 'GROUP_ATTR', ## RT ATTRIBUTE MATCHING SECTION # The list of RT attributes that uniquely identify a user # This example shows what you *can* specify.. I recommend reducing this # to just the Name and EmailAddress to save encountering problems later.