Hi, I'm trying to install RT (with Postgres and LDAP backends). I
have gotten it working with Postgres so far, but I'm now quite stuck
on the LDAP integration. Here is the snippet from RT_SiteConfig.pm
for LDAP:
Set($WebExternalAuth , '1');
Set($WebFallbackToInternalAuth , '1');
#Set(@Plugins,(qw(Extension::QuickDelete)));
#Set(@Plugins,(qw(RT::FM)));
Set(@Plugins, qw(RT::Authen::ExternalAuth));
#Set($LogToFileNamed , rt.log);
#Set($LogToFile , 'debug');
# The order in which the services defined in ExternalSettings
# should be used to get information about users. This includes
# RealName, Tel numbers etc, but also whether or not the user
# should be considered disabled.
# Once user info is found, no more services are checked.
Set($ExternalInfoPriority, [ 'My_LDAP' ]);
# If this is set to true, then the relevant packages will
# be loaded to use SSL/TLS connections. At the moment,
# this just means use Net::SSLeay;
Set($ExternalServiceUsesSSLorTLS, 0);
# If this is set to 1, then users should be autocreated by RT
# as internal users if they fail to authenticate from an
# external service.
Set($AutoCreateNonExternalUsers, 0);
# These are the full settings for each external service as a HashOfHashes
# Note that you may have as many external services as you wish. They will
# be checked in the order specified in the Priority directives above.
# e.g.
#
Set($ExternalAuthPriority,['My_LDAP']);
#
Set($ExternalSettings, {
# AN EXAMPLE LDAP SERVICE
'My_LDAP' = { ## GENERIC SECTION
# The type of service (db/ldap/cookie)
'type' = 'ldap',
# Should the service be used for authentication?
'auth' = 1,
# Should the service be used for information?
'info' = 1,
# The server hosting the service
'server' = 'redacted',
## SERVICE-SPECIFIC SECTION
# If you can bind to your LDAP server anonymously youshould
# remove the user and pass config lines, otherwisespecify them here:
#
# The username RT should use to connect to the LDAP server
'user' = 'redacted',
# The password RT should use to connect to the LDAP server
'pass' = 'redacted',
#
# The LDAP search base
'base' = 'redacted',
# The filter to use to match RT-Users
'filter' = '(objectclass=inetOrgPerson)',
# The filter that will only match disabled users
'd_filter' = '(employeeType=inactive)',
# Should we try to use TLS to encrypt connections?
'tls' = 0,
# What other args should I pass to Net::LDAP-new($host,@args)?
'net_ldap_args' = [ version = 3 ],
# Does authentication depend on group membership? What group name?
#'group' = '',
# What is the attribute for the group object thatdetermines membership?
#'group_attr' = '',
## RT ATTRIBUTE MATCHING SECTION
# The list of RT attributes that uniquely identify a user
'attr_match_list' = [ 'Name',
'EmailAddress',
'RealName',
#'WorkPhone',
#'Address2'
],
# The mapping of RT attributes on to LDAP attributes
'attr_map' = { 'Name' = 'displayName',
'EmailAddress' = 'mail',
#'Organization' = 'physicalDeliveryOfficeName',
'RealName' = 'cn'
#'ExternalAuthId' = 'sAMAccountName',
#'Gecos' = 'sAMAccountName',
#'WorkPhone' = 'telephoneNumber',
#'Address1' = 'streetAddress',
#'City' = 'l',
#'State' = 'st',
#'Zip' = 'postalCode',
#'Country' = 'co'
}
}
}
);
When I try to log into RT, I get the following error in the browser:
Undefined subroutine RT::Authen::ExternalAuth::UserExists called at
/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Auth
line 39, line 323.
And the only thing in the logs is as follows:
Dec 3 16:13:08 meatwad RT: Working around bug in RT and reloading
RT::User
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Auth:12)
Can anyone help me with this? I am banging my head against a wall at
this point.
--
Gwendolyn R. Schmidt
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]
Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
Buy a copy at http://rtbook.bestpractical.com
