Re: [rt-users] ExternalAuth Installed but not working
Here's a twist on my inability to get ExternalAuth to log. I've started developing some scripts using the REST API and I found that I will get ExternalAuth debug information when I am creating a user. Nice, verbose, wonderful debug information. Unfortunatly, login attempts still only report the success or failure of web.pm. Any ideas? =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
On Tue, Dec 13, 2011 at 12:28:35PM -0800, Ryan Backman wrote: Here's a twist on my inability to get ExternalAuth to log. I've started developing some scripts using the REST API and I found that I will get ExternalAuth debug information when I am creating a user. Nice, verbose, wonderful debug information. Unfortunatly, login attempts still only report the success or failure of [1]web.pm. Any ideas? Your thread never seemed to contain an RT version and an RT-Authen-ExternalAuth version. If you provided those and I missed them, I'm sorry. Without them, I'd be guessing blindly about your problem. -kevin pgplPb2thqr6O.pgp Description: PGP signature RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Hmm, Have you set ExternalAuth in your @Plugins? Have you set your logging level to debug? On Sat, Dec 10, 2011 at 12:16 PM, Ryan Backman rback...@georgefox.eduwrote: Thanks Mike and Kenn for the replies... Kenn, I was a little overzealous when redacting out of the my example config... my actual config has the double parenthesis at the end. Mike, I've tried the both your example and a '(objectClass=DoesntExist)' with no change. Does anyone have any ideas about why I can't see any log information from ExternalAuth. It looks like its installed but the only log info I get is about Web.pm. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston — March 5 6, 2012 -- Mike Johnson Datatel Programmer/Analyst Northern Ontario School of Medicine 955 Oliver Road Thunder Bay, ON P7B 5E1 Phone: (807) 766-7331 Email: mike.john...@nosm.ca RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Yes and Yes, Here are the configs. I can login to RT and see ExternalAuth on the Configuration page as well. Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set($LogToSyslog,'warning'); Set($LogToFile,'debug'); Set($LogToFileNamed,'rt.log'); Set($LogDir,'/var/log/request-tracker3.8'); =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ -- Forwarded message -- From: Mike Johnson mike.john...@nosm.ca To: rt-users@lists.bestpractical.com Date: Mon, 12 Dec 2011 09:00:28 -0500 Subject: Re: [rt-users] ExternalAuth Installed but not working Hmm, Have you set ExternalAuth in your @Plugins? Have you set your logging level to debug? On Sat, Dec 10, 2011 at 12:16 PM, Ryan Backman rback...@georgefox.edu wrote: Thanks Mike and Kenn for the replies... Kenn, I was a little overzealous when redacting out of the my example config... my actual config has the double parenthesis at the end. Mike, I've tried the both your example and a '(objectClass=DoesntExist)' with no change. Does anyone have any ideas about why I can't see any log information from ExternalAuth. It looks like its installed but the only log info I get is about Web.pm. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston — March 5 6, 2012 RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Thanks Mike and Kenn for the replies... Kenn, I was a little overzealous when redacting out of the my example config... my actual config has the double parenthesis at the end. Mike, I've tried the both your example and a '(objectClass=DoesntExist)' with no change. Does anyone have any ideas about why I can't see any log information from ExternalAuth. It looks like its installed but the only log info I get is about Web.pm. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Ryan, Looks like you're missing a right ) at the end of your filter line. Kenn On Thu, Dec 8, 2011 at 4:41 PM, Ryan Backman rback...@georgefox.edu wrote: I'm having a bit of trouble getting ExternalAuth to work. I've scoured the archives and the net and found many suggestions, but none have made any changes. - I've setup logging to go to a seperate file, but all I get is a Login Failure message in this file when I try to login: [Thu Dec 8 23:38:32 2011] [error]: FAILED LOGIN for rbackman from xx.xx.xx.xx (/usr/share/request-tracker3.8/lib/RT/Interface/Web.pm:424) - I'm seeing correct values in the online configuration view inside RT indicating that ExternalAuth is loaded as a Plugin and that ExternalAuthPriority is My_LDAP. - I can use the ldapsearch tool with the same variables on the same box successfully Any help is much appreciated. Below is my configuration: Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set ( $ExternalAuthPriority, [ 'My_LDAP' ] ); Set ( $ExternalInfoPriority, [ 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS,0); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, { 'My_LDAP' = { 'type' = 'ldap', 'server'= 'server.domain.edu', 'user' = 'CN=user,OU=admin...', 'pass' = 'pass', 'base' = 'dc=domain,...', 'filter'= '((objectClass=user)(memberOf=CN=Staff...)', 'd_filter' = '(userAccountControl=514)', 'tls' = 0, 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], 'group' = 'CN=All Users,...', 'group_attr'= 'member', 'attr_match_list' = ['Name', 'EmailAddress' ], 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'ExternalAuthId' = 'sAMAccountName', 'Gecos' = 'sAMAccountName' } } } ); 1; =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston — March 5 6, 2012 RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
I'm by no means an expert at this at all but I see you are using sAMAccountName which leads me to believe you are connecting to Active Directory. I had to use the bitmask version of the d_filter for the ldap search to filter out disabled users... not sure if this has anything to do with why you aren't able to login, but it's just something that stood out to me. My d_filter line is below 'd_filter' = '(userAccountControl:1.2.840.113556.1.4.803:=2)', Ken is also accurate in that you are missing a right parenthesis on your filter line. My filter line is below(so you can see how to use the ( stuff more stuff) 'filter'= '((objectCategory=User) (ObjectClass=Person))', Hope that helps! Mike. On Thu, Dec 8, 2011 at 7:41 PM, Ryan Backman rback...@georgefox.edu wrote: I'm having a bit of trouble getting ExternalAuth to work. I've scoured the archives and the net and found many suggestions, but none have made any changes. - I've setup logging to go to a seperate file, but all I get is a Login Failure message in this file when I try to login: [Thu Dec 8 23:38:32 2011] [error]: FAILED LOGIN for rbackman from xx.xx.xx.xx (/usr/share/request-tracker3.8/lib/RT/Interface/Web.pm:424) - I'm seeing correct values in the online configuration view inside RT indicating that ExternalAuth is loaded as a Plugin and that ExternalAuthPriority is My_LDAP. - I can use the ldapsearch tool with the same variables on the same box successfully Any help is much appreciated. Below is my configuration: Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set ( $ExternalAuthPriority, [ 'My_LDAP' ] ); Set ( $ExternalInfoPriority, [ 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS,0); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, { 'My_LDAP' = { 'type' = 'ldap', 'server'= 'server.domain.edu', 'user' = 'CN=user,OU=admin...', 'pass' = 'pass', 'base' = 'dc=domain,...', 'filter'= '((objectClass=user)(memberOf=CN=Staff...)', 'd_filter' = '(userAccountControl=514)', 'tls' = 0, 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], 'group' = 'CN=All Users,...', 'group_attr'= 'member', 'attr_match_list' = ['Name', 'EmailAddress' ], 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'ExternalAuthId' = 'sAMAccountName', 'Gecos' = 'sAMAccountName' } } } ); 1; =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston — March 5 6, 2012 -- Mike Johnson Datatel Programmer/Analyst Northern Ontario School of Medicine 955 Oliver Road Thunder Bay, ON P7B 5E1 Phone: (807) 766-7331 Email: mike.john...@nosm.ca RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012