Re: [rt-users] ExternalAuth Installed but not working
Here's a twist on my inability to get ExternalAuth to log. I've started developing some scripts using the REST API and I found that I will get ExternalAuth debug information when I am creating a user. Nice, verbose, wonderful debug information. Unfortunatly, login attempts still only report the success or failure of web.pm. Any ideas? =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
On Tue, Dec 13, 2011 at 12:28:35PM -0800, Ryan Backman wrote: Here's a twist on my inability to get ExternalAuth to log. I've started developing some scripts using the REST API and I found that I will get ExternalAuth debug information when I am creating a user. Nice, verbose, wonderful debug information. Unfortunatly, login attempts still only report the success or failure of [1]web.pm. Any ideas? Your thread never seemed to contain an RT version and an RT-Authen-ExternalAuth version. If you provided those and I missed them, I'm sorry. Without them, I'd be guessing blindly about your problem. -kevin pgplPb2thqr6O.pgp Description: PGP signature RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Hmm, Have you set ExternalAuth in your @Plugins? Have you set your logging level to debug? On Sat, Dec 10, 2011 at 12:16 PM, Ryan Backman rback...@georgefox.eduwrote: Thanks Mike and Kenn for the replies... Kenn, I was a little overzealous when redacting out of the my example config... my actual config has the double parenthesis at the end. Mike, I've tried the both your example and a '(objectClass=DoesntExist)' with no change. Does anyone have any ideas about why I can't see any log information from ExternalAuth. It looks like its installed but the only log info I get is about Web.pm. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston — March 5 6, 2012 -- Mike Johnson Datatel Programmer/Analyst Northern Ontario School of Medicine 955 Oliver Road Thunder Bay, ON P7B 5E1 Phone: (807) 766-7331 Email: mike.john...@nosm.ca RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Yes and Yes, Here are the configs. I can login to RT and see ExternalAuth on the Configuration page as well. Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set($LogToSyslog,'warning'); Set($LogToFile,'debug'); Set($LogToFileNamed,'rt.log'); Set($LogDir,'/var/log/request-tracker3.8'); =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ -- Forwarded message -- From: Mike Johnson mike.john...@nosm.ca To: rt-users@lists.bestpractical.com Date: Mon, 12 Dec 2011 09:00:28 -0500 Subject: Re: [rt-users] ExternalAuth Installed but not working Hmm, Have you set ExternalAuth in your @Plugins? Have you set your logging level to debug? On Sat, Dec 10, 2011 at 12:16 PM, Ryan Backman rback...@georgefox.edu wrote: Thanks Mike and Kenn for the replies... Kenn, I was a little overzealous when redacting out of the my example config... my actual config has the double parenthesis at the end. Mike, I've tried the both your example and a '(objectClass=DoesntExist)' with no change. Does anyone have any ideas about why I can't see any log information from ExternalAuth. It looks like its installed but the only log info I get is about Web.pm. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston — March 5 6, 2012 RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Thanks Mike and Kenn for the replies... Kenn, I was a little overzealous when redacting out of the my example config... my actual config has the double parenthesis at the end. Mike, I've tried the both your example and a '(objectClass=DoesntExist)' with no change. Does anyone have any ideas about why I can't see any log information from ExternalAuth. It looks like its installed but the only log info I get is about Web.pm. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Ryan,
Looks like you're missing a right ) at the end of your filter line.
Kenn
On Thu, Dec 8, 2011 at 4:41 PM, Ryan Backman rback...@georgefox.edu wrote:
I'm having a bit of trouble getting ExternalAuth to work. I've scoured
the archives and the net and found many suggestions, but none have made any
changes.
- I've setup logging to go to a seperate file, but all I get is a Login
Failure message in this file when I try to login:
[Thu Dec 8 23:38:32 2011] [error]: FAILED LOGIN for rbackman from
xx.xx.xx.xx (/usr/share/request-tracker3.8/lib/RT/Interface/Web.pm:424)
- I'm seeing correct values in the online configuration view inside RT
indicating that ExternalAuth is loaded as a Plugin and that
ExternalAuthPriority is My_LDAP.
- I can use the ldapsearch tool with the same variables on the same box
successfully
Any help is much appreciated.
Below is my configuration:
Set( @Plugins, qw(RT::Authen::ExternalAuth) );
Set ( $ExternalAuthPriority, [ 'My_LDAP' ] );
Set ( $ExternalInfoPriority, [ 'My_LDAP' ] );
Set($ExternalServiceUsesSSLorTLS,0);
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {
'My_LDAP' = {
'type' = 'ldap',
'server'= 'server.domain.edu',
'user' = 'CN=user,OU=admin...',
'pass' = 'pass',
'base' = 'dc=domain,...',
'filter'=
'((objectClass=user)(memberOf=CN=Staff...)',
'd_filter' = '(userAccountControl=514)',
'tls' = 0,
'ssl_version' = 3,
'net_ldap_args' = [version = 3 ],
'group' = 'CN=All Users,...',
'group_attr'= 'member',
'attr_match_list' = ['Name',
'EmailAddress'
],
'attr_map' = { 'Name' =
'sAMAccountName',
'EmailAddress' =
'mail',
'ExternalAuthId'
= 'sAMAccountName',
'Gecos' =
'sAMAccountName'
}
}
}
);
1;
=+=+=+=+=+=+=+=+=+
Ryan Backman
Programmer / Analyst
George Fox University
503.554.2576
=+=+=+=+=+=+=+=+=+
RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 6, 2012
RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
I'm by no means an expert at this at all but I see you are using
sAMAccountName which leads me to believe you are connecting to Active
Directory.
I had to use the bitmask version of the d_filter for the ldap search to
filter out disabled users...
not sure if this has anything to do with why you aren't able to login, but
it's just something that stood out to me.
My d_filter line is below
'd_filter' =
'(userAccountControl:1.2.840.113556.1.4.803:=2)',
Ken is also accurate in that you are missing a right parenthesis on your
filter line.
My filter line is below(so you can see how to use the ( stuff more
stuff)
'filter'= '((objectCategory=User) (ObjectClass=Person))',
Hope that helps!
Mike.
On Thu, Dec 8, 2011 at 7:41 PM, Ryan Backman rback...@georgefox.edu wrote:
I'm having a bit of trouble getting ExternalAuth to work. I've scoured
the archives and the net and found many suggestions, but none have made any
changes.
- I've setup logging to go to a seperate file, but all I get is a Login
Failure message in this file when I try to login:
[Thu Dec 8 23:38:32 2011] [error]: FAILED LOGIN for rbackman from
xx.xx.xx.xx (/usr/share/request-tracker3.8/lib/RT/Interface/Web.pm:424)
- I'm seeing correct values in the online configuration view inside RT
indicating that ExternalAuth is loaded as a Plugin and that
ExternalAuthPriority is My_LDAP.
- I can use the ldapsearch tool with the same variables on the same box
successfully
Any help is much appreciated.
Below is my configuration:
Set( @Plugins, qw(RT::Authen::ExternalAuth) );
Set ( $ExternalAuthPriority, [ 'My_LDAP' ] );
Set ( $ExternalInfoPriority, [ 'My_LDAP' ] );
Set($ExternalServiceUsesSSLorTLS,0);
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {
'My_LDAP' = {
'type' = 'ldap',
'server'= 'server.domain.edu',
'user' = 'CN=user,OU=admin...',
'pass' = 'pass',
'base' = 'dc=domain,...',
'filter'=
'((objectClass=user)(memberOf=CN=Staff...)',
'd_filter' = '(userAccountControl=514)',
'tls' = 0,
'ssl_version' = 3,
'net_ldap_args' = [version = 3 ],
'group' = 'CN=All Users,...',
'group_attr'= 'member',
'attr_match_list' = ['Name',
'EmailAddress'
],
'attr_map' = { 'Name' =
'sAMAccountName',
'EmailAddress' =
'mail',
'ExternalAuthId'
= 'sAMAccountName',
'Gecos' =
'sAMAccountName'
}
}
}
);
1;
=+=+=+=+=+=+=+=+=+
Ryan Backman
Programmer / Analyst
George Fox University
503.554.2576
=+=+=+=+=+=+=+=+=+
RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston — March 5 6, 2012
--
Mike Johnson
Datatel Programmer/Analyst
Northern Ontario School of Medicine
955 Oliver Road
Thunder Bay, ON P7B 5E1
Phone: (807) 766-7331
Email: mike.john...@nosm.ca
RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston March 5 6, 2012
