subject:"\[rt\-users\] Help \- RT4.2.7 Authen\:\:ExternalAuth via, OpenLDAP"

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via, OpenLDAP

2014-10-07 Thread Kevin Falcone

On Mon, Oct 06, 2014 at 02:34:40PM -0400, William Clarke wrote:
 RT 4.2.7 and RT-Authen-ExternalAuth-0.23

0.23 or 0.23_01 the dev release?

Your log points to line 491

 [29370] [Mon Oct  6 18:20:02 2014] [error]: Couldn't create user wclarke: 
 Could
 not set user info 
 (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/
 ExternalAuth.pm:491)

But line 491 of 0.23 is blank

https://github.com/bestpractical/rt-authen-externalauth/blob/5a3a85c36f2e0abc43a0b0483b6e01e4d390ec54/lib/RT/Authen/ExternalAuth.pm#L491

Line 491 of 0.23_01 has an error message there

https://github.com/bestpractical/rt-authen-externalauth/blob/master/lib/RT/Authen/ExternalAuth.pm#L491

So, let's nail down what you're actually running, since you may just
have tripped a bug in 0.23_01 if that's what you have installed.


BTW - is there a reason you've only configured Auth and not Info?
That's probably making it very hard for RT to create the user, since
it can't go fetch any info.

-kevin


pgpbmkhIaOMkT.pgp
Description: PGP signature
-- 
RT Training November 4  5 Los Angeles
http://bestpractical.com/training

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via, OpenLDAP

2014-10-07 Thread William Clarke

Ouch, I apologize I missed that. I was initially using .23 release but 
then later installed the latest dev .23_01 in hopes all my problems 
would vanish. Well just reinstalled .23 just now and the logs I'm seeing 
might be a little more interesting to us all. Oh and it really helps 
when I add the following as you suggested, I didn't leave that out 
intentionally


Set( $ExternalInfoPriority, [My_LDAP] );

External Auth is working like a charm now so THANK YOU KEVIN!

[3298] [Tue Oct  7 15:40:07 2014] [debug]: Attempting to use external 
auth service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:371)
[3298] [Tue Oct  7 15:40:07 2014] [debug]: Calling UserExists with 
$username (wclarke) and $service (My_LDAP) 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:412)

[3298] [Tue Oct  7 15:40:07 2014] [debug]: UserExists params:
username: wclarke , service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:437)
[3298] [Tue Oct  7 15:40:07 2014] [debug]: LDAP Search === Base: 
dc=simons-rock,dc=edu == Filter: ((objectClass=*)(uid=wclarke)) == 
Attrs: mail,uid 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:467)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: 
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by 
RT::Authen::ExternalAuth 
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 
860 with: Disabled: , EmailAddress: , Gecos: wclarke, Name: wclarke, 
Privileged: 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:757)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: Attempting to get user info 
using this external service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:765)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: Attempting to use this 
canonicalization key: Name 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:779)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: LDAP Search === Base: 
dc=simons-rock,dc=edu == Filter: ((objectClass=*)(uid=wclarke)) == 
Attrs: mail,uid 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:355)
[3298] [Tue Oct  7 15:40:08 2014] [info]: 
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: , 
EmailAddress: wcla...@simons-rock.edu, Gecos: wclarke, Name: wclarke, 
Privileged: , RealName: 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:843)
[3298] [Tue Oct  7 15:40:08 2014] [info]: Autocreated external user 
wclarke ( 22 ) 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:439)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: Loading new user ( wclarke ) 
into current session 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:445)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: Password validation required 
for service - Executing... 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:462)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: Trying external auth service: 
My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:151)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: LDAP Search === Base: 
dc=simons-rock,dc=edu == Filter: ((uid=wclarke)(objectClass=*)) == 
Attrs: dn 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:184)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: Found LDAP DN: 
uid=wclarke,ou=People,dc=simons-rock,dc=edu 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:218)
[3298] [Tue Oct  7 15:40:08 2014] [info]: 
RT::Authen::ExternalAuth::LDAP::GetAuth External Auth OK ( My_LDAP ): 
wclarke 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:299)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: LDAP password validation 
result: 1 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:641)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: Password Validation Check 
Result:  1 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:466)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: Authentication successful. 
Now updating user information and attempting login. 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:486)

[3298] [Tue Oct  7 15:40:08 2014] [debug]: UserExists params:
username: wclarke , service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:437)
[3298] [Tue Oct  7 15:40:08 2014] [debug]: LDAP Search === Base: 
dc=simons-rock,dc=edu == Filter: ((objectClass=*)(uid=wclarke)) == 
Attrs: mail,uid 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:467)

[3298] [Tue Oct  7 15:40:08 2014] [debug]: UserExists params:
username: wclarke , service: My_LDAP

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via, OpenLDAP

2014-10-07 Thread Kevin Falcone

On Tue, Oct 07, 2014 at 11:46:57AM -0400, William Clarke wrote:
 Ouch, I apologize I missed that. I was initially using .23 release but then
 later installed the latest dev .23_01 in hopes all my problems would vanish.
 Well just reinstalled .23 just now and the logs I'm seeing might be a little
 more interesting to us all. Oh and it really helps when I add the following as
 you suggested, I didn't leave that out intentionally
 
 Set( $ExternalInfoPriority, [My_LDAP] );
 
 External Auth is working like a charm now so THANK YOU KEVIN!

If you have cycles, would you confirm that 0.23_01 works too now that you've
added in the InfoPriority line?

It'll help us be more confident eventually releasing that as 0.24.

Thanks

-kevin


pgphTzmraRHSr.pgp
Description: PGP signature
-- 
RT Training November 4  5 Los Angeles
http://bestpractical.com/training

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via, OpenLDAP

2014-10-07 Thread William Clarke


Kevin,

I just reinstalled .23_01 - Double-checked that it was infact 
ExternalAuth.pm .23_01 and yes, it is still working. Here are logs from 
a successful login and thanks again:


[3696] [Tue Oct  7 16:33:47 2014] [debug]: Attempting to use external 
auth service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:424)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: Calling UserExists with 
$username (wclarke) and $service (My_LDAP) 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:465)

[3696] [Tue Oct  7 16:33:47 2014] [debug]: UserExists params:
username: wclarke , service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:439)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: LDAP Search === Base: 
dc=simons-rock,dc=edu == Filter: ((objectClass=*)(uid=wclarke)) == 
Attrs: uid,mail 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:469)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: Password validation required 
for service - Executing... 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:517)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: Trying external auth service: 
My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:153)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: LDAP Search === Base: 
dc=simons-rock,dc=edu == Filter: ((uid=wclarke)(objectClass=*)) == 
Attrs: dn 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:186)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: Found LDAP DN: 
uid=wclarke,ou=People,dc=simons-rock,dc=edu 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:220)
[3696] [Tue Oct  7 16:33:47 2014] [info]: 
RT::Authen::ExternalAuth::LDAP::GetAuth External Auth OK ( My_LDAP ): 
wclarke 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:301)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: LDAP password validation 
result: 1 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:696)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: Password Validation Check 
Result:  1 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:521)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: Authentication successful. 
Now updating user information and attempting login. 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:541)

[3696] [Tue Oct  7 16:33:47 2014] [debug]: UserExists params:
username: wclarke , service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:439)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: LDAP Search === Base: 
dc=simons-rock,dc=edu == Filter: ((objectClass=*)(uid=wclarke)) == 
Attrs: uid,mail 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:469)

[3696] [Tue Oct  7 16:33:47 2014] [debug]: UserExists params:
username: wclarke , service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:439)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: LDAP Search === Base: 
dc=simons-rock,dc=edu == Filter: ((objectClass=*)(uid=wclarke)) == 
Attrs: uid,mail 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:469)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: No d_filter specified for 
this LDAP service ( My_LDAP ), so considering all users enabled 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:529)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: 
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by 
RT::Authen::ExternalAuth 
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 
885 with: Name: wclarke 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:792)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: Attempting to get user info 
using this external service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:800)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: Attempting to use this 
canonicalization key: Name 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:809)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: LDAP Search === Base: 
dc=simons-rock,dc=edu == Filter: ((objectClass=*)(uid=wclarke)) == 
Attrs: uid,mail 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357)
[3696] [Tue Oct  7 16:33:47 2014] [info]: 
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning EmailAddress: 
wcla...@simons-rock.edu, Name: wclarke, RealName: 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:868)
[3696] [Tue Oct  7 16:33:47 2014] [debug]: UPDATED user ( wclarke ) from 
External Service 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:669)
[3696] [Tue Oct  7 16:33:47 2014] [info]: Successful login for wclarke 
from

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP

2014-10-06 Thread Kevin Falcone

On Fri, Oct 03, 2014 at 01:50:54PM -0400, William Clarke wrote:
 A little more info after checking rt4 logs:
 Oct  3 10:20:16 rtracker6 RT: [16022]
 RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: ,
 EmailAddress: , Gecos: wclarke, Name: wclarke, Privileged:
 Oct  3 10:20:16 rtracker6 RT: [16022] Couldn't create user wclarke: Could not
 set user info
 Oct  3 10:20:16 rtracker6 RT: [16022] FAILED LOGIN for wclarke from 
 10.30.2.210

These are the more useful logs.
You should ensure you have your logs set to debug and show the
preceding lines which are important.

I find it suspicious that it didn't return an email address, but did
return a Gecos.  Implies your configuration is not what you sent to
the list.

You should also say your RT and RT-Authen-ExternalAuth versions
explicitly.

-kevin


pgpSif1OvcnEK.pgp
Description: PGP signature
-- 
RT Training November 4  5 Los Angeles
http://bestpractical.com/training

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via, OpenLDAP

2014-10-06 Thread William Clarke


Thank you very much for the response Kevin.

RT 4.2.7 and RT-Authen-ExternalAuth-0.23

I triple-checked and this is surely my RT_SiteConfig.pm file and as you 
saw yes, the logs to definitely show it's populating the Gecos field 
when not requested and not populating the EmailAddress field. Please see 
RT debug logs below:


Set( $ExternalAuthPriority, [My_LDAP] );
Set( $ExternalAuthInfo, [My_LDAP] );
Set( $ExternalSettings, {
'My_LDAP'   =  {
'type'  =  'ldap',
'server'= 'ldap2.simons-rock.edu',
'base'  = 'dc=simons-rock,dc=edu',
'filter'= '(objectClass=*)',

'attr_match_list' = [
'Name',
'EmailAddress',
],
'attr_map' = {
'Name' = 'uid',
'EmailAddress' = 'mail',
},
},
} );

# You must install Plugins on your own, this is only an example
# of the correct syntax to use when activating them:
#   Plugin( RT::Extension::SLA );
#   Plugin( RT::Authen::ExternalAuth );

Plugin( RT::Authen::ExternalAuth );
#   Plugin( RT::Extension::Assets );
#   plugin( RT::Extension::Assets::Import::CSV );
1;

[29370] [Mon Oct  6 18:20:02 2014] [debug]: Attempting to use external 
auth service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:424)
[29370] [Mon Oct  6 18:20:02 2014] [debug]: Calling UserExists with 
$username (wclarke) and $service (My_LDAP) 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:465)

[29370] [Mon Oct  6 18:20:02 2014] [debug]: UserExists params:
username: wclarke , service: My_LDAP 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:439)
[29370] [Mon Oct  6 18:20:02 2014] [debug]: LDAP Search === Base: 
dc=simons-rock,dc=edu == Filter: ((objectClass=*)(uid=wclarke)) == 
Attrs: uid,mail 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:469)
[29370] [Mon Oct  6 18:20:02 2014] [debug]: 
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by 
RT::Authen::ExternalAuth 
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 
885 with: Disabled: , EmailAddress: , Gecos: wclarke, Name: wclarke, 
Privileged: 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:792)
[29370] [Mon Oct  6 18:20:02 2014] [info]: 
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: , 
EmailAddress: , Gecos: wclarke, Name: wclarke, Privileged: 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:868)
[29370] [Mon Oct  6 18:20:02 2014] [error]: Couldn't create user 
wclarke: Could not set user info 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:491)
[29370] [Mon Oct  6 18:20:02 2014] [debug]: Autohandler called 
ExternalAuth. Response: (0, No User) 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:16)
[29370] [Mon Oct  6 18:20:02 2014] [error]: FAILED LOGIN for wclarke 
from 10.30.2.210 (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:810)


Message: 4
Date: Mon, 6 Oct 2014 11:51:42 -0400
From: Kevin Falconefalc...@bestpractical.com
To:rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via
OpenLDAP
Message-ID:20141006155142.gj2...@jibsheet.com
Content-Type: text/plain; charset=iso-8859-1

On Fri, Oct 03, 2014 at 01:50:54PM -0400, William Clarke wrote:


A little more info after checking rt4 logs:
Oct? 3 10:20:16 rtracker6 RT: [16022]
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: ,
EmailAddress: , Gecos: wclarke, Name: wclarke, Privileged:
Oct? 3 10:20:16 rtracker6 RT: [16022] Couldn't create user wclarke: Could not
set user info
Oct? 3 10:20:16 rtracker6 RT: [16022] FAILED LOGIN for wclarke from 10.30.2.210


These are the more useful logs.
You should ensure you have your logs set to debug and show the
preceding lines which are important.

I find it suspicious that it didn't return an email address, but did
return a Gecos.  Implies your configuration is not what you sent to
the list.

You should also say your RT and RT-Authen-ExternalAuth versions
explicitly.

-kevin


--

William Clarke
ITS System Administrator
Bard College at Simon's Rock
84 Alford Road
Great Barrington, MA  01230
(413) 528-7428 (voice)
(413) 528-7405 (fax)
wcla...@simons-rock.edu

-- 
RT Training November 4  5 Los Angeles
http://bestpractical.com/training

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP

2014-10-03 Thread William Clarke

Sorry, I sent that a little prematurely. RT shows your username or 
password is incorrect : (


On 10/3/2014 10:58 AM, William Clarke wrote:

Hi all,

CentOS6.5 \ Apache 2.2.15 \ Perl 5.18.2 \ MariaDB 5.5.39

I followed these instructions for my RT build:
http://binarynature.blogspot.pt/2013/05/install-request-tracker-4.html

I'm very new to RT. I've read up what I could find on CPAN, wiki and 
Google and I'm not quite sure which way to go here. RT is connecting 
to our ldap and a search result is found but the logs in ldap show 
closed (connection lost) so I suspect RT isn't seeing\getting the 
response back from LDAP. I have some examples below showing RT's LDAP 
requests with logs as well as the same search run via command line.


The main differences I can see in logs so far is command line test 
sends scope=2 deref=0 vs RT test scope=2 deref=2 and also that the 
RT test doesn't unbind and the connection is lost.


Command line: ldapsearch -x -p 389 -h ldap.simons-rock.edu -b 
ou=People,dc=simons-rock,dc=edu (((uid=*))(uid=wclarke)) mail uid


# extended LDIF
#
# LDAPv3
# base ou=People,dc=simons-rock,dc=edu with scope subtree
# filter: (((uid=*))(uid=wclarke))
# requesting: mail uid
#

# wclarke, People, simons-rock.edu
dn: uid=wclarke,ou=People,dc=simons-rock,dc=edu
uid: wclarke
mail: wcla...@simons-rock.edu

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
---
Logs from ldap via command line - loglevel 256
---
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 ACCEPT from 
IP=10.30.2.36:51249 (IP=0.0.0.0:389)

Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 BIND dn= method=128
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 RESULT tag=97 
err=0 text=
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH 
base=ou=People,dc=simons-rock,dc=edu scope=2 deref=0 
filter=(((uid=*))(uid=wclarke))

Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH attr=mail uid
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=

Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=2 UNBIND
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 closed
---
Logs from ldap when logging into RT - loglevel 256
---
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 ACCEPT from 
IP=10.30.2.36:51262 (IP=0.0.0.0:389)

Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 BIND dn= method=128
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 RESULT tag=97 
err=0 text=
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH 
base=ou=People,dc=simons-rock,dc=edu scope=2 deref=2 
filter=(((uid=*))(uid=wclarke))

Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH attr=uid mail
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 closed 
(connection lost)

---
External Settings from: RT_SiteConfig.pm
---
Set( $ExternalSettings, {
'My_LDAP'   =  {
'type'  =  'ldap',
'server'= 'ldap2.simons-rock.edu',
'base'  = 
'ou=People,dc=simons-rock,dc=edu',

'filter'= '(objectClass=*)',
'net_ldap_args' = [version =  3   ],

'attr_match_list' = [
'Name',
'EmailAddress',
],
'attr_map' = {
'Name' = 'uid',
'EmailAddress' = 'mail',
},
},
} );

# You must install Plugins on your own, this is only an example
# of the correct syntax to use when activating them:
#   Plugin( RT::Extension::SLA );
#   Plugin( RT::Authen::ExternalAuth );

Plugin( RT::Authen::ExternalAuth );
#   Plugin( RT::Extension::Assets );
#   plugin( RT::Extension::Assets::Import::CSV );
1;
--

William Clarke
ITS System Administrator
Bard College at Simon's Rock
84 Alford Road
Great Barrington, MA  01230
(413) 528-7428 (voice)
(413) 528-7405 (fax)
wcla...@simons-rock.edu


-- 
RT Training November 4  5 Los Angeles
http://bestpractical.com/training

[rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP

2014-10-03 Thread William Clarke


Hi all,

CentOS6.5 \ Apache 2.2.15 \ Perl 5.18.2 \ MariaDB 5.5.39

I followed these instructions for my RT build:
http://binarynature.blogspot.pt/2013/05/install-request-tracker-4.html

I'm very new to RT. I've read up what I could find on CPAN, wiki and 
Google and I'm not quite sure which way to go here. RT is connecting to 
our ldap and a search result is found but the logs in ldap show closed 
(connection lost) so I suspect RT isn't seeing\getting the response 
back from LDAP. I have some examples below showing RT's LDAP requests 
with logs as well as the same search run via command line.


The main differences I can see in logs so far is command line test sends 
scope=2 deref=0 vs RT test scope=2 deref=2 and also that the RT test 
doesn't unbind and the connection is lost.


Command line: ldapsearch -x -p 389 -h ldap.simons-rock.edu -b 
ou=People,dc=simons-rock,dc=edu (((uid=*))(uid=wclarke)) mail uid


# extended LDIF
#
# LDAPv3
# base ou=People,dc=simons-rock,dc=edu with scope subtree
# filter: (((uid=*))(uid=wclarke))
# requesting: mail uid
#

# wclarke, People, simons-rock.edu
dn: uid=wclarke,ou=People,dc=simons-rock,dc=edu
uid: wclarke
mail: wcla...@simons-rock.edu

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
---
Logs from ldap via command line - loglevel 256
---
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 ACCEPT from 
IP=10.30.2.36:51249 (IP=0.0.0.0:389)

Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 BIND dn= method=128
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 RESULT tag=97 err=0 
text=
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH 
base=ou=People,dc=simons-rock,dc=edu scope=2 deref=0 
filter=(((uid=*))(uid=wclarke))

Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH attr=mail uid
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=

Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=2 UNBIND
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 closed
---
Logs from ldap when logging into RT - loglevel 256
---
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 ACCEPT from 
IP=10.30.2.36:51262 (IP=0.0.0.0:389)

Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 BIND dn= method=128
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 RESULT tag=97 err=0 
text=
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH 
base=ou=People,dc=simons-rock,dc=edu scope=2 deref=2 
filter=(((uid=*))(uid=wclarke))

Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH attr=uid mail
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 closed (connection 
lost)

---
External Settings from: RT_SiteConfig.pm
---
Set( $ExternalSettings, {
'My_LDAP'   =  {
'type'  =  'ldap',
'server'= 'ldap2.simons-rock.edu',
'base'  = 
'ou=People,dc=simons-rock,dc=edu',

'filter'= '(objectClass=*)',
'net_ldap_args' = [version =  3   ],

'attr_match_list' = [
'Name',
'EmailAddress',
],
'attr_map' = {
'Name' = 'uid',
'EmailAddress' = 'mail',
},
},
} );

# You must install Plugins on your own, this is only an example
# of the correct syntax to use when activating them:
#   Plugin( RT::Extension::SLA );
#   Plugin( RT::Authen::ExternalAuth );

Plugin( RT::Authen::ExternalAuth );
#   Plugin( RT::Extension::Assets );
#   plugin( RT::Extension::Assets::Import::CSV );
1;

--

William Clarke
ITS System Administrator
Bard College at Simon's Rock
84 Alford Road
Great Barrington, MA  01230
(413) 528-7428 (voice)
(413) 528-7405 (fax)
wcla...@simons-rock.edu

-- 
RT Training November 4  5 Los Angeles
http://bestpractical.com/training

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP

2014-10-03 Thread William Clarke


A little more info after checking rt4 logs:
Oct  3 10:20:16 rtracker6 RT: [16022] 
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: , 
EmailAddress: , Gecos: wclarke, Name: wclarke, Privileged:
Oct  3 10:20:16 rtracker6 RT: [16022] Couldn't create user wclarke: 
Could not set user info
Oct  3 10:20:16 rtracker6 RT: [16022] FAILED LOGIN for wclarke from 
10.30.2.210


On 10/3/2014 11:06 AM, William Clarke wrote:
Sorry, I sent that a little prematurely. RT shows your username or 
password is incorrect : (


On 10/3/2014 10:58 AM, William Clarke wrote:

Hi all,

CentOS6.5 \ Apache 2.2.15 \ Perl 5.18.2 \ MariaDB 5.5.39

I followed these instructions for my RT build:
http://binarynature.blogspot.pt/2013/05/install-request-tracker-4.html

I'm very new to RT. I've read up what I could find on CPAN, wiki and 
Google and I'm not quite sure which way to go here. RT is connecting 
to our ldap and a search result is found but the logs in ldap show 
closed (connection lost) so I suspect RT isn't seeing\getting the 
response back from LDAP. I have some examples below showing RT's LDAP 
requests with logs as well as the same search run via command line.


The main differences I can see in logs so far is command line test 
sends scope=2 deref=0 vs RT test scope=2 deref=2 and also that 
the RT test doesn't unbind and the connection is lost.


Command line: ldapsearch -x -p 389 -h ldap.simons-rock.edu -b 
ou=People,dc=simons-rock,dc=edu (((uid=*))(uid=wclarke)) mail uid


# extended LDIF
#
# LDAPv3
# base ou=People,dc=simons-rock,dc=edu with scope subtree
# filter: (((uid=*))(uid=wclarke))
# requesting: mail uid
#

# wclarke, People, simons-rock.edu
dn: uid=wclarke,ou=People,dc=simons-rock,dc=edu
uid: wclarke
mail: wcla...@simons-rock.edu

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
---
Logs from ldap via command line - loglevel 256
---
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 ACCEPT from 
IP=10.30.2.36:51249 (IP=0.0.0.0:389)

Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 BIND dn= method=128
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=0 RESULT tag=97 
err=0 text=
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH 
base=ou=People,dc=simons-rock,dc=edu scope=2 deref=0 
filter=(((uid=*))(uid=wclarke))

Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SRCH attr=mail uid
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=

Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 op=2 UNBIND
Oct  3 09:59:05 ldap2 slapd[1466]: conn=355216 fd=19 closed
---
Logs from ldap when logging into RT - loglevel 256
---
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 ACCEPT from 
IP=10.30.2.36:51262 (IP=0.0.0.0:389)

Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 BIND dn= method=128
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=0 RESULT tag=97 
err=0 text=
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH 
base=ou=People,dc=simons-rock,dc=edu scope=2 deref=2 
filter=(((uid=*))(uid=wclarke))

Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SRCH attr=uid mail
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 op=1 SEARCH RESULT 
tag=101 err=0 nentries=1 text=
Oct  3 10:00:43 ldap2 slapd[1466]: conn=355234 fd=19 closed 
(connection lost)

---
External Settings from: RT_SiteConfig.pm
---
Set( $ExternalSettings, {
'My_LDAP'   =  {
'type'  =  'ldap',
'server'= 'ldap2.simons-rock.edu',
'base'  = 
'ou=People,dc=simons-rock,dc=edu',

'filter'= '(objectClass=*)',
'net_ldap_args' = [version =  3   ],

'attr_match_list' = [
'Name',
'EmailAddress',
],
'attr_map' = {
'Name' = 'uid',
'EmailAddress' = 'mail',
},
},
} );

# You must install Plugins on your own, this is only an example
# of the correct syntax to use when activating them:
#   Plugin( RT::Extension::SLA );
#   Plugin( RT::Authen::ExternalAuth );

Plugin( RT::Authen::ExternalAuth );
#   Plugin( RT::Extension::Assets );
#   plugin( RT::Extension::Assets::Import::CSV );
1;
--

William Clarke
ITS System

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via, OpenLDAP

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via, OpenLDAP

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via, OpenLDAP

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via, OpenLDAP

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via, OpenLDAP

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP

[rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP

Re: [rt-users] Help - RT4.2.7 Authen::ExternalAuth via OpenLDAP

9 matches

Site Navigation

Mail list logo

Footer information