AD user logged in, but no ticket is seen

RT Users
1

Ldap user authentication seems to work using RT-Authen-ExternalAuth. An AD user can login and create tickets in a queue, but next time the same user logged in he sees no open/closed tickets. Only root user can see all the tickets.

Cannot add user rights to the AD user. Once I put the AD user name in the field and check a box, it will say “Invalid username”.

I’ve created a group as root within RT gui, assigned all possible rights for it, and added the AD user as a member. Still, this user doesn’t see any ticket.

This is the first time I compiled RT 4.0.4 on a RHEL 6.1. Following is the RT_SiteConfig.pm file I’m using.

Set( $DatabaseUser, ‘rt_user’ );
Set( $CorrespondAddress, ‘x2@mdanderson.org’ );
Set( $rtname, ‘xrt.mdanderson.edu’ );
Set( $DatabaseRequireSSL, ‘’ );
Set( $WebPort, ‘80’ );
Set( $Organization, ‘mdanderson.edu’ );
Set( $DatabaseType, ‘mysql’ );
Set( $DatabasePort, ‘’ );
Set( $DatabasePassword, ‘password’ );
Set( $DatabaseAdmin, ‘root’ );
Set( $SendmailPath, ‘/usr/sbin/sendmail’ );
Set( $WebDomain, ‘xrt.mdanderson.edu’ );
Set( $DatabaseAdminPassword, ‘’ );
Set( $CommentAddress, ‘x@mdanderson.org’ );
Set( $DatabaseHost, ‘localhost’ );
Set( $DatabaseName, ‘rt4’ );
Set( $OwnerEmail, ‘x2@mdanderson.org’ );
Set( @Plugins, qw(RT::Authen::ExternalAuth) );

Set($ExternalAuthPriority, [ ‘My_MySQL’,
‘My_LDAP’
]
);
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 0);
Set($ExternalSettings, {
‘My_MySQL’ => {
‘type’ => ‘db’,
‘server’ => ‘dqsrt.mdanderson.edu’,
‘database’ => ‘rt4’,
‘table’ => ‘Users’,
‘user’ => ‘rt_user’,
‘pass’ => ‘password’,
‘port’ => ‘3306’,
‘dbi_driver’ => ‘mysql’,
‘u_field’ => ‘Name’,
‘p_field’ => ‘Password’,
‘p_enc_pkg’ => ‘Crypt::MySQL’,
‘p_enc_sub’ => ‘password’,
‘d_field’ => ‘disabled’,
‘d_values’ => [‘0’],
‘attr_map’ => { ‘Name’ => ‘Name’, }
},
‘My_LDAP’ => {
‘type’ => ‘ldap’,
‘server’ => ‘dcpwpdc1.mdanderson.edu’,
‘user’ => ‘s_dqs_svn’,
‘pass’ => ‘Juoo9k88’,
‘base’ => ‘ou=people,dc=mdanderson,dc=edu’,
‘d_filter’ => ‘(userAccountControl:1.2.840.113556.1.4.803:=2)’,
‘tls’ => 0,
‘ssl_version’ => 3,
‘net_ldap_args’ => [ version => 3 ],
‘attr_map’ => { ‘Name’ => ‘samaccountname’,
‘EmailAddress’ => ‘mail’,
‘Organization’ => ‘physicaldeliveryofficename’,
‘RealName’ => ‘gecos’,
‘ExternalAuthId’ => ‘sAMAccountName’,
‘Gecos’ => ‘gecos’,
‘WorkPhone’ => ‘telephoneNumber’,
‘Address1’ => ‘streetAddress’,
‘City’ => ‘l’,
‘State’ => ‘st’,
‘Zip’ => ‘postalCode’,
‘Country’ => ‘co’
}
}
}
);
1;

2

Ldap user authentication seems to work using RT-Authen-ExternalAuth. An AD user can login and
create tickets in a queue, but next time the same user logged in he sees no open/closed
tickets. Only root user can see all the tickets.

Cannot add user rights to the AD user. Once I put the AD user name in the field and check a
box, it will say “Invalid username”.

Use the search on Tools → Configuration → Users to confirm the
username that is being imported, then you can add the user to a group
and grant it rights.

It’s quite likely the user is Unprivileged and needs to be made
Privileged.

You should not configure RT-Authen-ExternalAuth to talk back to mysql
for the RT database. For starters, Crypt::MySQL won’t work, and it
isn’t necessary, if LDAP fails, RT will look for an internal password
anyway.

Set($ExternalAuthPriority, [ ‘My_MySQL’,

                             'My_LDAP'

                           ]

);

Set($ExternalServiceUsesSSLorTLS, 0);

Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {

                               'My_MySQL'   =>  {

                                                       'type'                      =>  'db',

                                                       'server'                    =>

‘dqsrt.mdanderson.edu’,

                                                       'database'                  =>  'rt4',

-kevin