Configure ldap on rt 4.4.4

Hi,

I try to use ldap wirh RT 4.4.4 but have this errors on log:

[debug]: Attempting to use external auth service: AD (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:288)
[debug]: SSO Failed and no user to test with. Nexting (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth.pm:316)
[debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt4/share/html/Elements/DoAuth:58)

On my RT_SiteConfig.pm have this configuration.

Set($ExternalAuthPriority,['AD']);
Set($ExternalInfoPriority,['AD']);
Set($ExternalServiceUsesSSLorTLS , 0);
Set($AutoCreateNonExternalUsers , 1);
Set($ExternalSettings,
{
'AD'   =>  {
                'type'     =>  'ldap',
                'server'   =>  '172.17.10.2',
                'user'     =>  'user01',
                'pass'     =>  'pass01',
                ...

Is it correct this configuration or need to be configure anything else?

I check RT::Authen::ExternalAuth - RT 4.4.4 Documentation - Best Practical and seeams the configuration are correct but can’t connect to ldap
What is wrong?

anybody have the same error?

See

Probably doesn’t apply here as OP is using ldap with RT and not with webserver

Handy tip for quick debugging of ldap settings:

  1. replicate ExternalAuth Settings for LdapImport
  2. test with rt-ldapimport --verbose --no-groups

These are the settings we use for our AD:

'type'  => 'ldap',
                'server' => 'REDACTED',
                'user' => 'REDACTED',
                'pass' => 'REDACTED',
                'base' => 'REDACTED',
                'filter' => REDACTED,
                'net_ldap_args'             => [ scheme => 'ldaps', port => 636, raw => qr/(?i:^jpegPhoto|;binary)/ ],
                'attr_match_list' =>
                        [
                        'Name'
                        ],
                'attr_map' =>
                        {
                        'Name' => 'sAMAccountName',
                        'EmailAddress' => 'mail',
                        'RealName' => 'cn',
                        'NickName' => 'givenName'
                        }
                }
1 Like