Running SuSE Linux, eDirectory, LDAP, RT 3.8.7. In my test setting, I can query ldap anonymously. I downloaded RT-Authen-ExternalAuth-0.08.tar.gz and installed it. I notice the wiki page (ExternalAuth - Request Tracker Wiki ) says to “answer the prompt as to your RT base directory”, but I didn’t observe that behavior. Added the required entries to RT_SiteConfig.pm as far as I can tell (see below). Trying to log on as “mjames”, I only get “your username or password is incorrect”.
I feel like I’m missing something obvious… Any ideas?
Mike
Output of ldapsearch command:
rt384:~ # ldapsearch -x -b “o=sbf” -h lxutility “cn=mjames” mail uid
extended LDIF
LDAPv3
base <o=sbf> with scope subtree
filter: cn=mjames
requesting: mail uid
MJames, STONEBRIDGE, SBF
dn: cn=MJames,ou=STONEBRIDGE,o=SBF
MJames, Users, STONEBRIDGEBANK, SBF
dn: cn=MJames,cn=Users,ou=STONEBRIDGEBANK,o=SBF
uid: MJames
mail: MJames@stonebridgebank.com
search result
search: 2
result: 0 Success
numResponses: 3
numEntries: 2
cat RT_SiteConfig.pm
Set( $rtname, ‘CashMgt’);
Set(@Plugins , qw(RT::Authen::ExternalAuth));
Set($WebBaseURL , “http://cashmgt.stonebridgebank.com”);
Set( $Organization , “cashmgt.stonebridgebank.com”);
Set($Timezone , “US/Eastern”);
Set($RTAddressRegexp , ‘^rt@cashmgt.stonebridgebank.com$’);
Set($DatabaseType , ‘mysql’);
Set($DatabaseUser , ‘rt_user’);
Set($DatabasePassword , ‘rt_pass’);
Set($DatabaseName , ‘cashmgt’);
Set($DatabaseHost , ‘localhost’);
Set($DatabaseRTHost , ‘localhost’);
Set($MaxAttachmentSize, 50000000);
Set($WebPath , “”);
Set($CorrespondAddress , ‘correspond@cashmgt.stonebridgebank.com’);
Set($CommentAddress , ‘comment@cashmgt.stonebridgebank.com’);
Set($ExternalAuthPriority, [ ‘My_LDAP’,
‘My_MySQL’,
]
);
Set($ExternalInfoPriority, [ ‘My_MySQL’,
‘My_LDAP’
]
);
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 0);
Set($ExternalSettings, { # AN EXAMPLE DB SERVICE
‘My_MySQL’ => { ## GENERIC SECTION
‘type’ => ‘db’,
‘server’ => ‘localhost’,
‘database’ => ‘cashmgt’,
‘table’ => ‘USERS’,
‘user’ => ‘rt_user’,
‘pass’ => ‘rt_pass’,
‘port’ => ‘3306’,
‘dbi_driver’ => ‘mysql’,
‘u_field’ => ‘name’,
‘p_field’ => ‘password’,
‘p_enc_pkg’ => ‘Crypt::MySQL’,
‘p_enc_sub’ => ‘password’,
‘d_field’ => ‘disabled’,
‘d_values’ => [‘0’],
‘attr_match_list’ => [ ‘Gecos’,
‘Name’
],
‘attr_map’ => { ‘Name’ => ‘username’,
‘EmailAddress’ => ‘email’,
‘ExternalAuthId’ => ‘username’,
‘Gecos’ => ‘userID’
}
},
# AN EXAMPLE LDAP SERVICE
‘My_LDAP’ => { ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ => ‘172.31.4.56’,
‘base’ => ‘o=sbf’,
‘filter’ => ‘(objectClass=*)’,
‘d_filter’ => ‘(employmentStatus=Terminated)’,
‘tls’ => 0,
‘ssl_version’ => 3,
‘net_ldap_args’ => [ version => 3 ],
‘attr_match_list’ => [
‘Name’,
‘EmailAddress’
],
# The mapping of RT attributes on to LDAP attributes
‘attr_map’ => { ‘Name’ => ‘uid’,
‘EmailAddress’ => ‘mail’
}
},
}
);
1;
The information in this message may be proprietary and/or confidential, and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify Stonebridge Bank immediately by replying to this message and deleting it from your computer.