Plugin( “RT::Extension::LDAPImport” );
Uncomment for debug
#Set($LogToSyslog, ‘debug’);
Set( $DatabaseRequireSSL, ‘’ );
Set( $DatabaseType, ‘mysql’ );
Set( $WebDomain, ‘rt.domain_name.com’ );
Set( $WebPort, ‘80’ );
Set( $rtname, ‘DOMAIN_NAME’ ); # or whatever you plan to name the site
Email
Set( $CommentAddress, ‘rt-comments@domain_name.com’ );
Set( $CorrespondAddress, ‘rt-correspondance@domain_name.com’ );
DB config
Set( $DatabaseHost, ‘localhost’ );
Set( $DatabaseName, ‘rt4’ );
Set( $DatabasePassword, ‘password’ );
Set( $DatabasePort, ‘’ );
Set( $DatabaseUser, ‘db_user_name’ );
Set( $Organization, ‘’ );
Set( $OwnerEmail, ‘email_address@domain_name.com’ );
Set( $SendmailPath, ‘/usr/sbin/sendmail’ );
My server is running on port 443, leaving the port 80 lines as reference
#Set(@ReferrerWhitelist, qw(rt:80 rt.domain_name.com:80));
Set(@ReferrerWhitelist, qw(rt.domain_name.com:443));
LDAP Configurations
LDAP Authentication
Set( @Plugins, qw(RT::Authen::ExternalAuth RT::Extension::LDAPImport));
LDAP USER IMPORT
Set($LDAPCreatePrivileged, 1);
Set($LDAPUpdateUsers, 1);
Set($LDAPHost,‘domain_name.com’);
Set($LDAPUser,‘domain_name\ldapreader’);
Set($LDAPPassword,‘your_ldapreader_password_here’);
#my base OU for users, yours will probably differ
Set($LDAPBase,‘ou=users,ou=services,dc=domain_name,dc=com’);
Set($LDAPFilter, ‘(&(objectClass=person))’);
Set($LDAPMapping, {
Name => ‘sAMAccountName’,
EmailAddress => ‘mail’,
Organization => ‘department’,
RealName => ‘cn’,
NickName => ‘givenName’,
ExternalAuthId => ‘sAMAccountName’,
Gecos => ‘sAMAccountName’,
WorkPhone => ‘telephoneNumber’,
MobilePhone => ‘mobile’,
Address1 => ‘streetAddress’,
City => ‘l’,
State => ‘st’,
Zip => ‘postalCode’,
Country => ‘co’
});
LDAP GROUP IMPORT AND MAPPINGS
Set($LDAPGroupMapping, {Name => ‘cn’,
Member_Attr => ‘member’,
Member_Attr_Value => ‘dn’});
#OU/basedn location of groups
Set($LDAPGroupBase, ‘ou=groups,dc=domain_name,dc=com’);
LDAP GROUP FILTERING, Below are 2 examples
#Set($LDAPGroupFilter, ‘cn=Information Technology’);
2 group import example
Set($LDAPGroupFilter, ‘(|(cn=Information Technology)(cn=Facilities))’);
LDAP Authentication
Set($ExternalAuthPriority, [ ‘My_LDAP’,
]
);
Set($ExternalInfoPriority, [ ‘My_LDAP’,
]
);
Set($ExternalSettings, {
‘My_LDAP’ => {
‘type’ => ‘ldap’,
‘server’ => ‘ldap://domain_name.com’,
‘user’ => ‘domain_name\ldapreader’,
‘pass’ => ‘ldapreader_password’,
‘base’ => ‘ou=users,ou=services,dc=domain_name,dc=com’,
‘filter’ => ‘(objectClass=person)’,
‘tls’ => 0,
‘attr_match_list’ => [
‘Name’,
‘EmailAddress’,
‘RealName’,
],
‘attr_map’ => {
‘Name’ => ‘sAMAccountName’,
‘EmailAddress’ => ‘mail’,
‘Organization’ => ‘department’,
‘RealName’ => ‘cn’,
‘NickName’ => ‘givenName’,
‘ExternalAuthId’=> ‘sAMAccountName’,
‘Gecos’ => ‘sAMAccountName’,
‘WorkPhone’ => ‘telephoneNumber’,
‘MobilePhone’ => ‘mobile’,
‘Address1’ => ‘streetAddress’,
‘City’ => ‘l’,
‘State’ => ‘st’,
‘Zip’ => ‘postalCode’,
‘Country’ => ‘co’
},
},
} );
1;
1;On Tue, Jul 5, 2016 at 2:11 AM, Davis Johny davis.johny@in.fcm.travel wrote:
try Enable the ExternalAuth adding below
Set($ExternalAuth, 1);
Regards,
Davis
From: rt-users rt-users-bounces@lists.bestpractical.com on behalf of
Albert Shih Albert.Shih@obspm.fr
Sent: Thursday, June 30, 2016 6:00:26 PM
To: rt-users@lists.bestpractical.com
Subject: [rt-users] Issues with RTExternalAuth
Hi every one.
I try to run a RT 4.4.0.
The
RT::Authen::ExternalAuth
don’t seem to work correctly.
I already check on this mailing list, and try the patch I seem. Nothing
seem to work correctly.
Here my RT_SiteConfig.pm
Set($WebExternalAuth, 1 );
Set($ExternalAuthPriority, [‘PLM’]);
Set($ExternalInfoPriority, [‘PLM’]);
Set($ExternalServiceUsesSSLorTLS, ‘0’);
Set($AutoCreateNonExternalUsers, ‘1’);
Set($ExternalSettings, { ‘PLM’ => { ‘type’ => ‘ldap’,
‘server’ => ‘',
‘user’ => 'uid=nss,o=’,
‘pass’ => ‘',
‘base’ => '’,
‘filter’ => ‘(objectClass=person)’,
‘d_filter’ => ‘’,
‘tls’ => ‘0’,
‘ssl_version’ => ‘3’,
‘net_ldap_args’ => [ ‘version => 3’, ],
‘attr_match_list’ => [ ‘Name’, ‘EmailAddress’, ],
‘attr_map’ => { ‘Name’ => ‘mail’, ‘EmailAddress’ => ‘mail’,
‘Organization’ => ‘ou’, ‘RealName’ => ‘displayName’, ‘WorkPhone’ =>
‘telephoneNumber’, ‘City’ => ‘l’, },
}});
in that case I can authenticate in local without problem. But not against
my LDAP server.
If I add a
Set($ExternalAuth, 1 );
I can’t authenticate at all (either local or LDAP) and I get something
like :
Jun 30 14:22:37 rt RT: [5913] Expected ‘PeerHost’ at
/usr/local/lib/perl5/site_perl/Net/LDAP.pm line 164. Stack:
[/usr/local/lib/perl5/site_perl/Carp.pm:167]
[/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:485]
[/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:386]
[/usr/local/lib/perl5/5.20/mach/IO/Socket.pm:49]
[/usr/local/lib/perl5/site_perl/IO/Socket/IP.pm:353]
[/usr/local/lib/perl5/site_perl/Net/LDAP.pm:164]
[/usr/local/lib/perl5/site_perl/Net/LDAP.pm:122]
[/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth/LDAP.pm:646]
[/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth/LDAP.pm:510]
[/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth.pm:581]
[/usr/local/lib/perl5/site_perl/RT/Authen/ExternalAuth.pm:328]
[/usr/local/share/rt44/html/Elements/DoAuth:57]
[/usr/local/lib/perl5/site_perl/RT/Interface/Web.pm:308]
[/usr/local/share/rt44/html/autohandler:53]
I running a RT 4.4.0 under FreeBSD.
Any idea ?
Regards
JAS
Albert SHIH
DIO bâtiment 15
Observatoire de Paris
5 Place Jules Janssen
92195 Meudon Cedex
France
Téléphone : +33 1 45 07 76 26/+33 6 86 69 95 71
xmpp: jas@obspm.fr
Heure local/Local time:
jeu 30 jui 2016 14:24:34 CEST
RT 4.4 and RTIR Training Sessions https://bestpractical.com/training
- Los Angeles - September, 2016
FCM Travel Solutions is one of the largest corporate travel management
companies in the world. We are represented in over 90 countries with staff
strength of over 6,500. Our work has been officially recognized at the
esteemed World Travel Awards, earning us the title of World’s Leading
Travel Management Company for five consecutive years in 2011, 2012, 2013,
2014 & 2015. Visit us at www.in.fcm.travel
RT 4.4 and RTIR Training Sessions https://bestpractical.com/training
- Los Angeles - September, 2016