Jim Meyer's LDAP Authentication user_local.pm ldap_overlay contribution in 3.8

Hi everyone, we (me) are in the process of migrating our server to new hardware. I want to take advantage and upgrade to 3.8 (from 3.6). We currently use Jim Meyer’s User_Local.pm, LDAP Overlay (not sure what its official name is). Anyway, I installed 3.8 on the new box, RT is up and running and imported my ldap users using the import script. I copied my ldap_overlay files and settings over to the new installation. I cannot get it to work though. I’m not sure if I’m doing something wrong, or if 3.8 handles this function differently and I should be using something else or modifying my existing settings.

any input is appreciated.

Cheers!

Helmuth

P.S. sorry about the long winded subject, I was hoping to make it easily searchable for future queries

Helmuth Ramirez wrote:

Hi everyone, we (me) are in the process of migrating our server to new
hardware. I want to take advantage and upgrade to 3.8 (from 3.6). We
currently use Jim Meyer’s User_Local.pm, LDAP Overlay (not sure what its
official name is). Anyway, I installed 3.8 on the new box, RT is up and
running and imported my ldap users using the import script. I copied my
ldap_overlay files and settings over to the new installation. I cannot
get it to work though. I’m not sure if I’m doing something wrong, or if
3.8 handles this function differently and I should be using something
else or modifying my existing settings.

any input is appreciated.

As yet there is no proper solution. Jim Meyer’s solution has been
deprecated by my ExternalAuth extension, however I am so desperately
overloaded at work at the moment I haven’t had time to make it
compatible with 3.8 (I am the sole member of IT for a silicon-design
company of over 100 staff).

If it helps, this is what Espen Wiborg had to say about it when trying
to get ExternalAuth fully functional in 3.8:

Autocreation works if you copy
local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Auth
to local/html/Callbacks/ExternalAuth/autohandler/Auth and apply the
following patch to User_Vendor.pm:

— local/lib/RT/User_Vendor.pm~ 2008-04-09 10:40:44.000000000 +0200
+++ ./local/lib/RT/User_Vendor.pm 2008-08-04 17:46:32.000000000 +0200
@@ -348,7 +348,7 @@
return (undef);
}

• if ( $self->PrincipalObj->Disabled ) {

• if ( $self->PrincipalObj and $self->PrincipalObj->Disabled ) {
  $RT::Logger->info(“Disabled user " . $self->Name .
  " tried to log in” );
  return (undef);

At least I got it to work, and I think those were the only two changes I
made.

Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England

ldap_overlay contribution in 3.8

Helmuth Ramirez wrote:

Hi everyone, we (me) are in the process of migrating our server to new

hardware. I want to take advantage and upgrade to 3.8 (from 3.6). We

currently use Jim Meyer’s User_Local.pm, LDAP Overlay (not sure what
its
official name is). Anyway, I installed 3.8 on the new box, RT is up
and
running and imported my ldap users using the import script. I copied
my
ldap_overlay files and settings over to the new installation. I
cannot
get it to work though. I’m not sure if I’m doing something wrong, or
if
3.8 handles this function differently and I should be using something
else or modifying my existing settings.

any input is appreciated.

As yet there is no proper solution. Jim Meyer’s solution has been
deprecated by my ExternalAuth extension, however I am so desperately
overloaded at work at the moment I haven’t had time to make it
compatible with 3.8 (I am the sole member of IT for a silicon-design
company of over 100 staff).

If it helps, this is what Espen Wiborg had to say about it when trying
to get ExternalAuth fully functional in 3.8:

Autocreation works if you copy
local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohan
dler/Auth
to local/html/Callbacks/ExternalAuth/autohandler/Auth and apply the
following patch to User_Vendor.pm:

— local/lib/RT/User_Vendor.pm~ 2008-04-09 10:40:44.000000000
+0200
+++ ./local/lib/RT/User_Vendor.pm 2008-08-04 17:46:32.000000000
+0200
@@ -348,7 +348,7 @@
return (undef);
}

• if ( $self->PrincipalObj->Disabled ) {

• if ( $self->PrincipalObj and $self->PrincipalObj->Disabled ) {
  $RT::Logger->info(“Disabled user " . $self->Name .
  " tried to log in” );
  return (undef);

At least I got it to work, and I think those were the only two changes I
made.

Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England

Thanks Mike,
I managed to get the ExternalAuth working using the wiki and some
archives from the list. Surprisingly I didn’t have to perform the step
above.

Here is what I did for anyone else who has trouble with LDAP on 3.8

Installed External Auth via CPAN per wiki
http://wiki.bestpractical.com/view/ExternalAuth
Had to perform a “force” install since it said it couldn’t find RT (even
though I had it:)

Per thread

203.8;#77139
Installed perl-LDAP rpm and inserted the following line into my
RT_SiteConfig.pm

require
“/opt/rt3/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm”;

Note: there is a typo in the thread, it is missing the second hyphen in
the “RT-Authen-ExternalAuth” line.

Per thread
http://www.mail-archive.com/rt-users@lists.bestpractical.com/msg12519.ht
ml
Removed (deleted the lines) extraneous “my_mysql” references and only
left “my_ldap”.
Removed extraneous group information referencing “group_attr” and
“group_name”
Don’t forget to put in the right “d_filter” for terminated employees
(mentioned in above thread).

Restarted Apache and I was able to login! Thank you very much!

Now if I can only get that pesky db migrated over…different thread.

Cheers!