LDAP Auth and 'EmailAddress'

Charles_Kugelman_at · September 26, 2005, 3:09am

Hello,

We are trying to set up our RT server to authenticate against our LDAP
server. There has been some success getting this to happen, however
there is one (maybe small) problem. Users fail to log on when the
following line is uncommented (in RT_SiteConfig.pm):

'EmailAddress'        => 'mail',

If we comment the line out, the logon process works flawlessly. However,
we really need this function to work. Without the line, RT doesn’t auto
fill the email address field with the data from the LDAP server.

Here are the details:

RT error log:

[Mon Sep 26 02:44:40 2005] [debug]: LookupExternalUserInfo: Name (uid)
search filter ‘(&(mail=user@domain.com)(objectclass=*))’

(/opt/rt/local/lib/RT/EmailParser_Local.pm:85)

[Mon Sep 26 02:44:40 2005] [debug]: LookupExternalUserInfo: Name (uid)
search produced 1 results

(/opt/rt/local/lib/RT/EmailParser_Local.pm:90)

[Mon Sep 26 02:44:40 2005] [debug]: LookupExternalUserInfo: No email
search

(/opt/rt/local/lib/RT/EmailParser_Local.pm:117)

[Mon Sep 26 02:44:40 2005] [debug]: LookupExternalUserInfo: No realname
(cn) search

(/opt/rt/local/lib/RT/EmailParser_Local.pm:140)

[Mon Sep 26 02:44:40 2005] [error]: FAILED LOGIN for user@ourdomain.com
from 192.168.1.100 (/opt/rt/local/html/autohandler:144)

Apache error log:

[Mon Sep 26 02:44:40 2005] [error]: FAILED LOGIN for user@ourdomain.com
from 192.168.1.100 (/opt/rt/local/html/autohandler:144)

RT_SiteConfig.pm:

Set($HomeRefreshPeriod, “300”);

Set($TicketsRefreshPeriod, “300”);

@AuthOrder = (“LDAP”, “SMB”, “Web”, “Internal”);

$LDAPExternalAuto = 1;

$LDAPDeferToInternalAuth = undef;

$LdapServer=“ldap.ourdomain.com”;

$LdapCert= “”;

$LdapCertDir= “”;

$LdapUser=“uid=bindaccount,ou=whatever,dc=whatever,dc=ourdomain,dc=com”;

$LdapPass=“bindaccountpass”;

$LdapBase=“ou=whatever,dc=whatever,dc=ourdomain,dc=com”;

$LdapUidAttr=“mail”;

$LdapFilter=“(objectclass=*)”;

$LdapMap = {

'Name'                => $RT::LdapUidAttr,

'EmailAddress'        => 'mail',

'RealName'            => 'cn',

};

Other details:

OS: SuSE Linux 9.3

DB: Oracle 9iR2

RT: 3.2.3

RT>LDAP auth package: LDAPSMB1.2_RT3.tar.gz from
http://www.mosemann.com/software/LDAPSMB1.2_RT3.tar.gz

We have tried the older LDAP auth package (from the contrib section),
but even more issues exist with that package.

Any help would be greatly appreciated. Thanks in advance.

Charles Kugelman

Network Administrator

ITT Educational Services, Inc.