The user is not getting passed to LDAP I guess.
What Version of RT are you running? If you are using 4.2 or greater (you
should be if you’re setting up a new instance) you need to
Replace this line
Set(@Plugins, qw(RT::Authen::ExternalAuth) );
With this line
Plugin(‘RT::Authen::ExternalAuth’);
From: rt-users [mailto:rt-users-bounces@lists.bestpractical.com] *On
Behalf Of *bharath reddy
Sent: Tuesday, October 13, 2015 10:38 PM
To: Anton Panetta anton.panetta@haircareaust.com
Cc: RT-List rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Regarding External Authentication using LDAP
Hi Anton,
I used following block in my RT_SiteConfig :
Set(@Plugins, qw(RT::Authen::ExternalAuth) );
Set($ExternalAuthPriority, [“My_LDAP”]);
Set($ExternalInfoPriority, [“My_LDAP”]);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings, {
'My_LDAP' => { ## GENERIC SECTION
'type' => 'ldap',
'server' => '
vmns1.cs.sunysb.edu’,
'user' => 'CN=Recruit
LDAP user,OU=Service Accounts,OU=SBCS,DC=cs,DC=stonybrook,DC=edu’,
'pass' => '*******',
'base' =>
‘ou=SBCS,dc=cs,dc=stonybrook,DC=edu’,
# 'filter' =>
‘((&(objectCategory=Users)))’,
filter =>
‘(objectClass=*)’,
'd_filter' =>
‘(userAccountControl:1.2.840.113556.1.4.803:=2)’,
# 'd_filter' =>
‘(&(objectCategory=User) (ObjectClass=Person))’ ,
'tls' => 1,
'ssl_version' => 3,
'net_ldap_args' => [
version => 3 ],
# 'group' =>
‘CN=Domain Users,CN=Users,DC=cs,DC=stonybrook,DC=edu’,
# 'group_attr' =>
‘member’,
'attr_match_list' =>
[ ‘Name’,
'EmailAddress'
],
'attr_map' =>
{ ‘Name’ => ‘sAMAccountName’,
'EmailAddress' => 'mail' }
}
}
);
Is anything that I’m missing ?
Thanks,
Bharath.
On Tue, Oct 13, 2015 at 8:04 PM, Anton Panetta < anton.panetta@haircareaust.com> wrote:
Whats the block you put in your RT_SiteConfig relating to external auth?
From: rt-users [mailto:rt-users-bounces@lists.bestpractical.com] *On
Behalf Of *bharath reddy
Sent: Wednesday, 14 October 2015 3:58 AM
To: RT-List rt-users@lists.bestpractical.com
Subject: [rt-users] Regarding External Authentication using LDAP
Dear All,
I followed the link RT::Authen::ExternalAuth - RT Authentication using External Sources - metacpan.org and
made required changes and then restarted my apache server. But when I’m
logging into the RT from web it fails with :
“Your username or password is incorrect”
But user exists in the LDAP.
Log file contains :
[22441] [Tue Oct 13 16:58:25 2015] [error]: FAILED LOGIN for
<my_user_name> from 130.245.10.107 (/rt/lib//RT/Interface/Web.pm:810)
From the code(/rt/lib//RT/Interface/Web.pm) it fails at this point :
unless ( $user_obj->id && $user_obj->IsPassword( $ARGS->{pass} ) ) {
$RT::Logger->error("FAILED LOGIN for @{[$ARGS->{user}]} from
$ENV{‘REMOTE_ADDR’}");
Can any one help me how to change the flow to authenticate from LDAP i.e
it should check the username and password against the LDAP and not from DB.
Any help or pointers to this issue will be appreciated.
Thanks,
Bharath.
The information contained in this email message and any attachments may be
confidential information. If you are not the intended recipient, any use,
interference with, disclosure or copying of this material is unauthorised
and prohibited. If you have received this email in error, please advise us
immediately and delete the email and all copies. The content and opinions
in non-business email are not necessarily those of Haircare Australia. [image:
Image removed by sender.]
ARDEN
A Global Company
Celebrating over 50 years of making your life more comfortable!
This message may contain confidential and/or privileged information. If
you are not the addressee or authorized to receive this for the addressee,
you must not use, copy, disclose, or take any action based on this message
or any information herein. If you have received this message in error,
please advise the sender immediately by reply e-mail and delete this
message.
This OUTBOUND E-mail and Document(s) has been scanned by an Antivirus
Server.
