RT 3.6.5 Setup / LDAP

Hello,

Before writing this mail, let it be said that I spent some hours going
through the wiki reading any bits of info that had more or less to do
with LDAP and the many different ways to try to use it in RT. Gone
thought the mailing list archive and did my share of googling around.
All in all I spent the week (and some nights) on this.

We have been fiddling with RT 3.6.5 for the past week trying to set it
up to have LDAP Auth. At first we managed to set ti up to run of a RHEL
5 server, Apache 2.2.3 using mod_perl.

But since the goal is to use RT for corporate IT support requests
tracking and we use a Win2003 Domain in native mode with some 500+ user
account and a high turnover rate, we want RT to use our ActiveDirectory.

The problem is that the more LDAP “recipe” I try to use the more
desesperate I get :slight_smile:

So, I am ready to scrap our RHEL 5 Server and FastCGI instead of
mod_perl if need be, but I don’t want to waste some more precious work
days (and some sleep hours to the greatest dismay of my family) going
blindly around.

That’s why I’m looking for somebody out there that managed to use RT
3.6.5 and LDAP properly using a RedHat Linux if possible or any other
distrib (provided it’s free because we only use RedHat distrib for our
corporate use and we won’t buy any other distrib). If all it takes is
using another RHEL version (3, 4, any update level, we have all of them)
or a specific list of modules, we are ready to accept any compromise
that will enables us to have this RT 3.6.5 running with LDAP.

Yours,

David

David,

Like you, I researched and failed many times before I got it to work
properly (adding insult to injury RT was my introduction to *nix). What
errors are you experiencing?From: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of David
ROBERT
Sent: Friday, October 19, 2007 4:39 AM
To: rt-users@lists.bestpractical.com
Subject: [rt-users] RT 3.6.5 Setup / LDAP

Hello,

Before writing this mail, let it be said that I spent some hours going
through the wiki reading any bits of info that had more or less to do
with LDAP and the many different ways to try to use it in RT. Gone
thought the mailing list archive and did my share of googling around.
All in all I spent the week (and some nights) on this.

We have been fiddling with RT 3.6.5 for the past week trying to set it
up to have LDAP Auth. At first we managed to set ti up to run of a RHEL
5 server, Apache 2.2.3 using mod_perl.

But since the goal is to use RT for corporate IT support requests
tracking and we use a Win2003 Domain in native mode with some 500+ user
account and a high turnover rate, we want RT to use our ActiveDirectory.

The problem is that the more LDAP “recipe” I try to use the more
desesperate I get :slight_smile:

So, I am ready to scrap our RHEL 5 Server and FastCGI instead of
mod_perl if need be, but I don’t want to waste some more precious work
days (and some sleep hours to the greatest dismay of my family) going
blindly around.

That’s why I’m looking for somebody out there that managed to use RT
3.6.5 and LDAP properly using a RedHat Linux if possible or any other
distrib (provided it’s free because we only use RedHat distrib for our
corporate use and we won’t buy any other distrib). If all it takes is
using another RHEL version (3, 4, any update level, we have all of them)
or a specific list of modules, we are ready to accept any compromise
that will enables us to have this RT 3.6.5 running with LDAP.

Yours,

David

Hello

I have deployed RT 3.6.1 using Apache2 + AD + modpel2 where I work, on a
Debian. We use RTFM and RTAT thanks to this list. The information
available about LDAP was not much, but now there is a recent article in
the wiki that helps a lot.

LDAPSiteConfigSettingsForActiveDirectory
<http://wiki.bestpractical.com/view/LdapSiteConfigSettingsForActiveDirec
tory>

If it can not help you, I think I can help. But please take a look to
that document before.

Best regards

JosepFrom: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of David
ROBERT
Sent: viernes, 19 de octubre de 2007 10:39
To: rt-users@lists.bestpractical.com
Subject: [rt-users] RT 3.6.5 Setup / LDAP

Hello,

Before writing this mail, let it be said that I spent some hours going
through the wiki reading any bits of info that had more or less to do
with LDAP and the many different ways to try to use it in RT. Gone
thought the mailing list archive and did my share of googling around.
All in all I spent the week (and some nights) on this.

We have been fiddling with RT 3.6.5 for the past week trying to set it
up to have LDAP Auth. At first we managed to set ti up to run of a RHEL
5 server, Apache 2.2.3 using mod_perl.

But since the goal is to use RT for corporate IT support requests
tracking and we use a Win2003 Domain in native mode with some 500+ user
account and a high turnover rate, we want RT to use our ActiveDirectory.

The problem is that the more LDAP “recipe” I try to use the more
desesperate I get :slight_smile:

So, I am ready to scrap our RHEL 5 Server and FastCGI instead of
mod_perl if need be, but I don’t want to waste some more precious work
days (and some sleep hours to the greatest dismay of my family) going
blindly around.

That’s why I’m looking for somebody out there that managed to use RT
3.6.5 and LDAP properly using a RedHat Linux if possible or any other
distrib (provided it’s free because we only use RedHat distrib for our
corporate use and we won’t buy any other distrib). If all it takes is
using another RHEL version (3, 4, any update level, we have all of them)
or a specific list of modules, we are ready to accept any compromise
that will enables us to have this RT 3.6.5 running with LDAP.

Yours,

David

This e-mail and the documents attached are confidential and intended solely
for the addressee; it may also be privileged. If you receive this e-mail
in error, please notify the sender immediately and destroy it.
As its integrity cannot be secured on the Internet, the Atos Origin group
liability cannot be triggered for the message content. Although the
sender endeavours to maintain a computer virus-free network, the sender does
not warrant that this transmission is virus-free and will not be liable for
any damages resulting from any virus transmitted.

Este mensaje y los ficheros adjuntos pueden contener informacion
confidencial destinada solamente a la(s) persona(s) mencionadas
anteriormente. Pueden estar protegidos por secreto profesional Si usted
recibe este correo electronico por error, gracias de informar inmediatamente
al remitente y destruir el mensaje.
Al no estar asegurada la integridad de este mensaje sobre la red, Atos
Origin no se hace responsable por su contenido. Su contenido no constituye
ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por
ambas partes.
Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor
no puede garantizar nada al respecto y no sera responsable de cualesquiera
danos que puedan resultar de una transmision de virus

Hi David,

The link that Jose posted is pretty similar to what I used to hook into
our ActiveDirectory on Win2k3 server here.

I did make these changes to get it to work however. The Doc I read 12
months ago said to filter on sAMAccountName, that didn’t work for me.

#Set($LdapFilter, ‘(objectclass=sAMAccountName)’);
Set($LdapFilter, ‘(objectclass=*)’);

Getting the Set($LdapBase, ‘’); right can be a challenge, use ldapsearch
on linux to walk your AD server, it will also confirm that your
Set($LdapUser) is setup correctly. That you have to be sure of, we’ve
had our LdapUser expire on the AD server and it locked everyone out of
RT because it couldn’t bind.

Unlike the link instructions, I do have SSL turned on, worked for me.

These turn on SSL for LDAP

Set($LdapTLS, 0);
Set($LdapSSLVersion, 3);

  • Scott

At least I’m able to use the ldapsearch command line utility to query properly our AD servers. I have to use the -x options to force simple auth method otherwise I get an error (I put all needed options in the command line, not relying on /etc/ldap.conf)

But… this leads me to ask a question that may be a really silly one: do we need a properly configured /etc/ldap.conf file to get the LDAP Auth to work in RT? I thought all the server and connection info put in the RT/Apache conf file would be enough.

Now I’ll try to install the ldap overlay and configure it.

-----Message d’origine-----De : Scott Golby [mailto:sgolby@freshdirect.com]
Envoyé : vendredi 19 octobre 2007 15:57
À : David ROBERT
Objet : RE: [rt-users] RT 3.6.5 Setup / LDAP

Oh, go for debug on, you’ll get tons of LDAP messages every step of the way.

Set($LogToFile , ‘debug’);
Set($LogDir, ‘/opt/rt3/var/log’);
Set($LogToFileNamed , “rt.log”); #log to rt.log

Very obvious when you get it right, you’ll see the response from the server with the Real Name, Address, etc, etc, in the logs.

But… this leads me to ask a question that may be a really silly one:
do
we need a properly configured /etc/ldap.conf file to get the LDAP Auth
to
work in RT? I thought all the server and connection info put in the
RT/Apache conf file would be enough.

For my installation I didn’t touch the /etc/ldap.conf file at all.

  • Scott

Some more info about my LDAP troubles:

  • I went through the RHEL4 + FastCGI Install guide. It works fine for
    RHEL6 + RT 3.6.5 (some minor glitches but got it working properly in the
    end).
  • Once I checked that I could log into RT using accounts defined in RT I
    proceeded with LDAP Auth using :
    . LDAP Overlay (LdapOverlay - Request Tracker Wiki)
    . used the updated User_Local.pm
    (http://www.justatheory.com/computers/programming/perl/rt/User_Local.pm.
    ldap)
    . chmode 755 the User_Local.pm and activated DEBUG (use constant DEBUG
    => 1)
    . activated debug in my RT_SiteConfig.pm
    . chmod 777 the /opt/rt3/var/log directory

When I try to log into RT using an ActiveDirectory account, I only get a
LOGIN FAILED messages from the autohandler, nothing else.
I checked all the LDAP info used with ldapsearch and I can properly
connected and browse LDAP. Note that I have to use the -x option for
LDAPSEARCH as other connection methods fail.

Any ideas?

Some info about my config:

tail of /etc/httpd/conf/httpd.conf
<VirtualHost *:80>
ServerAdmin root
ServerName itsupport.generix.fr
DocumentRoot /opt/rt3/share/html/
AddDefaultCharset UTF-8

Adding the following for RT (the ticket tracker)

AddHandler fastcgi-script .fcgi
<Directory “/opt/rt3/share/html”>
Options FollowSymLinks ExecCGI
AllowOverride None

Pass through requests to for noauth

Alias /NoAuth/images /opt/rt3/share/html/NoAuth/images
ScriptAlias / /opt/rt3/bin/mason_handler.fcgi/
LogLevel debug

RT_SiteConfig.pm

To check your SiteConfig file, use this comamnd:

perl -c /path/to/your/etc/RT_SiteConfig.pm

Set($rtname, ‘generix.fr’);
Set($WebBaseURL, “http://itsupport.generix.fr:80”);
Set($WebPath, “”);

Set($LogToFile, ‘debug’);
Set($LogDir, ‘/opt/rt3/var/log’);
Set($LogToFileNamed , “rt.log”);

Set($LDAPExternalAuth, 1);
Set($LdapExternalInfo, 1);
Set($LdapAutoCreateNonLdapUsers, 0);
Set($AutoCreate, {Privileged => 1});

Map RT attributes to LDAP attributes

The mapping below is known to work in Windows 2003 w/Active Directory

Set( $LdapAttrMap, {
‘Name’ => ‘sAMAccountName’,
‘EmailAddress’ => ‘mail’,
‘Organization’ => ‘physicalDeliveryOfficeName’,
‘RealName’ => ‘cn’,
‘ExternalContactInfoId’ => ‘dn’,
‘ExternalAuthId’ => ‘sAMAccountName’,
‘Gecos’ => ‘sAMAccountName’,
‘HomePhone’ => ‘homePhone’,
‘WorkPhone’ => ‘telephoneNumber’,
‘MobilePhone’ => ‘mobile’,
‘PagerPhone’ => ‘pager’,
‘Address1’ => ‘streetAddress’,
‘Address2’ => ‘postOfficeBox’,
‘City’ => ‘l’,
‘State’ => ‘st’,
‘Zip’ => ‘postalCode’,
‘Country’ => ‘co’,
‘FreeformContactInfo’ => ‘info’,
});

A list of RT attrs which can uniquely identify a user,

ordered from most to least preferred.

Set($LdapRTAttrMatchList, [‘ExternalContactInfoId’, ‘Name’,
‘EmailAddress’, ‘RealName’,
‘WorkPhone’, ‘Address2’]
);

A list of LDAP attrs to examine when canonicalizing email addresses,

ordered from most to least preferred

Set($LdapEmailAttrMatchList, [‘mail’, ‘mailRoutingAddress’,
‘mailAlternateAddress’]
);

Set($LdapServer, ‘hydrogene.generix.fr’);
Set($LdapUser, ‘CN=TheLdapUser,OU=TheMainUsersOU,DC=generix,DC=fr’);
Set($LdapPass, ‘ThePassForLdapUser’);
Set($LdapBase, ‘OU=TheMainUsersOU,DC=generix,DC=fr’);
Set(LdapUidAttr, ‘sAMAccountName’);
Set($LdapFilter, ‘(objectclass=*)’);
Set($LdapTLS, 0);
#$LdapGroup =“cn=RT,ou=Group,dc=example,dc=com”;
#$LdapGroupAttribute = ‘uniqueMember’;
#$LdapSSLVersion = 3;
1;

/var/log/httpd/error_log after HTTPD restart and failed login
[Fri Oct 19 23:07:01 2007] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Oct 19 23:07:01 2007] [warn] module fastcgi_module is already
loaded, skipping
[Fri Oct 19 23:07:01 2007] [notice] Digest: generating secret for digest
authentication …
[Fri Oct 19 23:07:01 2007] [notice] Digest: done
[Fri Oct 19 23:07:01 2007] [notice] FastCGI: process manager initialized
(pid 3212)
[Fri Oct 19 23:07:01 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3213)
[Fri Oct 19 23:07:02 2007] [notice] mod_python: Creating 4 session
mutexes based on 256 max processes and 0 max threads.
[Fri Oct 19 23:07:02 2007] [notice] Apache/2.2.3 (Red Hat) configured –
resuming normal operations
[Fri Oct 19 23:07:02 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3223)
[Fri Oct 19 23:07:03 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3227)
[Fri Oct 19 23:07:04 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3228)
[Fri Oct 19 23:07:06 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3231)
[Fri Oct 19 23:07:07 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3234)
[Fri Oct 19 23:07:08 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3235)
[Fri Oct 19 23:07:09 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3239)
[Fri Oct 19 23:07:42 2007] [error] [client XXX.XXX.XXX.XXX] FastCGI:
server “/opt/rt3/bin/mason_handler.fcgi” stderr: [Fri Oct 19 21:07:42
2007] [error]: FAILED LOGIN for infointerne from XXX.XXX.XXX.XXX
(/opt/rt3/share/html/autohandler:251), referer:
http://itsupport.generix.fr/
Notice how the 2 error lines are merged in one… dunno why

From the look of it, the LDAP User_Local.pm file is not used. dunno why

/opt/rt3/var/log/rt.log after failed login
[Fri Oct 19 21:07:42 2007] [error]: FAILED LOGIN for infointerne from
XXX.XXX.XXX.XXX (/opt/rt3/share/html/autohandler:251)

RT System Config (warning… very long)
Perl v5.8.8 under linux
Apache::Session v1.84;
Apache::Session::Generate::MD5 v2.1;
Apache::Session::lock::MySQL v1.00;
Apache::Session::MySQL v1.01;
Apache::Session::Serialize::Storable v1.01;
Apache::Session::Store::DBI v1.02;
Apache::Session::Store::MySQL v1.04;
AutoLoader v5.60;
base v2.07;
bytes v1.02;
Cache::Simple::TimedExpiry v0.27;
capitalization v0.03;
Carp v1.04;
CGI v3.29;
CGI::Cookie v1.28;
CGI::Fast v1.07;
CGI::Util v1.5;
Class::Container v0.12;
Class::Data::Inheritable v0.06;
Class::ReturnValue v0.55;
Clone v0.28;
constant v1.05;
Convert::ASN1 v0.21;
Cwd v3.25;
Data::Dumper v2.121_08;
DBD::mysql v3.0007;
DBI v1.59;
DBIx::SearchBuilder v1.49;
DBIx::SearchBuilder::Union v0;
DBIx::SearchBuilder::Unique v0.01;
Devel::StackTrace v1.15;
Devel::StackTraceFrame v0.6;
Devel::Symdump v2.08;
Digest::base v1.00;
Digest::MD5 v2.36;
DynaLoader v1.05;
Encode v2.12;
Encode::Alias v2.04;
Encode::Config v2.01;
Encode::Encoding v2.02;
Errno v1.1;
Exception::Class v1.23;
Exception::Class::Base v1.2;
Exporter v5.58;
Exporter::Heavy v5.58;
FCGI v0.67;
Fcntl v1.05;
File::Basename v2.74;
File::Glob v1.05;
File::Path v1.08;
File::Spec v3.25;
File::Spec::Unix v1.5;
File::Temp v0.18;
FileHandle v2.01;
HTML::Element v3.23;
HTML::Entities v1.35;
HTML::Formatter v2.04;
HTML::FormatText v2.04;
HTML::Mason v1.37;
HTML::Mason::CGIHandler v1.00;
HTML::Mason::Exception v1.1;
HTML::Mason::Exception::Abort v1.1;
HTML::Mason::Exception::Compilation v1.1;
HTML::Mason::Exception::Compilation::IncompatibleCompiler v1.1;
HTML::Mason::Exception::Compiler v1.1;
HTML::Mason::Exception::Decline v1.1;
HTML::Mason::Exception::Params v1.1;
HTML::Mason::Exception::Syntax v1.1;
HTML::Mason::Exception::System v1.1;
HTML::Mason::Exception::TopLevelNotFound v1.1;
HTML::Mason::Exception::VirtualMethod v1.1;
HTML::Mason::Exceptions v1.43;
HTML::Parser v3.55;
HTML::Scrubber v0.08;
HTML::Tagset v3.10;
HTML::TreeBuilder v3.23;
HTTP::Date v1.47;
I18N::LangTags v0.35;
integer v1.00;
IO v1.22;
IO::File v1.13;
IO::Handle v1.25;
IO::InnerFile v2.110;
IO::Lines v2.110;
IO::ScalarArray v2.110;
IO::Seekable v1.1;
IO::Select v1.17;
IO::Socket v1.29;
IO::Socket::INET v1.29;
IO::Socket::UNIX v1.22;
IO::WrapTie v2.110;
IPC::Open2 v1.02;
IPC::Open3 v1.02;
lib v0.5565;
List::Util v1.19;
Locale::Maketext v1.10;
Locale::Maketext::Fuzzy v0.10;
Locale::Maketext::Lexicon v0.64;
Locale::Maketext::Lexicon::Gettext v0.15;
Log::Dispatch v2.18;
Log::Dispatch::Base v1.09;
Log::Dispatch::File v1.22;
Log::Dispatch::Output v1.26;
Log::Dispatch::Screen v1.17;
Log::Dispatch::Syslog v1.18;
Mail::Address v1.77;
Mail::Field v1.77;
Mail::Field::AddrList v1.77;
Mail::Field::Date v1.77;
Mail::Header v1.77;
Mail::Internet v1.77;
MIME::Base64 v3.07;
MIME::Body v5.423;
MIME::Decoder v5.423;
MIME::Entity v5.423;
MIME::Field::ContDisp v5.423;
MIME::Field::ConTraEnc v5.423;
MIME::Field::ContType v5.423;
MIME::Field::ParamVal v5.423;
MIME::Head v5.423;
MIME::Parser v5.423;
MIME::QuotedPrint v3.07;
MIME::Tools v5.423;
MIME::Words v5.423;
Module::Versions::Report v1.03;
Net::LDAP v0.34;
Net::LDAP::ASN v0.04;
Net::LDAP::Constant v0.04;
Net::LDAP::Filter v0.15;
Net::LDAP::Message v1.09;
Net::LDAP::Util v0.11;
overload v1.04;
Params::Validate v0.88;
POSIX v1.09;
re v0.05;
Regexp::Common v2.120;
Regexp::Common::delimited v2.104;
RT v3.6.5;
RT::Interface::Email v2;
Scalar::Util v1.19;
SelectSaver v1.01;
Socket v1.78;
Storable v2.16;
strict v1.03;
Symbol v1.06;
Sys::Syslog v0.13;
Text::Template v1.44;
Text::Wrapper v1.01;
Tie::Hash v1.02;
Time::HiRes v1.9708;
Time::JulianDay v2003.1125;
Time::Local v1.11;
Time::ParseDate v2006.0814;
Time::Timezone v2006.0814;
Time::Zone v2.22;
UNIVERSAL v1.01;
UNIVERSAL::require v0.11;
URI v1.35;
URI::Escape v3.28;
utf8 v1.06;
vars v1.01;
warnings v1.05;
warnings::register v1.01;
XSLoader v0.06;

Variables de RT
RT::AmbiguousDayInPast 1
RT::BasePath /opt/rt3
RT::BinPath /opt/rt3/bin
RT::CORE_CONFIG_FILE /opt/rt3/etc/RT_Config.pm
RT::CommentAddress RT_CommentAddressNotSet
RT::CorrespondAddress RT_CorrespondAddressNotSet
RT::DatabaseHost localhost
RT::DatabaseName rt3
RT::DatabasePassword Password not printed
RT::DatabaseRTHost localhost
RT::DatabaseType mysql
RT::DatabaseUser rt_user
RT::DateDayBeforeMonth 1
RT::DefaultSearchResultFormat ‘id/TITLE:#’, ‘Subject/TITLE:Subject’
, Status, QueueName, OwnerName, Priority, ‘NEWLINE’, ‘’,
Requestors’, ‘CreatedRelative’,
ToldRelative’,
LastUpdatedRelative’, ‘TimeLeft

RT::DefaultSummaryRows 10
RT::EmailOutputEncoding utf-8
RT::EtcPath /opt/rt3/etc
RT::FriendlyFromLineFormat “%s via RT” <%s>
RT::FriendlyToLineFormat “%s of generix.fr Ticket #%s”:;
RT::LDAPExternalAuth 1
RT::LdapBase OU=TheMainUsersOU,DC=generix,DC=fr
RT::LdapExternalInfo 1
RT::LdapFilter (objectclass=*)
RT::LdapPass ThePassForLdapUser
RT::LdapServer hydrogene.generix.fr
RT::LdapUser CN=TheLdapUser,OU=TheMainUsersOU,DC=generix,DC=fr
RT::LocalEtcPath /opt/rt3/local/etc
RT::LocalLexiconPath /opt/rt3/local/po
RT::LocalPath /opt/rt3/local
RT::LogDir /opt/rt3/var/log
RT::LogToFile debug
RT::LogToFileNamed rt.log
RT::LogToScreen error
RT::LogToSyslog debug
RT::LogoURL /NoAuth/images/bplogo.gif
RT::LoopsToRTOwner 1
RT::MailCommand sendmailpipe
RT::MasonComponentRoot /opt/rt3/share/html
RT::MasonDataDir /opt/rt3/var/mason_data
RT::MasonLocalComponentRoot /opt/rt3/local/html
RT::MasonSessionDir /opt/rt3/var/session_data
RT::MaxAttachmentSize 10000000
RT::MaxInlineBody 13456
RT::MessageBoxWidth 72
RT::MessageBoxWrap HARD
RT::MinimumPasswordLength 5
RT::OldestTransactionsFirst 1
RT::Organization example.com
RT::OwnerEmail root
RT::RTAddressRegexp ^rt@example.com$
RT::RecordOutgoingEmail 1
RT::RedistributeAutoGeneratedMessages privileged
RT::SITE_CONFIG_FILE /opt/rt3/etc/RT_SiteConfig.pm
RT::SendmailArguments -oi -t
RT::SendmailBounceArguments -f “<>”
RT::SendmailPath /usr/sbin/sendmail
RT::ShowTransactionImages 1
RT::StrictLinkACL 1
RT::Timezone US/Eastern
RT::UseFriendlyFromLine 1
RT::VERSION 3.6.5
RT::VarPath /opt/rt3/var
RT::WebBaseURL http://itsupport.generix.fr:80
RT::WebDefaultStylesheet 3.5-default
RT::WebFlushDbCacheEveryRequest 1
RT::WebImagesURL /NoAuth/images/
RT::WebPort 80
RT::WebURL http://itsupport.generix.fr:80/
RT::rtname generix.fr

Configuration de Perl
Summary of my perl5 (revision 5 version 8 subversion 8) configuration:
Platform:
osname=linux, osvers=2.6.9-34.elsmp,
archname=i386-linux-thread-multi
uname=‘linux hs20-bc2-2.build.redhat.com 2.6.9-34.elsmp #1 smp fri
feb 24 16:56:28 est 2006 i686 i686 i386 gnulinux ’
config_args=’-des -Doptimize=-O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
–param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic
-fasynchronous-unwind-tables -Dversion=5.8.8 -Dmyhostname=localhost
-Dperladmin=root@localhost -Dcc=gcc -Dcf_by=Red Hat, Inc.
-Dinstallprefix=/usr -Dprefix=/usr -Darchname=i386-linux
-Dvendorprefix=/usr -Dsiteprefix=/usr -Duseshrplib -Dusethreads
-Duseithreads -Duselargefiles -Dd_dosuid -Dd_semctl_semun -Di_db
-Ui_ndbm -Di_gdbm -Di_shadow -Di_syslog -Dman3ext=3pm -Duseperlio
-Dinstallusrbinperl=n -Ubincompat5005 -Uversiononly
-Dpager=/usr/bin/less -isr -Dd_gethostent_r_proto -Ud_endhostent_r_proto
-Ud_sethostent_r_proto -Ud_endprotoent_r_proto -Ud_setprotoent_r_proto
-Ud_endservent_r_proto -Ud_setservent_r_proto -Dinc_version_list=5.8.7
5.8.6 5.8.5 -Dscriptdir=/usr/bin’
hint=recommended, useposix=true, d_sigaction=define
usethreads=define use5005threads=undef useithreads=define
usemultiplicity=define
useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
use64bitint=undef use64bitall=undef uselongdouble=undef
usemymalloc=n, bincompat5005=undef
Compiler:
cc=‘gcc’, ccflags =‘-D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing
-pipe -Wdeclaration-after-statement -I/usr/local/include
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/include/gdbm’,
optimize=‘-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
-fstack-protector --param=ssp-buffer-size=4 -m32 -march=i386
-mtune=generic -fasynchronous-unwind-tables’,
cppflags=‘-D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe
-Wdeclaration-after-statement -I/usr/local/include -I/usr/include/gdbm’
ccversion=‘’, gccversion=‘4.1.1 20060928 (Red Hat 4.1.1-28)’,
gccosandvers=‘’
intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
ivtype=‘long’, ivsize=4, nvtype=‘double’, nvsize=8, Off_t=‘off_t’,
lseeksize=8
alignbytes=4, prototype=define
Linker and Libraries:
ld=‘gcc’, ldflags =’ -L/usr/local/lib’
libpth=/usr/local/lib /lib /usr/lib
libs=-lresolv -lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lpthread
-lc
perllibs=-lresolv -lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
libc=/lib/libc-2.5.so, so=so, useshrplib=true, libperl=libperl.so
gnulibc_version=‘2.5’
Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=‘-Wl,-E
-Wl,-rpath,/usr/lib/perl5/5.8.8/i386-linux-thread-multi/CORE’
cccdlflags=‘-fPIC’, lddlflags=‘-shared -O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
–param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic
-fasynchronous-unwind-tables -L/usr/local/lib’

David,

Have you looked inside the security event log on the active directory
server to see what Windows sees coming in from your Unix box?

Also, have you tried to use the new Windows domain notation,
“myuser@mydomain”? For example, if you log into the “AD” domain, your
login would be “myuser@ad”. I tend to favour his notation in
configuration files as it is simpler to type and less error prone.

Lastly, are there any spaces in your username or any of the OUs?

EdOn 19-Oct-07, at 5:23 PM, David ROBERT wrote:

Some more info about my LDAP troubles:

  • I went through the RHEL4 + FastCGI Install guide. It works fine for
    RHEL6 + RT 3.6.5 (some minor glitches but got it working properly
    in the
    end).
  • Once I checked that I could log into RT using accounts defined in
    RT I
    proceeded with LDAP Auth using :
    . LDAP Overlay (LdapOverlay - Request Tracker Wiki)
    . used the updated User_Local.pm
    (http://www.justatheory.com/computers/programming/perl/rt/
    User_Local.pm.
    ldap)
    . chmode 755 the User_Local.pm and activated DEBUG (use constant
    DEBUG
    => 1)
    . activated debug in my RT_SiteConfig.pm
    . chmod 777 the /opt/rt3/var/log directory

When I try to log into RT using an ActiveDirectory account, I only
get a
LOGIN FAILED messages from the autohandler, nothing else.
I checked all the LDAP info used with ldapsearch and I can properly
connected and browse LDAP. Note that I have to use the -x option for
LDAPSEARCH as other connection methods fail.

Any ideas?

Some info about my config:

tail of /etc/httpd/conf/httpd.conf


<VirtualHost *:80>
ServerAdmin root
ServerName itsupport.generix.fr
DocumentRoot /opt/rt3/share/html/
AddDefaultCharset UTF-8

Adding the following for RT (the ticket tracker)

AddHandler fastcgi-script .fcgi
<Directory “/opt/rt3/share/html”>
Options FollowSymLinks ExecCGI
AllowOverride None

Pass through requests to for noauth

Alias /NoAuth/images /opt/rt3/share/html/NoAuth/images
ScriptAlias / /opt/rt3/bin/mason_handler.fcgi/
LogLevel debug


RT_SiteConfig.pm


To check your SiteConfig file, use this comamnd:

perl -c /path/to/your/etc/RT_SiteConfig.pm

Set($rtname, ‘generix.fr’);
Set($WebBaseURL, “http://itsupport.generix.fr:80”);
Set($WebPath, “”);

Set($LogToFile, ‘debug’);
Set($LogDir, ‘/opt/rt3/var/log’);
Set($LogToFileNamed , “rt.log”);

Set($LDAPExternalAuth, 1);
Set($LdapExternalInfo, 1);
Set($LdapAutoCreateNonLdapUsers, 0);
Set($AutoCreate, {Privileged => 1});

Map RT attributes to LDAP attributes

The mapping below is known to work in Windows 2003 w/Active

Directory
Set( $LdapAttrMap, {
‘Name’ => ‘sAMAccountName’,
‘EmailAddress’ => ‘mail’,
‘Organization’ => ‘physicalDeliveryOfficeName’,
‘RealName’ => ‘cn’,
‘ExternalContactInfoId’ => ‘dn’,
‘ExternalAuthId’ => ‘sAMAccountName’,
‘Gecos’ => ‘sAMAccountName’,
‘HomePhone’ => ‘homePhone’,
‘WorkPhone’ => ‘telephoneNumber’,
‘MobilePhone’ => ‘mobile’,
‘PagerPhone’ => ‘pager’,
‘Address1’ => ‘streetAddress’,
‘Address2’ => ‘postOfficeBox’,
‘City’ => ‘l’,
‘State’ => ‘st’,
‘Zip’ => ‘postalCode’,
‘Country’ => ‘co’,
‘FreeformContactInfo’ => ‘info’,
});

A list of RT attrs which can uniquely identify a user,

ordered from most to least preferred.

Set($LdapRTAttrMatchList, [‘ExternalContactInfoId’, ‘Name’,
‘EmailAddress’, ‘RealName’,
‘WorkPhone’, ‘Address2’]
);

A list of LDAP attrs to examine when canonicalizing email addresses,

ordered from most to least preferred

Set($LdapEmailAttrMatchList, [‘mail’, ‘mailRoutingAddress’,
‘mailAlternateAddress’]
);

Set($LdapServer, ‘hydrogene.generix.fr’);
Set($LdapUser, ‘CN=TheLdapUser,OU=TheMainUsersOU,DC=generix,DC=fr’);
Set($LdapPass, ‘ThePassForLdapUser’);
Set($LdapBase, ‘OU=TheMainUsersOU,DC=generix,DC=fr’);
Set(LdapUidAttr, ‘sAMAccountName’);
Set($LdapFilter, ‘(objectclass=*)’);
Set($LdapTLS, 0);
#$LdapGroup =“cn=RT,ou=Group,dc=example,dc=com”;
#$LdapGroupAttribute = ‘uniqueMember’;
#$LdapSSLVersion = 3;
1;


/var/log/httpd/error_log after HTTPD restart and failed login


[Fri Oct 19 23:07:01 2007] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Oct 19 23:07:01 2007] [warn] module fastcgi_module is already
loaded, skipping
[Fri Oct 19 23:07:01 2007] [notice] Digest: generating secret for
digest
authentication …
[Fri Oct 19 23:07:01 2007] [notice] Digest: done
[Fri Oct 19 23:07:01 2007] [notice] FastCGI: process manager
initialized
(pid 3212)
[Fri Oct 19 23:07:01 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3213)
[Fri Oct 19 23:07:02 2007] [notice] mod_python: Creating 4 session
mutexes based on 256 max processes and 0 max threads.
[Fri Oct 19 23:07:02 2007] [notice] Apache/2.2.3 (Red Hat)
configured –
resuming normal operations
[Fri Oct 19 23:07:02 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3223)
[Fri Oct 19 23:07:03 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3227)
[Fri Oct 19 23:07:04 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3228)
[Fri Oct 19 23:07:06 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3231)
[Fri Oct 19 23:07:07 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3234)
[Fri Oct 19 23:07:08 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3235)
[Fri Oct 19 23:07:09 2007] [warn] FastCGI: server
“/opt/rt3/bin/mason_handler.fcgi” started (pid 3239)
[Fri Oct 19 23:07:42 2007] [error] [client XXX.XXX.XXX.XXX] FastCGI:
server “/opt/rt3/bin/mason_handler.fcgi” stderr: [Fri Oct 19 21:07:42
2007] [error]: FAILED LOGIN for infointerne from XXX.XXX.XXX.XXX
(/opt/rt3/share/html/autohandler:251), referer:
http://itsupport.generix.fr/


Notice how the 2 error lines are merged in one… dunno why

From the look of it, the LDAP User_Local.pm file is not used.
dunno why

/opt/rt3/var/log/rt.log after failed login


[Fri Oct 19 21:07:42 2007] [error]: FAILED LOGIN for infointerne from
XXX.XXX.XXX.XXX (/opt/rt3/share/html/autohandler:251)


RT System Config (warning… very long)


Perl v5.8.8 under linux
Apache::Session v1.84;
Apache::Session::Generate::MD5 v2.1;
Apache::Session::lock::MySQL v1.00;
Apache::Session::MySQL v1.01;
Apache::Session::Serialize::Storable v1.01;
Apache::Session::Store::DBI v1.02;
Apache::Session::Store::MySQL v1.04;
AutoLoader v5.60;
base v2.07;
bytes v1.02;
Cache::Simple::TimedExpiry v0.27;
capitalization v0.03;
Carp v1.04;
CGI v3.29;
CGI::Cookie v1.28;
CGI::Fast v1.07;
CGI::Util v1.5;
Class::Container v0.12;
Class::Data::Inheritable v0.06;
Class::ReturnValue v0.55;
Clone v0.28;
constant v1.05;
Convert::ASN1 v0.21;
Cwd v3.25;
Data::Dumper v2.121_08;
Date::Format v2.22;
Date::Parse v2.27;
DBD::mysql v3.0007;
DBI v1.59;
DBIx::SearchBuilder v1.49;
DBIx::SearchBuilder::Union v0;
DBIx::SearchBuilder::Unique v0.01;
Devel::StackTrace v1.15;
Devel::StackTraceFrame v0.6;
Devel::Symdump v2.08;
Digest::base v1.00;
Digest::MD5 v2.36;
DynaLoader v1.05;
Encode v2.12;
Encode::Alias v2.04;
Encode::Config v2.01;
Encode::Encoding v2.02;
Errno v1.1;
Exception::Class v1.23;
Exception::Class::Base v1.2;
Exporter v5.58;
Exporter::Heavy v5.58;
FCGI v0.67;
Fcntl v1.05;
File::Basename v2.74;
File::Glob v1.05;
File::Path v1.08;
File::Spec v3.25;
File::Spec::Unix v1.5;
File::Temp v0.18;
FileHandle v2.01;
HTML::Element v3.23;
HTML::Entities v1.35;
HTML::Formatter v2.04;
HTML::FormatText v2.04;
HTML::Mason v1.37;
HTML::Mason::CGIHandler v1.00;
HTML::Mason::Exception v1.1;
HTML::Mason::Exception::Abort v1.1;
HTML::Mason::Exception::Compilation v1.1;
HTML::Mason::Exception::Compilation::IncompatibleCompiler v1.1;
HTML::Mason::Exception::Compiler v1.1;
HTML::Mason::Exception::Decline v1.1;
HTML::Mason::Exception::Params v1.1;
HTML::Mason::Exception::Syntax v1.1;
HTML::Mason::Exception::System v1.1;
HTML::Mason::Exception::TopLevelNotFound v1.1;
HTML::Mason::Exception::VirtualMethod v1.1;
HTML::Mason::Exceptions v1.43;
HTML::Parser v3.55;
HTML::Scrubber v0.08;
HTML::Tagset v3.10;
HTML::TreeBuilder v3.23;
HTTP::Date v1.47;
I18N::LangTags v0.35;
integer v1.00;
IO v1.22;
IO::File v1.13;
IO::Handle v1.25;
IO::InnerFile v2.110;
IO::Lines v2.110;
IO::ScalarArray v2.110;
IO::Seekable v1.1;
IO::Select v1.17;
IO::Socket v1.29;
IO::Socket::INET v1.29;
IO::Socket::UNIX v1.22;
IO::WrapTie v2.110;
IPC::Open2 v1.02;
IPC::Open3 v1.02;
lib v0.5565;
List::Util v1.19;
Locale::Maketext v1.10;
Locale::Maketext::Fuzzy v0.10;
Locale::Maketext::Lexicon v0.64;
Locale::Maketext::Lexicon::Gettext v0.15;
Log::Dispatch v2.18;
Log::Dispatch::Base v1.09;
Log::Dispatch::File v1.22;
Log::Dispatch::Output v1.26;
Log::Dispatch::Screen v1.17;
Log::Dispatch::Syslog v1.18;
Mail::Address v1.77;
Mail::Field v1.77;
Mail::Field::AddrList v1.77;
Mail::Field::Date v1.77;
Mail::Header v1.77;
Mail::Internet v1.77;
MIME::Base64 v3.07;
MIME::Body v5.423;
MIME::Decoder v5.423;
MIME::Entity v5.423;
MIME::Field::ContDisp v5.423;
MIME::Field::ConTraEnc v5.423;
MIME::Field::ContType v5.423;
MIME::Field::ParamVal v5.423;
MIME::Head v5.423;
MIME::Parser v5.423;
MIME::QuotedPrint v3.07;
MIME::Tools v5.423;
MIME::Words v5.423;
Module::Versions::Report v1.03;
Net::LDAP v0.34;
Net::LDAP::ASN v0.04;
Net::LDAP::Constant v0.04;
Net::LDAP::Filter v0.15;
Net::LDAP::Message v1.09;
Net::LDAP::Util v0.11;
overload v1.04;
Params::Validate v0.88;
POSIX v1.09;
re v0.05;
Regexp::Common v2.120;
Regexp::Common::delimited v2.104;
RT v3.6.5;
RT::Interface::Email v2;
Scalar::Util v1.19;
SelectSaver v1.01;
Socket v1.78;
Storable v2.16;
strict v1.03;
Symbol v1.06;
Sys::Syslog v0.13;
Text::Template v1.44;
Text::Wrapper v1.01;
Tie::Hash v1.02;
Time::HiRes v1.9708;
Time::JulianDay v2003.1125;
Time::Local v1.11;
Time::ParseDate v2006.0814;
Time::Timezone v2006.0814;
Time::Zone v2.22;
UNIVERSAL v1.01;
UNIVERSAL::require v0.11;
URI v1.35;
URI::Escape v3.28;
utf8 v1.06;
vars v1.01;
warnings v1.05;
warnings::register v1.01;
XSLoader v0.06;

Variables de RT
RT::AmbiguousDayInPast 1
RT::BasePath /opt/rt3
RT::BinPath /opt/rt3/bin
RT::CORE_CONFIG_FILE /opt/rt3/etc/RT_Config.pm
RT::CommentAddress RT_CommentAddressNotSet
RT::CorrespondAddress RT_CorrespondAddressNotSet
RT::DatabaseHost localhost
RT::DatabaseName rt3
RT::DatabasePassword Password not printed
RT::DatabaseRTHost localhost
RT::DatabaseType mysql
RT::DatabaseUser rt_user
RT::DateDayBeforeMonth 1
RT::DefaultSearchResultFormat ‘id/TITLE:#’, ‘Subject/
TITLE:Subject’
, Status, QueueName, OwnerName, Priority, ‘NEWLINE’, ‘’,
Requestors’, ‘CreatedRelative’,
ToldRelative’,
LastUpdatedRelative’, ‘TimeLeft</
small>’

RT::DefaultSummaryRows 10
RT::EmailOutputEncoding utf-8
RT::EtcPath /opt/rt3/etc
RT::FriendlyFromLineFormat “%s via RT” <%s>
RT::FriendlyToLineFormat “%s of generix.fr Ticket #%s”:;
RT::LDAPExternalAuth 1
RT::LdapBase OU=TheMainUsersOU,DC=generix,DC=fr
RT::LdapExternalInfo 1
RT::LdapFilter (objectclass=*)
RT::LdapPass ThePassForLdapUser
RT::LdapServer hydrogene.generix.fr
RT::LdapUser CN=TheLdapUser,OU=TheMainUsersOU,DC=generix,DC=fr
RT::LocalEtcPath /opt/rt3/local/etc
RT::LocalLexiconPath /opt/rt3/local/po
RT::LocalPath /opt/rt3/local
RT::LogDir /opt/rt3/var/log
RT::LogToFile debug
RT::LogToFileNamed rt.log
RT::LogToScreen error
RT::LogToSyslog debug
RT::LogoURL /NoAuth/images/bplogo.gif
RT::LoopsToRTOwner 1
RT::MailCommand sendmailpipe
RT::MasonComponentRoot /opt/rt3/share/html
RT::MasonDataDir /opt/rt3/var/mason_data
RT::MasonLocalComponentRoot /opt/rt3/local/html
RT::MasonSessionDir /opt/rt3/var/session_data
RT::MaxAttachmentSize 10000000
RT::MaxInlineBody 13456
RT::MessageBoxWidth 72
RT::MessageBoxWrap HARD
RT::MinimumPasswordLength 5
RT::OldestTransactionsFirst 1
RT::Organization example.com
RT::OwnerEmail root
RT::RTAddressRegexp ^rt@example.com$
RT::RecordOutgoingEmail 1
RT::RedistributeAutoGeneratedMessages privileged
RT::SITE_CONFIG_FILE /opt/rt3/etc/RT_SiteConfig.pm
RT::SendmailArguments -oi -t
RT::SendmailBounceArguments -f “<>”
RT::SendmailPath /usr/sbin/sendmail
RT::ShowTransactionImages 1
RT::StrictLinkACL 1
RT::Timezone US/Eastern
RT::UseFriendlyFromLine 1
RT::VERSION 3.6.5
RT::VarPath /opt/rt3/var
RT::WebBaseURL http://itsupport.generix.fr:80
RT::WebDefaultStylesheet 3.5-default
RT::WebFlushDbCacheEveryRequest 1
RT::WebImagesURL /NoAuth/images/
RT::WebPort 80
RT::WebURL http://itsupport.generix.fr:80/
RT::rtname generix.fr

Configuration de Perl
Summary of my perl5 (revision 5 version 8 subversion 8) configuration:
Platform:
osname=linux, osvers=2.6.9-34.elsmp,
archname=i386-linux-thread-multi
uname=‘linux hs20-bc2-2.build.redhat.com 2.6.9-34.elsmp #1 smp fri
feb 24 16:56:28 est 2006 i686 i686 i386 gnulinux ’
config_args=’-des -Doptimize=-O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
–param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic
-fasynchronous-unwind-tables -Dversion=5.8.8 -Dmyhostname=localhost
-Dperladmin=root@localhost -Dcc=gcc -Dcf_by=Red Hat, Inc.
-Dinstallprefix=/usr -Dprefix=/usr -Darchname=i386-linux
-Dvendorprefix=/usr -Dsiteprefix=/usr -Duseshrplib -Dusethreads
-Duseithreads -Duselargefiles -Dd_dosuid -Dd_semctl_semun -Di_db
-Ui_ndbm -Di_gdbm -Di_shadow -Di_syslog -Dman3ext=3pm -Duseperlio
-Dinstallusrbinperl=n -Ubincompat5005 -Uversiononly
-Dpager=/usr/bin/less -isr -Dd_gethostent_r_proto -
Ud_endhostent_r_proto
-Ud_sethostent_r_proto -Ud_endprotoent_r_proto -Ud_setprotoent_r_proto
-Ud_endservent_r_proto -Ud_setservent_r_proto -Dinc_version_list=5.8.7
5.8.6 5.8.5 -Dscriptdir=/usr/bin’
hint=recommended, useposix=true, d_sigaction=define
usethreads=define use5005threads=undef useithreads=define
usemultiplicity=define
useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
use64bitint=undef use64bitall=undef uselongdouble=undef
usemymalloc=n, bincompat5005=undef
Compiler:
cc=‘gcc’, ccflags =‘-D_REENTRANT -D_GNU_SOURCE -fno-strict-
aliasing
-pipe -Wdeclaration-after-statement -I/usr/local/include
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/include/gdbm’,
optimize=‘-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
-fstack-protector --param=ssp-buffer-size=4 -m32 -march=i386
-mtune=generic -fasynchronous-unwind-tables’,
cppflags=‘-D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe
-Wdeclaration-after-statement -I/usr/local/include -I/usr/include/
gdbm’
ccversion=‘’, gccversion=‘4.1.1 20060928 (Red Hat 4.1.1-28)’,
gccosandvers=‘’
intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
d_longlong=define, longlongsize=8, d_longdbl=define,
longdblsize=12
ivtype=‘long’, ivsize=4, nvtype=‘double’, nvsize=8, Off_t=‘off_t’,
lseeksize=8
alignbytes=4, prototype=define
Linker and Libraries:
ld=‘gcc’, ldflags =’ -L/usr/local/lib’
libpth=/usr/local/lib /lib /usr/lib
libs=-lresolv -lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lpthread
-lc
perllibs=-lresolv -lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
libc=/lib/libc-2.5.so, so=so, useshrplib=true, libperl=libperl.so
gnulibc_version=‘2.5’
Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=‘-Wl,-E
-Wl,-rpath,/usr/lib/perl5/5.8.8/i386-linux-thread-multi/CORE’
cccdlflags=‘-fPIC’, lddlflags=‘-shared -O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
–param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic
-fasynchronous-unwind-tables -L/usr/local/lib’



The rt-users Archives

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

Another thing I tried: I simply removed my /opt/rt3/lib/RT/User_Local.pm
file to see if it would change anything. Nada. RT behaves as if it has
no use of this file and did not even know it existed. Is there a place
where this file is supposed to be called/invoqued that I could check ?

Which file should I modify to have it write comments in log file to
follow the “path” taken when I press the Connection button on RL login
page ?

Yours,

David

Hello,

With the precious help of some members of the mailing list, first and
foremost Edward Kovarski, we managed to get our RT 3.6.5 to run properly
on our RHEL5 server along with LDAP authentication with a Windows 2003
ActiveDirectory.

I’ll try to post here and/or on the wiki pages a kind of “RT3.6.5 & LDAP
for the Dummies” (as I consider myself a RT Dummy) to sum up all the
problems I faced and how those were sovled (most of the needed info is
there in the mailing list, on the internet, in the forums and in the
Wiki but some bits and direction where missing hence the troubles for a
newby).

I hope this way to contribute rather than be a simple “consumer”.

If anybody is facing similar problems with a similar config, I’ll gladly
try to give a hand as some of us kindly did for me.

yours,

David

I look forward to hearing of this Robert. Its one of those things Ive
been putting off for too long.

David ROBERT wrote: