Hello, new user here.
I am currently setting up an install of RT 5.0.1 on CentOS 8. Everything has gone pretty smoothly so far. Last week, I successfully configured LDAPimport to pull in our user credentials from Windows AD server.
Our users could login without a hitch as per the following log:
[20370] [Mon May 3 14:18:57 2021] [info]: My_LDAP AUTH FAILED xxxxxxx@xyz.com (can't bind: LDAP_INVALID_CREDENTIALS 49 ) (/opt/rt5/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:274)
[20370] [Mon May 3 14:19:07 2021] [info]: RT::Authen::ExternalAuth::LDAP::GetAuth External Auth OK ( My_LDAP ): xxxxxxx@xyz.com (/opt/rt5/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:348)
Yesterday, I changed the config file to allow creation of a “generic” user that doesn’t existing on LDAP. I added the following line to my RT_Siteconfig.d/
Set($AutoCreateNonExternalUsers, 1);
I was able to create a “local” user and login to that account. Since I have done that, all the Active Directory users are not able to login anymore. The following log shows that the LDAP.pm module isn’t queried upon login, only the Web.pm now.
[20370] [Mon May 3 14:18:57 2021] [error]: FAILED LOGIN for xxxxxxx@xyz.com from 1.2.3.4 (/opt/rt5/sbin/../lib/RT/Interface/Web.pm:840)
If I reset the password of the user on RT through the root account, then that user is able to login, but still through Web.pm, not the ExternalAuth.
I have tried reverting the config and remove the $AutoCreateNonExternalUsers variable, but the same thing keeps on happening.