Hello all…

I try to integrate ExternalAuth-0.08 Modul in RT.

But i don’t know exactly which system packages i need for it… for only an
Authentifiaction with RT no
Samba or other stuff

My System is : Ubuntu 10.04

here is my Ldap Config:

AN EXAMPLE LDAP SERVICE

Set($ExternalAuthPriority, [ ‘My_LDAP’ ] );
Set($ExternalInfoPriority, [ ‘My_LDAP’ ] );
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 0);

                                    'My_LDAP'       =>  {   ## GENERIC

SECTION
# The type of
service (db/ldap/cookie)
‘type’
=> ‘ldap’,
# The server hosting
the service
‘server’
=> ‘192.168.123.41’,
## SERVICE-SPECIFIC
SECTION
# If you can bind to
your LDAP server anonymously you should
# remove the user
and pass config lines, otherwise specify them here:
# The username RT
should use to connect to the LDAP server
‘user’
=> ‘USER’,
# The password RT
should use to connect to the LDAP server
‘pass’
=> ‘password’,
# The LDAP search
base
‘base’
=> ‘ou=Benutzer,ou=SBAOU,dc=sbah,dc=local’,
# ALL FILTERS MUST
BE VALID LDAP FILTERS ENCASED IN PARENTHESES!
# YOU MUST
SPECIFY A filter AND A d_filter!!
# The filter to use
to match RT-Users
‘filter’
=> ‘(objectClass=User)’,
# A catch-all
example filter: ‘(objectClass=*)’
# The filter that
will only match disabled users
‘d_filter’
=> ‘(objectClass=FooBarBaz)’,
# A catch-none
example d_filter: ‘(objectClass=FooBarBaz)’
# Should we try to
use TLS to encrypt connections?
‘tls’
=> 0,
# SSL Version to
provide to Net::SSLeay if using SSL
‘ssl_version’
=> 3,
# What other args
should I pass to Net::LDAP->new($host,@args)?
‘net_ldap_args’
=> [ version => 3 ],
# Does
authentication depend on group membership? What group name?
‘group’
=> ‘GROUP_NAME’,
# What is the
attribute for the group object that determines membership?
‘group_attr’
=> ‘GROUP_ATTR’,
## RT ATTRIBUTE
MATCHING SECTION
# The list of RT
attributes that uniquely identify a user
# This example shows
what you can specify… I recommend reducing this
# to just the Name
and EmailAddress to save encountering problems later.
‘attr_match_list’
=> [ ‘Name’,

‘EmailAddress’,

],
# The mapping of RT
attributes on to LDAP attributes
‘attr_map’
=> { ‘Name’ => ‘sAMAccountName’,

‘EmailAddress’ => ‘mail’,

‘Organization’ => ‘physicalDeliveryOfficeName’,

‘RealName’ => ‘cn’,

‘ExternalAuthId’ => ‘sAMAccountName’,

‘Gecos’ => ‘sAMAccountName’,

‘WorkPhone’ => ‘telephoneNumber’,

‘Address1’ => ‘streetAddress’,

‘City’ => ‘l’,

‘State’ => ‘st’,

‘Zip’ => ‘postalCode’,

‘Country’ => ‘co’

}
},

may sb could help me… it will be great …

best regards john
View this message in context: http://old.nabble.com/RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-Authentification---tp31342791p31342791.html

I try to integrate ExternalAuth-0.08 Modul in RT.

You don’t say your RT version, or what fails, it is possible you need
.08_01 if you’re running RT 3.8.9

You don’t say your RT version, or what fails, it is possible you need .08_01
if you’re running RT 3.8.9

Hello Kevin

Sorry i forgot i currently useig the Version 3.8.9

So i had followed your advice and now the RT-Authen-ExternalAuth-0.08_01 is
still running.

At first it looks better than before, now i get response from the rt.log…
but there still some problems …

here is the relevant piece of information from my log file:

Reloading RT::User to work around a bug in RT-3.8.0 and RT-3.8.1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:14)
[Mon Apr 11 12:13:55 2011] [debug]: Attempting to use external auth service:
My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Mon Apr 11 12:13:55 2011] [debug]: SSO Failed and no user to test with.
Nexting
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92)
[Mon Apr 11 12:13:55 2011] [debug]: Attempting to use external auth service:
My_MySQL
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Mon Apr 11 12:13:55 2011] [debug]: SSO Failed and no user to test with.
Nexting
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92)
[Mon Apr 11 12:13:55 2011] [debug]: Attempting to use external auth service:
My_SSO_Cookie
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Mon Apr 11 12:13:55 2011] [debug]: SSO Failed and no user to test with.
Nexting
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92)
[Mon Apr 11 12:13:55 2011] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26)
[Mon Apr 11 12:14:06 2011] [debug]: Attempting to use external auth service:
My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Mon Apr 11 12:14:06 2011] [debug]: Calling UserExists with $username
(RT-USER) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105)
[Mon Apr 11 12:14:06 2011] [debug]: Invalid service type for UserExists:
My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:361)
[Mon Apr 11 12:14:06 2011] [debug]: Attempting to use external auth service:
My_MySQL
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Mon Apr 11 12:14:06 2011] [debug]: Calling UserExists with $username
(RT-USER) and $service (My_MySQL)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105)
[Mon Apr 11 12:14:06 2011] [debug]: Invalid service type for UserExists:
My_MySQL
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:361)
[Mon Apr 11 12:14:06 2011] [debug]: Attempting to use external auth service:
My_SSO_Cookie
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Mon Apr 11 12:14:06 2011] [debug]: Calling UserExists with $username
(RT-USER) and $service (My_SSO_Cookie)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105)
[Mon Apr 11 12:14:06 2011] [debug]: Invalid service type for UserExists:
My_SSO_Cookie
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:361)
[Mon Apr 11 12:14:06 2011] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26)
[Mon Apr 11 12:14:06 2011] [error]: FAILED LOGIN for RT-USER from
192.168.112.1 (/opt/rt3/bin/…/lib/RT/Interface/Web.pm:424)

Thanks in advance

best regrads john s.

View this message in context: http://old.nabble.com/RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-Authentification---tp31342791p31369863.html

Someone out there ?

best regards john s.
View this message in context: http://old.nabble.com/RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-Authentification---tp31342791p31385180.html

Solved with a help from a colleague

Here’s the solution:

Set($ExternalSettings,{‘My_LDAP’ =>{ ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ => ‘xxx.xxx.local’,
‘user’ =>
‘CN=User,OU=Benutzer,OU=xxx,DC=xxx,DC=xx’, # THat was the crucial point
‘pass’ => ‘pass’,
‘base’ =>
‘OU=xxx,OU=xxx,DC=xxx,DC=local’,
‘filter’ =>
‘(memberOf=CN=RT,OU=Gruppen,OU=xxx,DC=xxx,DC=xxx)’, #and the filter is
modified
‘d_filter’ =>
‘(userAccountControl=514)’,
‘tls’ => 1,
‘ssl_version’ => 3,
‘net_ldap_args’ => [ version =>
3 ],

                 'attr_match_list'           => [    'Name',
                                                     'EmailAddress',
                                                ],
                 'attr_map'                  =>  {  'Name' =>

‘sAMAccountName’,
‘RealName’ => ‘cn’,
‘EmailAddress’ =>
‘mail’,
‘Organization’ =>
‘physicalDeliveryOfficeName’,
‘ExternalAuthId’ =>
‘sAMAccountName’,
‘WorkPhone’ =>
‘telephoneNumber’,
‘Address1’ =>
‘streetAddress’,
‘City’ => ‘l’,
‘Zip’ =>
‘postalCode’,

                                                 }
                                                                    }

}

best regards john s.
View this message in context: http://old.nabble.com/RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-Authentification---tp31342791p31635938.html