Hi Jhon,

Based on the Rt_SiteConfig piece you sent, there is a missing variable
setting in your configuration.

You put this:

Set($AutoCreateNonExternalUsers, 0);

‘My_LDAP’ => { ## GENERIC

.

It should be like this:

Set($ExternalSettings, { # AN EXAMPLE DB SERVICE

                            'My_LDAP'   => 

In addition, based on the log you sent, you are also configuring My_SSO and
My_MySQL. If you are not using these services to authenticate, please delete
them from the RT_SiteConfig file. If you are using them I would recommend
you going step by step. First configure the LDAP, then go for the next
source

This is an example of a working conf, using RT 3.8.9 and LDAP = Active
Directory:

#Set($WebExternalAuth, 1);

#Set($WebExternalAuthContinuous, 1);

#Set($WebExternalGecos , undef);

#Set($WebExternalAuto , true);

#Set($WebFallbackToInternalAuth , undef);

Set($ExternalAuthPriority, [ ‘My_LDAP’ ]);

Set($ExternalInfoPriority, [‘My_LDAP’]);

Set($ExternalServiceUsesSSLorTLS, 0);

Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {

‘My_LDAP’ => { ## GENERIC SECTION

                                                   'type'

=> ‘ldap’,

                                                    'server'

=> ‘***.***.***.***’,

                                                    'user'

=> ‘**********’,

                                                    'pass'

=> ‘********’,

                                                    'base'

=> ‘DC=*****,DC=com,DC=ve’,

                                                    'filter'

=> ‘(objectClass=*)’,

                                                    'd_filter'

=> ‘(userAccountControl=514)’,

                                                    'tls'

=> 0,

                                                    'net_ldap_args'

=> [ version => 3 ],

                                                    #'group'

=> ‘GROUP_NAME’,

                                                    #'group_attr'

=> ‘GROUP_ATTR’,

                                                    'attr_match_list'

=> [ ‘Name’,

‘EmailAddress’

‘RealName’,

‘WorkPhone’

],

                                                    'attr_map'

=> { ‘Name’ => ‘sAMAccountName’,

‘EmailAddress’ => ‘mail’,

‘RealName’ => ‘cn’,

‘WorkPhone’ => ‘telephoneNumber’

}

                                                }

                            }

);

o Set( @Plugins, qw( RT::Authen::ExternalAuth ) );

Give a shot with this, and then get back with the resulted log file and
final configuration.

Hope this helps,

Best,

Luis Avendaño

Hello Luis

First of all many thanks for you help

I have set my ldap configuration in this way which you have described,
but there are still coming some error messages in relation to the apache2
log file:

cutout apache.log:
Couldn’t load RT config file RT_SiteConfig.pm:\n\nsyntax error at
/opt/rt3/etc/RT_SiteConfig.pm line 146, near “‘EmailAddress’”\nCompilation
failed in require at /opt/rt3/bin/…/lib/RT/Config.pm line 562.\nCompilation
failed in require at (eval 2) line 1.\n

Similar errors comes if try to activate the following command lines:

‘tls’ => 0,
ssl_version’ => 3,
‘net_ldap_args’ => [ version => 3 ],
‘group’ => ‘User’,
‘group’ => ‘GROUP_NAME’,
‘attr_match_list’ => [ ‘Name’,
# ‘EmailAddress’, ],

‘attr_map’

=> { ‘Name’ => ‘sAMAccountName’,

#‘EmailAddress’ => ‘mail’,
# ‘Organization’ => #
‘Organization’ => ‘physicalDeliveryOfficeName’,

‘RealName’ => ‘cn’,

‘ExternalAuthId’ => ‘sAMAccountName’,

‘Gecos’ => ‘sAMAccountName’,

‘WorkPhone’ => ‘telephoneNumber’,

‘Address1’ => ‘streetAddress’,

‘City’ => ‘l’,

‘State’ => ‘st’,

‘Zip’ => ‘postalCode’,

‘Country’ => ‘co’

}
}

);

So i had to comment out some command lines in order to determine whats
going wrong and the the apache server will runing fine :

Her is my new config:

#########RT Authenth#############

Set($ExternalAuthPriority, [ ’ My_LDAP’ ]);
Set($ExternalInfoPriority, [‘My_LDAP’]);
Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {‘My_LDAP’ => { ## GENERIC SECTION
# The type of service (db/ldap/cookie)
‘type’ => ‘ldap’,
# The server hosting
the service
‘server’ =>
‘192.168.23.40’,
## SERVICE-SPECIFIC
SECTION
# If you can bind to
your LDAP server anonymously you should
# remove the user
and pass config lines, otherwise specify them here:
# The username RT
should use to connect to the LDAP server
‘user’ => ‘USER’,
# The password RT
should use to connect to the LDAP server
‘pass’ =>
‘password’,
# The LDAP search
base
‘base’ => ‘ou=****
Unit,dc=s***,dc=local’,
# ALL FILTERS MUST
BE VALID LDAP FILTERS ENCASED IN PARENTHESES!
# YOU MUST
SPECIFY A filter AND A d_filter!!
# The filter to use
to match RT-Users
‘filter’ =>
‘(ObjectClass=)',
# A catch-all
example filter: '(objectClass=)’
# The filter that
will only match disabled users
‘d_filter’ =>
‘(userAccountControl=514)’
# A catch-none
example d_filter: ‘(objectClass=FooBarBaz)’
# Should we try to
use TLS to encrypt connections?
# ‘tls’ => 0,
# SSL Version to
provide to Net::SSLeay if using SSL
# ‘ssl_version’ =>
3,
# What other args
should I pass to Net::LDAP->new($host,@args)?
# ‘net_ldap_args’ =>
[ version => 3 ],
# Does
authentication depend on group membership? What group name?
# ‘group’ =>
‘GROUP_NAME’,
# What is the
attribute for the group object that determines membership?
# ‘group_attr’ =>
‘GROUP_NAME’,
## RT ATTRIBUTE
MATCHING SECTION
# The list of RT
attributes that uniquely identify a user
# This example shows what you can specify… I recommend reducing
this
# to just the Name
and EmailAddress to save encountering problems later.
# ‘attr_match_list’
=> [ ‘Name’,

‘EmailAddress’,

],
# The mapping of RT
attributes on to LDAP attributes
# ‘attr_map’
=> { ‘Name’ => ‘sAMAccountName’,

#‘EmailAddress’ => ‘mail’,

‘Organization’ => ‘physicalDeliveryOfficeName’,

‘RealName’ => ‘cn’,

‘ExternalAuthId’ => ‘sAMAccountName’,

‘Gecos’ => ‘sAMAccountName’,

‘WorkPhone’ => ‘telephoneNumber’,

‘Address1’ => ‘streetAddress’,

‘City’ => ‘l’,

‘State’ => ‘st’,

‘Zip’ => ‘postalCode’,

‘Country’ => ‘co’

}
}

);

best regards john s.

View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31395522.html

Hi John,

apparently your problem is this:

‘attr_match_list’ => [ ‘Name’,

‘EmailAddress’, ],

‘attr_map’

=> { ‘Name’ => ‘sAMAccountName’,
…

You have to ensure formatting correctly the list. For example:
‘attr_match_list’ => [ ‘Name’ ]… you are doing this: ‘attr_match_list’ =>
[ ‘Name’,

In addition, check also attr_map. For example:

‘attr_map’ => { ‘Name’ =>
‘sAMAccountName’,

‘EmailAddress’ => ‘mail’,

‘RealName’ => ‘cn’,

                                                                  'WorkPhone'

=> ‘telephoneNumber’

}

The error you are getting is that the SiteConfig is not correctly formed.

Hope this helps,

Best,

Luis Avendaño
Grupo Latinoamericano ACM
Av. Venezuela Torre America,
Piso 1 Ofic 116, Bello Monte.
Caracas, Venezuela
Phone: (+58) 212-763.4104
Fax: (+58) 212-763.1847
http://www.acmgrp.com

******************************************** USO DE CORREO ELECTRÓNICO DE
ACM **************************************************

Este mensaje puede contener información únicamente de interés para ACM
GROUP o sus negocios y es enviado solamente al destinatario designado, y
puede contener información privilegiada, patentada o privada. La copia,
distribución, revelación o cualquier uso de la información contenida en
este mensaje es permitida solo a personas autorizadas. Si ha recibido este
correo electrónico por error, por favor destruyalo y notifique
inmediatamente a webmaster@acmgrp.com o al remitente

************************************** ACM GROUP INTERNET E-MAIL USE

This message may contain information solely of the interest of ACM or its
businesses and is delivered for the designated recipient only and may
containprivileged, proprietary, or otherwise privatetion. Copying,
distribution, disclosure or any use of the information contained in this
transmission is permitted only to authorized parties. If you have received
this e-mail by error, please destroy it and notify webmaster@acmgrp.com or
the sender immediately

Greetings Louis

Despite your piece of good advice my Syntax is correct also,

Cause i only used the # Sign to comment out the Lines which will apache2 get
into trouble.If try to run normally the same issue appears.

And in refer to the Readme … you can also write:

‘attr_match_list’ => [ ‘Name’,

‘EmailAddress’,

‘RealName’,

‘WorkPhone’,

‘Address2’

],

the only important thing is to set the brackets correctly and this will
benoticed if you try to restart apache

So… thats not the problem

any other clue or idea?

best regards john s.

View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31404102.html

Hi John,

you have a syxtax error somewhere, and it’s pretty close when you set
EmailAddress. Your error is:

Couldn’t load RT config file RT_SiteConfig.pm:nnsyntax error at
/opt/rt3/etc/RT_SiteConfig.pm line 146, near "‘EmailAddress’"nCompilation
failed in require at /opt/rt3/bin/…/lib/RT/Config.pm line
562.nCompilation
failed in require at (eval 2) line 1.n

Try to make a configuration file without all the comments you have within
the Authen:External008… conf (delete all the #). You might be missing
something.

Best Regards,

Greetings Louis

Despite your piece of good advice my Syntax is correct also,

Cause i only used the # Sign to comment out the Lines which will apache2
get
into trouble.If try to run normally the same issue appears.

And in refer to the Readme … you can also write:

‘attr_match_list’ => [ ‘Name’,

‘EmailAddress’,

‘RealName’,

‘WorkPhone’,

‘Address2’

],

the only important thing is to set the brackets correctly and this will
benoticed if you try to restart apache

So… thats not the problem

any other clue or idea?

best regards john s.

Message: 3Date: Fri, 15 Apr 2011 02:26:11 -0700 (PDT)
From: “john s.”
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i
need for
Message-ID:
Content-Type: text/plain; charset=us-ascii

Greetings Louis

Despite your piece of good advice my Syntax is correct also,

Cause i only used the # Sign to comment out the Lines which will apache2
get
into trouble.If try to run normally the same issue appears.

And in refer to the Readme … you can also write:

‘attr_match_list’ => [ ‘Name’,

‘EmailAddress’,

‘RealName’,

‘WorkPhone’,

‘Address2’

],

the only important thing is to set the brackets correctly and this will
benoticed if you try to restart apache

So… thats not the problem

any other clue or idea?

best regards john s.

View this message in context:

Greetings Luis

okay i have trimmed my config a little bit and now it look like this:

Set($ExternalAuthPriority, [ ’ My_LDAP’ ]);
Set($ExternalInfoPriority, [‘My_LDAP’]);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {‘My_LDAP’ => { ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ =>
‘ipserver’,
‘user’ => ‘USER’,
‘pass’ => ‘pass’,
‘base’ => ‘ou=OU
Unit,dc=sb,dc=local’,
‘filter’ =>
‘(ObjectClass=*)’,
‘d_filter’ =>
‘(userAccountControl=514)’
# ‘tls’ => 0,
‘ssl_version’ =>
3,
‘net_ldap_args’ => [
version => 3 ],
‘group’ =>
‘Benutzer’,
‘group_attr’ =>
‘GROUP_ATTR’,
‘attr_match_list’
=> [ ‘Name’,

‘EmailAddress’,

],
‘attr_map’
=> { ‘Name’ => ‘sAMAccountName’,

}
}

}
);

And now i have also posted the apache logfile, cause this comments the steps
from which lines i had to comment out that apache will start… so thats the
basic without any outlines… and this one doesn’t work…
http://pastebin.com/PHpDsi7S http://pastebin.com/PHpDsi7S

and now the config which let apache started:

#########RT Authenth#############

Set($ExternalAuthPriority, [ ’ My_LDAP’ ]);
Set($ExternalInfoPriority, [‘My_LDAP’]);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {‘My_LDAP’ => { ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ =>
‘192.168.10.40’,
‘user’ => ‘RT-USER’,
‘pass’ =>
‘sl-pg33011’,
‘base’ => ‘ou=SBAOU
Unit,dc=sbah,dc=local’,
‘filter’ =>
‘(ObjectClass=*)’,
‘d_filter’ =>
‘(userAccountControl=514)’
# ‘tls’ => 0,
# ‘ssl_version’ =>
3,
# ‘net_ldap_args’ =>
[ version => 3 ],
# ‘group’ =>
‘Benutzer’,
# ‘group_attr’ =>
‘GROUP_ATTR’,
# ‘attr_match_list’
=> [ ‘Name’,

‘EmailAddress’,

],

                                                   # 'attr_map'                 

=> { ‘Name’ => ‘sAMAccountName’,

#‘EmailAddress’ => ‘mail’,

‘Organization’ => ‘physicalDeliveryOfficeName’,

‘RealName’ => ‘cn’,

‘ExternalAuthId’ => ‘sAMAccountName’,

‘Gecos’ => ‘sAMAccountName’,

‘WorkPhone’ => ‘telephoneNumber’,

‘Address1’ => ‘streetAddress’,

‘City’ => ‘l’,

‘State’ => ‘st’,

‘Zip’ => ‘postalCode’,

‘Country’ => ‘co’

}
}

#}
);

So as far as you can see, the other version with clean comments and # signs
doesn’t work.

But i don’t know why

or if i walking completely off the track at the moment …

Best regards john s.

View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31422830.html

Addition:

So i have make an tracelog over port 389 with tcpdump…

The Result:

No request is going out if I try to authorize on RT

so i think the plugin doesn’t work anymore …

best regards john s.

View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31423760.html

Hi John,

It looks that you missed a comma after ‘d_filter’ =>
‘(userAccountControl=514)’

In addition, please check you settings here

'attr_map' =>  {   'Name' => 'sAMAccountName',...

Nothing else to match? If so, just to be sure, please delete the comma after
‘sAMAccountName’.

Finally, I would recommend you to comment ‘ssl_version’ => 3,

After you get this configuration to work, then you can “play” with the SSL
configuration.

Good luck,

Best,

4. Re: RT-Authen-ExternalAuth-0.08 which packages i need for
   (john s.)

Message: 4Date: Mon, 18 Apr 2011 04:07:28 -0700 (PDT)
From: “john s.” fireskyer@gmx.de
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i
need for
Message-ID: 31422830.post@talk.nabble.com
Content-Type: text/plain; charset=us-ascii

Greetings Luis

okay i have trimmed my config a little bit and now it look like this:

Set($ExternalAuthPriority, [ ’ My_LDAP’ ]);
Set($ExternalInfoPriority, [‘My_LDAP’]);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {‘My_LDAP’ => { ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ =>
‘ipserver’,
‘user’ => ‘USER’,
‘pass’ => ‘pass’,
‘base’ => ‘ou=OU
Unit,dc=sb,dc=local’,
‘filter’ =>
‘(ObjectClass=*)’,
‘d_filter’ =>
‘(userAccountControl=514)’
# ‘tls’ => 0,
‘ssl_version’ =>
3,
‘net_ldap_args’ => [

version => 3 ],
‘group’ =>
‘Benutzer’,
‘group_attr’ =>
‘GROUP_ATTR’,
‘attr_match_list’

=> [ ‘Name’,

‘EmailAddress’,

],
‘attr_map’

=> { ‘Name’ => ‘sAMAccountName’,

}
}

}
);

And now i have also posted the apache logfile, cause this comments the steps
from which lines i had to comment out that apache will start… so thats the
basic without any outlines… and this one doesn’t work…
http://pastebin.com/PHpDsi7S http://pastebin.com/PHpDsi7S

and now the config which let apache started:

#########RT Authenth#############

Set($ExternalAuthPriority, [ ’ My_LDAP’ ]);
Set($ExternalInfoPriority, [‘My_LDAP’]);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {‘My_LDAP’ => { ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ =>
‘192.168.10.40’,
‘user’ => ‘RT-USER’,
‘pass’ =>
‘sl-pg33011’,
‘base’ => 'ou=SBAOU

Unit,dc=sbah,dc=local’,
‘filter’ =>
‘(ObjectClass=*)’,
‘d_filter’ =>
‘(userAccountControl=514)’
# ‘tls’ => 0,
# ‘ssl_version’ =>
3,
# ‘net_ldap_args’ =>
[ version => 3 ],
# ‘group’ =>
‘Benutzer’,
# ‘group_attr’ =>
‘GROUP_ATTR’,
# ‘attr_match_list’

=> [ ‘Name’,

‘EmailAddress’,

],

                                                   # 'attr_map'

=> { ‘Name’ => ‘sAMAccountName’,

#‘EmailAddress’ => ‘mail’,

‘Organization’ => ‘physicalDeliveryOfficeName’,

‘RealName’ => ‘cn’,

‘ExternalAuthId’ => ‘sAMAccountName’,

‘Gecos’ => ‘sAMAccountName’,

‘WorkPhone’ => ‘telephoneNumber’,

‘Address1’ => ‘streetAddress’,

‘City’ => ‘l’,

‘State’ => ‘st’,

‘Zip’ => ‘postalCode’,

‘Country’ => ‘co’

}
}

#}
);

So as far as you can see, the other version with clean comments and # signs
doesn’t work.

But i don’t know why

or if i walking completely off the track at the moment …

Best regards john s.

View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-nee
d-for-tp31388437p31422830.html

Luis Avendaño

you also have a space befor My_LDAP here, wich does not match the later
defined service

Set($ExternalAuthPriority, [ ’ My_LDAP’ ]);
…
Set($ExternalSettings, {‘My_LDAP’ => {

Luis Avenda�o lavendano@acmgrp.com
Envoy� par : rt-users-bounces@lists.bestpractical.com
18/04/2011 15:32

A
rt-users@lists.bestpractical.com
cc

Objet
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for

Hi John,

It looks that you missed a comma after ‘d_filter’ =>
‘(userAccountControl=514)’

In addition, please check you settings here

             'attr_map' =>  {   'Name' => 'sAMAccountName',...

Nothing else to match? If so, just to be sure, please delete the comma
after
‘sAMAccountName’.

Finally, I would recommend you to comment ‘ssl_version’ => 3,

After you get this configuration to work, then you can “play” with the SSL
configuration.

Good luck,

Best,

4. Re: RT-Authen-ExternalAuth-0.08 which packages i need for
   (john s.)

Message: 4Date: Mon, 18 Apr 2011 04:07:28 -0700 (PDT)
From: “john s.” fireskyer@gmx.de
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i
need for
Message-ID: 31422830.post@talk.nabble.com
Content-Type: text/plain; charset=us-ascii

Greetings Luis

okay i have trimmed my config a little bit and now it look like this:

Set($ExternalAuthPriority, [ ’ My_LDAP’ ]);
Set($ExternalInfoPriority, [‘My_LDAP’]);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {‘My_LDAP’ => { ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ =>
‘ipserver’,
‘user’ => ‘USER’,
‘pass’ => ‘pass’,
‘base’ => ‘ou=OU
Unit,dc=sb,dc=local’,
‘filter’ =>
‘(ObjectClass=*)’,
‘d_filter’ =>
‘(userAccountControl=514)’
# ‘tls’ => 0,
‘ssl_version’ =>
3,
‘net_ldap_args’ =>
[

version => 3 ],
‘group’ =>
‘Benutzer’,
‘group_attr’ =>
‘GROUP_ATTR’,
‘attr_match_list’

=> [ ‘Name’,

‘EmailAddress’,

],
‘attr_map’

=> { ‘Name’ => ‘sAMAccountName’,

}
}

}
);

And now i have also posted the apache logfile, cause this comments the
steps
from which lines i had to comment out that apache will start… so thats
the
basic without any outlines… and this one doesn’t work…
http://pastebin.com/PHpDsi7S http://pastebin.com/PHpDsi7S

and now the config which let apache started:

#########RT Authenth#############

Set($ExternalAuthPriority, [ ’ My_LDAP’ ]);
Set($ExternalInfoPriority, [‘My_LDAP’]);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {‘My_LDAP’ => { ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ =>
‘192.168.10.40’,
‘user’ =>
‘RT-USER’,
‘pass’ =>
‘sl-pg33011’,
‘base’ =>
'ou=SBAOU

Unit,dc=sbah,dc=local’,
‘filter’ =>
‘(ObjectClass=*)’,
‘d_filter’ =>
‘(userAccountControl=514)’
# ‘tls’ => 0,
# ‘ssl_version’ =>

3,
# ‘net_ldap_args’
=>
[ version => 3 ],
# ‘group’ =>
‘Benutzer’,
# ‘group_attr’ =>
‘GROUP_ATTR’,
# ‘attr_match_list’

=> [ ‘Name’,

‘EmailAddress’,

],

                                                   # 'attr_map'

=> { ‘Name’ => ‘sAMAccountName’,

#‘EmailAddress’ => ‘mail’,

‘Organization’ => ‘physicalDeliveryOfficeName’,

‘RealName’ => ‘cn’,

‘ExternalAuthId’ => ‘sAMAccountName’,

‘Gecos’ => ‘sAMAccountName’,

‘WorkPhone’ => ‘telephoneNumber’,

‘Address1’ => ‘streetAddress’,

‘City’ => ‘l’,

‘State’ => ‘st’,

‘Zip’ => ‘postalCode’,

‘Country’ => ‘co’

}
}

#}
);

So as far as you can see, the other version with clean comments and #
signs
doesn’t work.

But i don’t know why

or if i walking completely off the track at the moment …

Best regards john s.

View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-nee

d-for-tp31388437p31422830.html

Luis Avenda�o

" Ce courriel et les documents qui lui sont joints peuvent contenir des
informations confidentielles ou ayant un caract�re priv�. S’ils ne vous sont
pas destin�s, nous vous signalons qu’il est strictement interdit de les
divulguer, de les reproduire ou d’en utiliser de quelque mani�re que ce
soit le contenu. Si ce message vous a �t� transmis par erreur, merci d’en
informer l’exp�diteur et de supprimer imm�diatement de votre syst�me
informatique ce courriel ainsi que tous les documents qui y sont attach�s."

" This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, you are
notified that any dissemination, copying of this e-mail and any attachments
thereto or use of their contents by any means whatsoever is strictly
prohibited. If you have received this e-mail in error, please advise the
sender immediately and delete this e-mail and all attached documents
from your computer system."

Greetign Raphael i have changed this … and nothing happens …

here is an outline from my apachelogfile:

[Mon Apr 18 15:33:33 2011] [debug]: Attempting to use external auth service:
My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Mon Apr 18 15:33:33 2011] [debug]: Calling UserExists with $username
(RT-USER) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105)
[Mon Apr 18 15:33:33 2011] [debug]: UserExists params:
username: RT-USER , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)
[Mon Apr 18 15:33:33 2011] [debug]: LDAP Search === Base: ou=SBAOU
Unit,dc=srv41,dc=sbah,dc=local == Filter:
(&(ObjectClass=*)(sAMAccountName=RT-USER)) == Attrs: cn,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)
[Mon Apr 18 15:33:33 2011] [debug]: User Check Failed :: ( My_LDAP ) RT-USER
User not found
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:318)
[Mon Apr 18 15:33:33 2011] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26)
[Mon Apr 18 15:33:33 2011] [error]: FAILED LOGIN for RT-USER from
192.168.112.1 (/opt/rt3/bin/…/lib/RT/Interface/Web.pm:424)
[Mon Apr 18 15:33:33 2011] [debug]: Attempting to use external auth service:
My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Mon Apr 18 15:33:33 2011] [debug]: SSO Failed and no user to test with.
Nexting
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92)
[Mon Apr 18 15:33:33 2011] [debug]: Autohandler called ExternalAuth.
Response: (0, No User)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:26)
[Mon Apr 18 15:33:34 2011] [debug]: Attempting to use external auth service:
My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Mon Apr 18 15:33:34 2011] [debug]: SSO Failed and no user to test with.
Nexting
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:92)
[Mon Apr 18 15:33:34 2011] [debug]: Autohandler called ExternalAuth.
Response: (0, No User) (/opt/rt3/local/

so as far as i can see he find the user … but the user check fails… but
i don’t know what does it mean exactly

ps: i thought perl doesn’t pay much attention on spaces …

best regards john s.

View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31425121.html

okay i’m gonna one step closer to finish … i think

so i had logged my ldap request on both sides server ( win2008 with perfmon)
and client ( ubuntu with tcpdump)

so the request still works but if i look closer to the log file from the
server, there is an entry with ldap request from the client and he can’t
find the user …

It looks like this:

Ldap perfmon log:

xxx.xxx.xxx.xxx:2799 NTDS None TCP 4 32 NonDSE Can’t find
object 0.0 0

So i think it must sth wrong with the parameter in the extension but i
don’t know what and in which way

…

best regards john

View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31438804.html

Is it clear what i want? No? okay i try to describe a litte bit more exaclty
as far as possible from myself

okay my ldapseach command which runs perfectly is:

sudo ldapsearch -h xxx.xxx.local -D “xxx\User” -w “password” -b “'dc=xxx,
dc=local” -s sub “sAMAccountName=USER”

So here are my RT Config Parameter again:

Set($ExternalSettings,{‘My_LDAP’ =>{ ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ => ‘192.168.123.45’,
‘user’ => ‘USER’,
‘pass’ => ‘password’,
‘base’ =>
‘ou=companyou,ou=User,dc=xxx,dc=xxx,dc=local’,
‘filter’ => ‘(ObjectClass=*)’,
‘d_filter’ =>
‘(userAccountControl=514)’
# ‘tls’ => 0,
# ‘ssl_version’ => 3,
‘net_ldap_args’ => [ version => 3 ],
# ‘group’ => ‘Benutzer’,
# ‘group_attr’ => ‘GROUP_ATTR’,
‘attr_match_list’ => [ ‘Name’,
# ‘EmailAddress’,
],
‘attr_map’ => { ‘Name’ =>
‘sAMAccountName’,
‘RealName’ => ‘cn’,
‘EmailAddress’ =>
‘mail’,
‘Organization’ =>
‘physicalDeliveryOfficeName’,
‘RealName’ => ‘cn’,
‘ExternalAuthId’ =>
‘sAMAccountName’,
‘Gecos’ =>
‘sAMAccountName’,
‘WorkPhone’ =>
‘telephoneNumber’,
‘Address1’ =>
‘streetAddress’,
‘City’ => ‘l’,
‘State’ => ‘st’,
‘Zip’ =>
‘postalCode’,
‘Country’ => ‘co’

}
}

I’ll try to find out, which parameter doesn’t match with the ldap one …
cause if i try to authorize on rt with an ad user my AD gives the following
message out:

xxx.xxx.xxx.xxx:2799 NTDS None TCP 4 32 NonDSE Can’t find
object 0.0 0

best regards john s.

View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448102.html

hello,

i would say that as you have commented ou the EmailAdress in the attribute
match list, you need to remove the , (comma) after the Name attribute
I think i remember having some error similar ; the last parameter must NOT
have the comma, at the end of the line
so your config would look like :

‘attr_match_list’ => [ ‘Name’
# ‘EmailAddress’,
],

Rapha�l

Rapha�l MOUNEYRES
Ing�nieur Moyens Tests
Avenue Paul Gellos 64990 Mouguerre
Phone: +33 (0)5 59 58 41 51
Email: raphael.mouneyres@sagemcom.com

“john s.” fireskyer@gmx.de
Envoy� par : rt-users-bounces@lists.bestpractical.com
21/04/2011 11:31

A
rt-users@lists.bestpractical.com
cc

Objet
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for

Is it clear what i want? No? okay i try to describe a litte bit more
exaclty
as far as possible from myself

okay my ldapseach command which runs perfectly is:

sudo ldapsearch -h xxx.xxx.local -D “xxx\User” -w “password” -b “'dc=xxx,
dc=local” -s sub “sAMAccountName=USER”

So here are my RT Config Parameter again:

Set($ExternalSettings,{‘My_LDAP’ =>{ ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ => ‘192.168.123.45’,
‘user’ => ‘USER’,
‘pass’ => ‘password’,
‘base’ =>
‘ou=companyou,ou=User,dc=xxx,dc=xxx,dc=local’,
‘filter’ => ‘(ObjectClass=*)’,
‘d_filter’ =>
‘(userAccountControl=514)’
# ‘tls’ => 0,
# ‘ssl_version’ => 3,
‘net_ldap_args’ => [ version => 3 ],
# ‘group’ => ‘Benutzer’,
# ‘group_attr’ => ‘GROUP_ATTR’,
‘attr_match_list’ => [ ‘Name’,
# ‘EmailAddress’,
],
‘attr_map’ => { ‘Name’ =>
‘sAMAccountName’,
‘RealName’ =>
‘cn’,
‘EmailAddress’ =>
‘mail’,
‘Organization’ =>
‘physicalDeliveryOfficeName’,
‘RealName’ =>
‘cn’,
‘ExternalAuthId’
=>
‘sAMAccountName’,
‘Gecos’ =>
‘sAMAccountName’,
‘WorkPhone’ =>
‘telephoneNumber’,
‘Address1’ =>
‘streetAddress’,
‘City’ => ‘l’,
‘State’ => ‘st’,
‘Zip’ =>
‘postalCode’,
‘Country’ => ‘co’

}
}

I’ll try to find out, which parameter doesn’t match with the ldap one …
cause if i try to authorize on rt with an ad user my AD gives the
following
message out:

xxx.xxx.xxx.xxx:2799 NTDS None TCP 4 32 NonDSE Can’t find
object 0.0 0

best regards john s.

View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448102.html

" Ce courriel et les documents qui lui sont joints peuvent contenir des
informations confidentielles ou ayant un caract�re priv�. S’ils ne vous sont
pas destin�s, nous vous signalons qu’il est strictement interdit de les
divulguer, de les reproduire ou d’en utiliser de quelque mani�re que ce
soit le contenu. Si ce message vous a �t� transmis par erreur, merci d’en
informer l’exp�diteur et de supprimer imm�diatement de votre syst�me
informatique ce courriel ainsi que tous les documents qui y sont attach�s."

" This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, you are
notified that any dissemination, copying of this e-mail and any attachments
thereto or use of their contents by any means whatsoever is strictly
prohibited. If you have received this e-mail in error, please advise the
sender immediately and delete this e-mail and all attached documents
from your computer system."

Hello Raphael

No nothing has changed at all… still the same error

sth. goes really wrong … i have to track the issue in order to determine
the issue but i don’t know how …

any idea or a clue ?

Her is the tcpdumpo log:

13:27:25.872995 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [.], ack 1,
win 5840, length 0
13:27:25.875403 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [P.], seq
1:33, ack 1, win 5840, length 32
13:27:25.875739 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [.], ack 33,
win 64240, length 0
13:27:25.877367 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [P.], seq
1:23, ack 33, win 64240, length 22
13:27:25.877460 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [.], ack 23,
win 5840, length 0
13:27:25.889275 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [P.], seq
33:282, ack 23, win 5840, length 249
13:27:25.889595 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [.], ack 282,
win 64240, length 0
13:27:25.890369 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [P.], seq
23:165, ack 282, win 64240, length 142
13:27:25.895897 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [F.], seq
282, ack 165, win 6432, length 0
13:27:25.897013 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [.], ack 283,
win 64239, length 0
13:27:25.897328 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [R.], seq
165, ack 283, win 64239, length 0

may it could help

best regards john s.

View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448783.html

reading your previous messages :

your RT log shows :…:: ( My_LDAP ) RT-USER User not found

that mean your LDAP server is sending a response that the RT-USER is not
existing in his database

then you mention successfully : sudo ldapsearch -h xxx.xxx.local -D
“xxx\User” -w “password” -b “'dc=xxx, dc=local” -s sub “sAMAccountName=
USER”

that mean USER is existing in the database

so are you using the good login on RT screen ?

“john s.” fireskyer@gmx.de
Envoy� par : rt-users-bounces@lists.bestpractical.com
21/04/2011 13:43

A
rt-users@lists.bestpractical.com
cc

Objet
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for

Hello Raphael

No nothing has changed at all… still the same error

sth. goes really wrong … i have to track the issue in order to
determine
the issue but i don’t know how …

any idea or a clue ?

Her is the tcpdumpo log:

13:27:25.872995 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [.], ack 1,
win 5840, length 0
13:27:25.875403 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [P.], seq
1:33, ack 1, win 5840, length 32
13:27:25.875739 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [.], ack
33,
win 64240, length 0
13:27:25.877367 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [P.], seq
1:23, ack 33, win 64240, length 22
13:27:25.877460 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [.], ack
23,
win 5840, length 0
13:27:25.889275 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [P.], seq
33:282, ack 23, win 5840, length 249
13:27:25.889595 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [.], ack
282,
win 64240, length 0
13:27:25.890369 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [P.], seq
23:165, ack 282, win 64240, length 142
13:27:25.895897 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [F.], seq
282, ack 165, win 6432, length 0
13:27:25.897013 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [.], ack
283,
win 64239, length 0
13:27:25.897328 IP xxx.xxx.local.ldap > ubunturt3.52185: Flags [R.], seq
165, ack 283, win 64239, length 0

may it could help

best regards john s.

View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448783.html

" Ce courriel et les documents qui lui sont joints peuvent contenir des
informations confidentielles ou ayant un caract�re priv�. S’ils ne vous sont
pas destin�s, nous vous signalons qu’il est strictement interdit de les
divulguer, de les reproduire ou d’en utiliser de quelque mani�re que ce
soit le contenu. Si ce message vous a �t� transmis par erreur, merci d’en
informer l’exp�diteur et de supprimer imm�diatement de votre syst�me
informatique ce courriel ainsi que tous les documents qui y sont attach�s."

" This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, you are
notified that any dissemination, copying of this e-mail and any attachments
thereto or use of their contents by any means whatsoever is strictly
prohibited. If you have received this e-mail in error, please advise the
sender immediately and delete this e-mail and all attached documents
from your computer system."

One thing that stands out in your config is your d_filter. I read on the RT
wiki somewhere that d_filter for an AD you needed to put what I have below:

'd_filter'      =>  '(userAccountControl:1.2.840.113556.1.4.803:=2)',

Read these 2 microsoft support KB to learn more on why

http://support.microsoft.com/kb/269181

Also, you have tls, ssl_version, group and group_attr commented out. Someone
else can correct me, but I believe you need to define those in your
settings.

Best I can do with my limited knowledge.

Good luck!
Mike.On Thu, Apr 21, 2011 at 5:31 AM, john s. fireskyer@gmx.de wrote:

Is it clear what i want? No? okay i try to describe a litte bit more
exaclty
as far as possible from myself

okay my ldapseach command which runs perfectly is:

sudo ldapsearch -h xxx.xxx.local -D “xxx\User” -w “password” -b “'dc=xxx,
dc=local” -s sub “sAMAccountName=USER”

So here are my RT Config Parameter again:

Set($ExternalSettings,{‘My_LDAP’ =>{ ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ => ‘192.168.123.45’,
‘user’ => ‘USER’,
‘pass’ => ‘password’,
‘base’ =>
‘ou=companyou,ou=User,dc=xxx,dc=xxx,dc=local’,
‘filter’ => ‘(ObjectClass=*)’,
‘d_filter’ =>
‘(userAccountControl=514)’
# ‘tls’ => 0,
# ‘ssl_version’ => 3,
‘net_ldap_args’ => [ version => 3 ],
# ‘group’ => ‘Benutzer’,
# ‘group_attr’ => ‘GROUP_ATTR’,
‘attr_match_list’ => [ ‘Name’,
# ‘EmailAddress’,
],
‘attr_map’ => { ‘Name’ =>
‘sAMAccountName’,
‘RealName’ => ‘cn’,
‘EmailAddress’ =>
‘mail’,
‘Organization’ =>
‘physicalDeliveryOfficeName’,
‘RealName’ => ‘cn’,
‘ExternalAuthId’ =>
‘sAMAccountName’,
‘Gecos’ =>
‘sAMAccountName’,
‘WorkPhone’ =>
‘telephoneNumber’,
‘Address1’ =>
‘streetAddress’,
‘City’ => ‘l’,
‘State’ => ‘st’,
‘Zip’ =>
‘postalCode’,
‘Country’ => ‘co’

}
}

I’ll try to find out, which parameter doesn’t match with the ldap one …
cause if i try to authorize on rt with an ad user my AD gives the following
message out:

xxx.xxx.xxx.xxx:2799 NTDS None TCP 4 32 NonDSE Can’t find
object 0.0 0

best regards john s.

–
View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31448102.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.

Mike Johnson
Datatel Programmer/Analyst
Northern Ontario School of Medicine
955 Oliver Road
Thunder Bay, ON P7B 5E1
Phone: (807) 766-7331
Email: mike.johnson@nosm.ca

@Raphael

so are you using the good login on RT screen ?

Waht do you mean with an “good login”?

@Mike

Hello Mike

I have readed the 2 Articles and modified my config in such way …

but the same error occurs …

but i have found sth… on my AD, i 'll try to copy the infos which should
be necessary …

xxx.xxx.xxx.xxx:2206 NTDS None TCP 4 32 NonDSE Can’t find Objekt 0.0 0 0.0
xxx.xxx.xxx.xxx:2200 NTDS None TCP 4 32 NonDSE Can’t find Objekt 0.0 0 0.0

thats one of it …

xxx.xxx.xxx.xxx:2200 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0
xxx.xxx.xxx.xxx.2206 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0

This is the same log but i comes a litte bit later i wonder why success
…

And now it comes really strange:

Thats the search log

Client Instanz Objektname Filtername
Reply/s Response Time (ms) CPU%
Internal NTDS [] (displayName=RT-USER)
0 0 0 0
Internal NTDS [] (displayName=RT-USER) 0
0 0 0

I don’t understand it looks like , that he can’t resolve the objectname.

best regards john.

View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31450244.html

Turn your RT debug logging on and check that log to see what it’s doing.

I believe the debug log shows you the actual LDAP call it’s doing… then
you can verify what is failing based on that.

Good luck!
Mike.On Thu, Apr 21, 2011 at 10:55 AM, john s. fireskyer@gmx.de wrote:

@Raphael

so are you using the good login on RT screen ?

Waht do you mean with an “good login”?

@Mike

Hello Mike

I have readed the 2 Articles and modified my config in such way …

but the same error occurs …

but i have found sth… on my AD, i 'll try to copy the infos which should
be necessary …

xxx.xxx.xxx.xxx:2206 NTDS None TCP 4 32 NonDSE Can’t find Objekt 0.0 0 0.0
xxx.xxx.xxx.xxx:2200 NTDS None TCP 4 32 NonDSE Can’t find Objekt 0.0 0 0.0

thats one of it …

xxx.xxx.xxx.xxx:2200 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0
xxx.xxx.xxx.xxx.2206 NTDS None TCP 1 0 NonDSE Sucess 0.0 1 0.0

This is the same log but i comes a litte bit later i wonder why success
…

And now it comes really strange:

Thats the search log

Client Instanz Objektname Filtername
Reply/s Response Time (ms) CPU%
Internal NTDS (displayName=RT-USER)
0 0 0 0
Internal NTDS (displayName=RT-USER)
0
0 0 0

I don’t understand it looks like , that he can’t resolve the objectname.

best regards john.

–
View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31450244.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.

Mike Johnson
Datatel Programmer/Analyst
Northern Ontario School of Medicine
955 Oliver Road
Thunder Bay, ON P7B 5E1
Phone: (807) 766-7331
Email: mike.johnson@nosm.ca

Turn your RT debug logging on and check that log to see what it’s doing.#

Hello mike the rt.log says the following:

username: USER , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)pr
26 06:58:11 2011] [debug]: LDAP Search === Base:
ou=User,dc=xxx,dc=xxx,dc=local == Filter:
(&(ObjectClass=*)(sAMAccountName=User)) == Attrs: cn,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)
[Tue Apr 26 06:58:11 2011] [debug]: User Check Failed :: ( My_LDAP ) USER
User not found
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:318)

So sth goes awry

Any further hints,clues or advices would be helpfully

best regards john s.

View this message in context: http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31476578.html

Hello, the LDAP answer is clear : “User not found”

in your config you search in this Base: ou=User,dc=xxx,dc=xxx,dc=local
are you sure the xxx.xxx.local domain exist in your AD configuration ? or
did you change company values to hide from the list ?
it looks like you don’t have the good parameters between RT and your AD
config so you can match and find the USER

Rapha�l

“john s.” fireskyer@gmx.de
Envoy� par : rt-users-bounces@lists.bestpractical.com
26/04/2011 10:44

A
rt-users@lists.bestpractical.com
cc

Objet
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for

Turn your RT debug logging on and check that log to see what it’s doing.#

Hello mike the rt.log says the following:

username: USER , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)pr
26 06:58:11 2011] [debug]: LDAP Search === Base:
ou=User,dc=xxx,dc=xxx,dc=local == Filter:
(&(ObjectClass=*)(sAMAccountName=User)) == Attrs: cn,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)
[Tue Apr 26 06:58:11 2011] [debug]: User Check Failed :: ( My_LDAP ) USER
User not found
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:318)

So sth goes awry

Any further hints,clues or advices would be helpfully

best regards john s.

View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0.08-which-packages-i-need-for-tp31388437p31476578.html

" Ce courriel et les documents qui lui sont joints peuvent contenir des
informations confidentielles ou ayant un caract�re priv�. S’ils ne vous sont
pas destin�s, nous vous signalons qu’il est strictement interdit de les
divulguer, de les reproduire ou d’en utiliser de quelque mani�re que ce
soit le contenu. Si ce message vous a �t� transmis par erreur, merci d’en
informer l’exp�diteur et de supprimer imm�diatement de votre syst�me
informatique ce courriel ainsi que tous les documents qui y sont attach�s."

" This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, you are
notified that any dissemination, copying of this e-mail and any attachments
thereto or use of their contents by any means whatsoever is strictly
prohibited. If you have received this e-mail in error, please advise the
sender immediately and delete this e-mail and all attached documents
from your computer system."