RT::Authen::ExternalAuth cannot find LDAP users if they haven't logged in at least once

Alle,

So we've installed RT::Authen::ExternalAuth, but when we try to search

for users to create groups and such, if the user hasn’t logged in to RT
at least once, they cannot be found. Here is the LDAP excerpt from
RT_SiteConfig.PM:

Set(@Plugins, (qw(RT::Authen::ExternalAuth)));
Set($ExternalAuthPriority, [ ‘My_LDAP’
]
);
Set($ExternalInfoPriority, [ ‘My_LDAP’
]
);
Set($ExternalAuthPriority,[‘My_LDAP’]);
Set($ExternalSettings, {
Set($ExternalSettings, {
‘My_LDAP’ => {
‘type’ => ‘ldap’,
‘server’ => ‘admin.subaru.nao.ac.jp’,
‘user’ => ‘cn=Manager,dc=subaru,dc=nao,dc=ac,dc=jp’,
‘pass’ => ‘XXXXX’,
‘base’ => ‘ou=people,dc=subaru,dc=nao,dc=ac,dc=jp’,
‘filter’ => ‘(objectClass=person)’,
‘d_filter’ => ‘(employeeType=locked)’,
‘tls’ => 0,
‘ssl_version’ => 3,
‘net_ldap_args’ => [ version => 3 ],
# ‘group’ => ‘GROUP_NAME’,
# ‘group_attr’ => ‘GROUP_ATTR’,
‘attr_match_list’ => [ ‘Name’,
‘EmailAddress’
],
‘attr_map’ => { ‘Name’ => ‘uid’,
‘EmailAddress’ => ‘mail’,
# ‘Organization’ =>
‘physicalDeliveryOfficeName’,
‘RealName’ => ‘cn’,
‘ExternalAuthId’ => ‘uid’,
‘Gecos’ => ‘gecos’
# ‘WorkPhone’ => ‘telephoneNumber’,
# ‘Address1’ => ‘streetAddress’,
# ‘City’ => ‘l’,
# ‘State’ => ‘st’,
# ‘Zip’ => ‘postalCode’,

				# 'Country' => 'co'
			}
		}

);

We've obviously missed something here, but we've spent the last couple

days searching the docs/wiki/web and playing with RT_SiteConfig.pm but
with no luck.

Best Regards,
Camron

Camron W. Fox
Hilo Office
High Performance Computing Group
Fujitsu Management Services of America, Inc.
E-mail: cwfox@us.fujitsu.com

Hi,

Not sure if that’s possible with ExternalAuth, it automatically creates a
user during login but doesn’t sync the LDAP. (at least, like you I can’t
find an option for it)

You’ll probably need to run something separate from ExternalAuth to import
those users, this plugin might help with that:

http://search.cpan.org/~falcone/RT-Extension-LDAPImport-0.31/lib/RT/Extension/LDAPImport.pm

– Bart

Op 30 januari 2012 02:16 schreef Camron W. Fox cwfox@us.fujitsu.com het
volgende:

I have the ldap import plugin running and it does import new users and update existing information based on the options you set in config. You must set up a cron job for this.

Thanks,
Jim LesinskiOn Jan 30, 2012, at 11:24 AM, Bart bart@pleh.info wrote:

Hi,

Not sure if that’s possible with ExternalAuth, it automatically creates a user during login but doesn’t sync the LDAP. (at least, like you I can’t find an option for it)

You’ll probably need to run something separate from ExternalAuth to import those users, this plugin might help with that:
http://search.cpan.org/~falcone/RT-Extension-LDAPImport-0.31/lib/RT/Extension/LDAPImport.pm

– Bart

Op 30 januari 2012 02:16 schreef Camron W. Fox cwfox@us.fujitsu.com het volgende:
Alle,

   So we've installed RT::Authen::ExternalAuth, but when we try to search

for users to create groups and such, if the user hasn’t logged in to RT
at least once, they cannot be found. Here is the LDAP excerpt from
RT_SiteConfig.PM:

Set(@Plugins, (qw(RT::Authen::ExternalAuth)));
Set($ExternalAuthPriority, [ ‘My_LDAP’
]
);
Set($ExternalInfoPriority, [ ‘My_LDAP’
]
);
Set($ExternalAuthPriority,[‘My_LDAP’]);
Set($ExternalSettings, {
Set($ExternalSettings, {
‘My_LDAP’ => {
‘type’ => ‘ldap’,
‘server’ => ‘admin.subaru.nao.ac.jp’,
‘user’ => ‘cn=Manager,dc=subaru,dc=nao,dc=ac,dc=jp’,
‘pass’ => ‘XXXXX’,
‘base’ => ‘ou=people,dc=subaru,dc=nao,dc=ac,dc=jp’,
‘filter’ => ‘(objectClass=person)’,
‘d_filter’ => ‘(employeeType=locked)’,
‘tls’ => 0,
‘ssl_version’ => 3,
‘net_ldap_args’ => [ version => 3 ],
# ‘group’ => ‘GROUP_NAME’,
# ‘group_attr’ => ‘GROUP_ATTR’,
‘attr_match_list’ => [ ‘Name’,
‘EmailAddress’
],
‘attr_map’ => { ‘Name’ => ‘uid’,
‘EmailAddress’ => ‘mail’,
# ‘Organization’ =>
‘physicalDeliveryOfficeName’,
‘RealName’ => ‘cn’,
‘ExternalAuthId’ => ‘uid’,
‘Gecos’ => ‘gecos’
# ‘WorkPhone’ => ‘telephoneNumber’,
# ‘Address1’ => ‘streetAddress’,
# ‘City’ => ‘l’,
# ‘State’ => ‘st’,
# ‘Zip’ => ‘postalCode’,

                                   # 'Country' => 'co'
                           }
                   }

);

   We've obviously missed something here, but we've spent the last couple

days searching the docs/wiki/web and playing with RT_SiteConfig.pm but
with no luck.

Best Regards,
Camron


Camron W. Fox
Hilo Office
High Performance Computing Group
Fujitsu Management Services of America, Inc.
E-mail: cwfox@us.fujitsu.com


RT Training Sessions (http://bestpractical.com/services/training.html)

  • Boston March 5 & 6, 2012

RT Training Sessions (http://bestpractical.com/services/training.html)

  • Boston � March 5 & 6, 2012