Hi, Mike,
Thanks, I tried your suggestions, base should be correct, because we have other service also using this ldap server. I limmted attr_map to just email and externalAuthId, it still gave same error message.
Following are are detailed debug information.
Thanks and Regards,
Ben
[Wed Sep 2 22:47:45 2009] [critical]: RT::User::_GetBoundLdapObj Can’t bind: LDAP_INVALID_DN_SYNTAX 34 (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:1056)
[Wed Sep 2 22:47:45 2009] [debug]: RT::User::IsExternalPassword Trying External authentication (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:52)
[Wed Sep 2 22:47:45 2009] [debug]: Attempting to use external auth service: My_LDAP (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:63)
[Wed Sep 2 22:47:45 2009] [critical]: RT::User::_GetBoundLdapObj Can’t bind: LDAP_INVALID_DN_SYNTAX 34 (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:1056)
[Wed Sep 2 22:47:45 2009] [info]: RT::User::IsExternalPassword External Auth Failed: yhuang (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:294)
[Wed Sep 2 22:47:45 2009] [debug]: RT::User::IsPassword External auth FAILED (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:360)
[Wed Sep 2 22:47:45 2009] [info]: RT::User::IsInternalPassword AUTH FAILED: ben (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:331)
[Wed Sep 2 22:47:45 2009] [debug]: RT::User::IsPassword Internal auth FAILED (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:366)
[Wed Sep 2 22:47:45 2009] [error]: FAILED LOGIN for ben from 10.64.16.119 (/usr/share/rt3/html/autohandler:251)— On Wed, 9/2/09, Michael Ellis Michael_Ellis@umanitoba.ca wrote:
From: Michael Ellis Michael_Ellis@umanitoba.ca
Subject: RE: [rt-users] RT::Authen::ExternalAuth error
To: “‘Ben’” uyhis@yahoo.com, rt-users@lists.bestpractical.com
Date: Wednesday, September 2, 2009, 5:00 PM
Hi Ben,
Barring things like the user not being authorized, or your base being incorrect, try limiting your attr_map down to just the essentials. I got errors trying to map things that I thought should work just fine. I can’t remember what error I got, but it wasn’t descriptive and it caused a complete failure of the process.
-Mike
From: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Ben
Sent: September-02-09 2:20 PM
To: rt-users@lists.bestpractical.com
Subject: [rt-users] RT::Authen::ExternalAuth error
Hi, All,
I have errors with RT 3.6.5 and RT-Authen-ExternalAuth-0.05 on my centos box.
following are error messages:
[Tue Sep 1 23:39:32 2009] [critical]: RT::User::_GetBoundLdapObj Can’t bind: LDAP_INVALID_DN_SYNTAX 34 (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:1056)
[Tue Sep 1 23:39:32 2009] [critical]: RT::User::_GetBoundLdapObj Can’t bind: LDAP_INVALID_DN_SYNTAX 34 (/usr/local/lib/rt3/lib/RT/User_Vendor.pm:1056)
And my configuration:
Set( @Plugins, qw(RT::Authen::ExternalAuth) );
Set($ExternalAuthPriority, [ ‘My_LDAP’ ]);
Set($ExternalInfoPriority, [ ‘My_LDAP’ ]);
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 0);
Set($ExternalSettings, {
‘My_LDAP’ => {
‘type’=>‘ldap’,
‘auth’=>1,
‘info’=> 1,
‘server’=> ‘tldap01.smith.com’,
‘user’ => ‘rt3’,
‘pass’ => ‘mypassword’,
‘base’=> ‘ou=people,dc=smith,dc=com’,
'filter'=> '(objectClass=person)',
'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
'tls' => 0,
'net_ldap_args' => [ version => 3 ],
# 'group' => 'GROUP_NAME',
# 'group_attr' => 'GROUP_ATTR',
'attr_match_list' => [ 'Name',
'EmailAddress',
'RealName',
'WorkPhone',
'Address2'
],
'attr_map' => { 'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'Organization' => 'physicalDeliveryOfficeName',
'RealName' => 'cn',
'ExternalAuthId' => 'sAMAccountName',
'Gecos' => 'sAMAccountName',
'WorkPhone' => 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => 'l',
'State' => 'st',
'Zip' => 'postalCode',
'Country' => 'co'
}
}
}
Am I doing soething wrong?
Thanks, Please advise.
Regards,
Ben