Users of the existing RT::Authen::ExternalAuth extension should remove RT::Authen::ExternalAuth from the plugins list, and add Set($ExternalAuth, 1); to the RT_SiteConfig.pm file. Please also remove local/plugins/RT-Authen-ExternalAuth from your RT installation.
This was a fresh install, so I hadnt read the upgrade documentation you pointed out. Would be great if the RT:Authen::ExternalAuth documentation could be updated to include the step for enabling external auth using the $ExternalAuth, 1 setting.
Got it to work with ldaps, but it took me a while of reading the net::ldap cpan help to work it out. Would be excellent if you could include the scheme and port options in the RT documentation as it would have saved me a bit of time. You also need to install the Net::LDAP cpan dependency as it is not included by default. Install with cpan -i Net::LDAP (Case sensitive)