Ldap user authentication seems to work using RT-Authen-ExternalAuth. An AD user can login and create tickets in a queue, but next time the same user logged in he sees no open/closed tickets. Only root user can see all the tickets.
Cannot add user rights to the AD user. Once I put the AD user name in the field and check a box, it will say "Invalid username". I've created a group as root within RT gui, assigned all possible rights for it, and added the AD user as a member. Still, this user doesn't see any ticket. This is the first time I compiled RT 4.0.4 on a RHEL 6.1. Following is the RT_SiteConfig.pm file I'm using. Set( $DatabaseUser, 'rt_user' ); Set( $CorrespondAddress, '[email protected]' ); Set( $rtname, 'xrt.mdanderson.edu' ); Set( $DatabaseRequireSSL, '' ); Set( $WebPort, '80' ); Set( $Organization, 'mdanderson.edu' ); Set( $DatabaseType, 'mysql' ); Set( $DatabasePort, '' ); Set( $DatabasePassword, 'password' ); Set( $DatabaseAdmin, 'root' ); Set( $SendmailPath, '/usr/sbin/sendmail' ); Set( $WebDomain, 'xrt.mdanderson.edu' ); Set( $DatabaseAdminPassword, '' ); Set( $CommentAddress, '[email protected]' ); Set( $DatabaseHost, 'localhost' ); Set( $DatabaseName, 'rt4' ); Set( $OwnerEmail, '[email protected]' ); Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set($ExternalAuthPriority, [ 'My_MySQL', 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS, 0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'My_MySQL' => { 'type' => 'db', 'server' => 'dqsrt.mdanderson.edu', 'database' => 'rt4', 'table' => 'Users', 'user' => 'rt_user', 'pass' => 'password', 'port' => '3306', 'dbi_driver' => 'mysql', 'u_field' => 'Name', 'p_field' => 'Password', 'p_enc_pkg' => 'Crypt::MySQL', 'p_enc_sub' => 'password', 'd_field' => 'disabled', 'd_values' => ['0'], 'attr_map' => { 'Name' => 'Name', } }, 'My_LDAP' => { 'type' => 'ldap', 'server' => 'dcpwpdc1.mdanderson.edu', 'user' => 's_dqs_svn', 'pass' => 'Juoo9k88', 'base' => 'ou=people,dc=mdanderson,dc=edu', 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)', 'tls' => 0, 'ssl_version' => 3, 'net_ldap_args' => [ version => 3 ], 'attr_map' => { 'Name' => 'samaccountname', 'EmailAddress' => 'mail', 'Organization' => 'physicaldeliveryofficename', 'RealName' => 'gecos', 'ExternalAuthId' => 'sAMAccountName', 'Gecos' => 'gecos', 'WorkPhone' => 'telephoneNumber', 'Address1' => 'streetAddress', 'City' => 'l', 'State' => 'st', 'Zip' => 'postalCode', 'Country' => 'co' } } } ); 1;
-------- RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 & 6, 2012
