What Version of RT are you running? If you are using 4.2 or greater (you should
be if you’re setting up a new instance) you need to
Replace this line
Set(@Plugins, qw(RT::Authen::ExternalAuth) );
With this line
Plugin('RT::Authen::ExternalAuth');
From: rt-users [mailto:[email protected]] On Behalf Of
bharath reddy
Sent: Tuesday, October 13, 2015 10:38 PM
To: Anton Panetta <[email protected]>
Cc: RT-List <[email protected]>
Subject: Re: [rt-users] Regarding External Authentication using LDAP
Hi Anton,
I used following block in my RT_SiteConfig :
Set(@Plugins, qw(RT::Authen::ExternalAuth) );
Set($ExternalAuthPriority, ["My_LDAP"]);
Set($ExternalInfoPriority, ["My_LDAP"]);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings, {
'My_LDAP' => { ## GENERIC SECTION
'type' => 'ldap',
'server' =>
'vmns1.cs.sunysb.edu<http://vmns1.cs.sunysb.edu>',
'user' => 'CN=Recruit LDAP
user,OU=Service Accounts,OU=SBCS,DC=cs,DC=stonybrook,DC=edu',
'pass' => '*******',
'base' =>
'ou=SBCS,dc=cs,dc=stonybrook,DC=edu',
# 'filter' =>
'((&(objectCategory=Users)))',
filter => '(objectClass=*)',
'd_filter' =>
'(userAccountControl:1.2.840.113556.1.4.803:=2)',
# 'd_filter' =>
'(&(objectCategory=User) (ObjectClass=Person))' ,
'tls' => 1,
'ssl_version' => 3,
'net_ldap_args' => [
version => 3 ],
# 'group' =>
'CN=Domain Users,CN=Users,DC=cs,DC=stonybrook,DC=edu',
# 'group_attr' => 'member',
'attr_match_list' => [
'Name',
'EmailAddress'
],
'attr_map' => {
'Name' => 'sAMAccountName',
'EmailAddress' => 'mail' }
}
}
);
Is anything that I'm missing ?
Thanks,
Bharath.
On Tue, Oct 13, 2015 at 8:04 PM, Anton Panetta
<[email protected]<mailto:[email protected]>> wrote:
Whats the block you put in your RT_SiteConfig relating to external auth?
From: rt-users
[mailto:[email protected]<mailto:[email protected]>]
On Behalf Of bharath reddy
Sent: Wednesday, 14 October 2015 3:58 AM
To: RT-List
<[email protected]<mailto:[email protected]>>
Subject: [rt-users] Regarding External Authentication using LDAP
Dear All,
I followed the link https://metacpan.org/pod/RT::Authen::ExternalAuth and made
required changes and then restarted my apache server. But when I'm logging into
the RT from web it fails with :
"Your username or password is incorrect"
But user exists in the LDAP.
Log file contains :
[22441] [Tue Oct 13 16:58:25 2015] [error]: FAILED LOGIN for <my_user_name>
from 130.245.10.107 (/rt/lib//RT/Interface/Web.pm:810)
From the code(/rt/lib//RT/Interface/Web.pm) it fails at this point :
unless ( $user_obj->id && $user_obj->IsPassword( $ARGS->{pass} ) ) {
$RT::Logger->error("FAILED LOGIN for @{[$ARGS->{user}]} from
$ENV{'REMOTE_ADDR'}");
Can any one help me how to change the flow to authenticate from LDAP i.e it
should check the username and password against the LDAP and not from DB.
Any help or pointers to this issue will be appreciated.
Thanks,
Bharath.
The information contained in this email message and any attachments may be
confidential information. If you are not the intended recipient, any use,
interference with, disclosure or copying of this material is unauthorised and
prohibited. If you have received this email in error, please advise us
immediately and delete the email and all copies. The content and opinions in
non-business email are not necessarily those of Haircare Australia. [Image
removed by sender.]
________________________________
ARDEN
A Global Company
Celebrating over 50 years of making your life more comfortable!
This message may contain confidential and/or privileged information. If you are
not the addressee or authorized to receive this for the addressee, you must not
use, copy, disclose, or take any action based on this message or any
information herein. If you have received this message in error, please advise
the sender immediately by reply e-mail and delete this message.
This OUTBOUND E-mail and Document(s) has been scanned by an Antivirus Server.
