Aaron,
That seems to have fixed it. No error in days! Thanks! ________________________________ From: Lush, Aaron <[email protected]> Sent: Thursday, May 5, 2016 12:05 PM To: t s Cc: [email protected] Subject: Re: [rt-users] LDAP External Auth intermittent failure The only thing that jumps out to me is that under "External Settings" you are domain\service name, whereas in Set$( LDAPUser) you are using the DistinguishedName. I had similar issues in my RT 4.4 deployment until I made both of those settings follow the DistinguishedName. Sincerely, Aaron Lush Network Administrator South Central Community School Corporation (219) 767-2266 ext. 1111 On Thu, May 5, 2016 at 10:05 AM, t s <[email protected]<mailto:[email protected]>> wrote: Here you go: By the way, I just changed the line below from 'server' => 'LDAPSERVER:389' to 'server' => 'LDAPSERVER.CORP.COMPANYNAME.NET:389<http://LDAPSERVER.CORP.COMPANYNAME.NET:389>' and restarted so I will see if that has any effect on the error not coming back up or not. Set($WebPath , ""); Set($WebBaseURL, "http://rt.servername.companyname.com";); Set($RestrictReferrer, '0'); Set($DatabaseAdmin, 'root'); Set($LogoURL, 'https://bestpractical.com/images/logo.png'); Set($WebDefaultStylesheet, 'rudder'); Set($LogToFile, 'error'); Set($SetOutgoingMailFrom, "[email protected]<mailto:[email protected]>"); Set($SMTPFrom, "mail-out.smtp.companyname.com<http://mail-out.smtp.companyname.com>"); Set($ParseNewMessageForTicketCcs, 1); Set($HomePageRefreshInterval, 120); Set($NotifyActor,1) Set($SendmailArguments, "-t"); Set($MailCommand, "sendmail"); Plugin( "RT::Authen::ExternalAuth" ); Plugin('RT::Extension::LDAPImport'); Set($LDAPHost,'LDAPSERVER.CORP.COMPANYNAME.NET:389'); Set($LDAPUser,'cn=companyname\\svc.servicename,cn=Users,dc=Corp,DC=companyname,DC=net'); Set($LDAPPassword,'password'); Set($LDAPBase, 'OU=Corp,OU=Users,OU=companyname,DC=Corp,DC=companyname,DC=net'); Set($LDAPFilter, '(&(objectClass=person))'); Set($LDAPMapping, {Name => 'sAMAccountName', # required EmailAddress => 'mail', RealName => 'cn', WorkPhone => 'telephoneNumber', Organization => 'departmentName'}); Set($LDAPSizeLimit, 1000); Set($ExternalAuthPriority, ['companynameLDAP']); Set($ExternalInfoPriority, ['companynameLDAP']); Set($UserAutocreateDefaultsOnLogin, { Privileged => 0 } ); Set($AutoCreateNonExternalUsers, 1); Set($ExternalSettings, { 'companynameLDAP' => { 'type' => 'ldap', 'server' => 'LDAPSERVER:389', 'user' => 'companyname\\svc.servicename', 'pass' => 'password', 'base' => 'OU=Corp,OU=Users,OU=companyname,DC=corp,DC=companyname,DC=net', 'filter' => '(objectClass=person)', 'd_filter' => '(objectClass=asdf)', 'net_ldap_args' => [ version => 3 ], 'attr_match_list' => [ 'Name', 'EmailAddress', ], 'attr_map' => { 'Name' => 'sAMAccountName', 'EmailAddress' => 'mail', 'Organization' => 'physicalDeliveryOfficeName', 'RealName' => 'cn', 'ExternalAuthId' => 'sAMAccountName', 'Gecos' => 'sAMAccountName', 'WorkPhone' => 'telephoneNumber', 'Address1' => 'streetAddress', 'City' => 'l', 'State' => 'st', 'Zip' => 'postalCode', 'Country' => 'co' }, }, } ); Set($WebRemoteuserAuth,1); Set($WebRemoteUserContinuous,1); Set($WebFallbackToRTLogin, undef); Set($WebRemoteUserGecos,1); Set($WebRemoteUserAutocreate,1); Set( $rtname, 'CompanyName RT' ); Set( $CommentAddress, '' ); Set( $CorrespondAddress, '' ); Set( $DatabaseHost, 'localhost' ); Set( $DatabaseName, 'rt_database' ); Set( $DatabasePassword, 'password' ); Set( $DatabasePort, '3306' ); Set( $DatabaseType, 'mysql' ); Set( $DatabaseUser, 'root' ); Set( $Organization, 'companyname.com' ); Set( $OwnerEmail, '[email protected]<mailto:[email protected]>' ); Set( $SendmailPath, 'usr/lib/sendmail' ); Set( $SendmailArguments, "-t"); Set( $MailCommand, "sendmail"); Set( $WebDomain, 'rt.servername.companyname.com' ); Set( $WebPort, '443' ); Set(%CustomFieldGroupings, 'RT::Ticket' => [ 'Basics' => ['Trigger Code'] ] ); Set($CanonicalizeRedirectURLs, 0); 1; ________________________________ From: Lush, Aaron <[email protected]<mailto:[email protected]>> Sent: Thursday, May 5, 2016 10:49 AM To: t s Cc: [email protected]<mailto:[email protected]> Subject: Re: [rt-users] LDAP External Auth intermittent failure Would you please post your LDAP configuration in RT_SiteConfig.pm? Omitting any sensitive information, of course. Sincerely, Aaron Lush Network Administrator South Central Community School Corporation (219) 767-2266 ext. 1111 On Thu, May 5, 2016 at 8:15 AM, t s <[email protected]<mailto:[email protected]>> wrote: Getting an intermittent "RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind: LDAP_INVALID_CREDENTIALS 49" error very similar to: http://requesttracker.8502.n7.nabble.com/LDAP-External-Auth-intermittent-failure-td58611.html. [http://www.gravatar.com/avatar/26ccab0b62375e40455160ff3e911dc4?s=100&r=pg&d=http%3A%2F%2Fn7.nabble.com%2Fimages%2Favatar100.png]<http://requesttracker.8502.n7.nabble.com/LDAP-External-Auth-intermittent-failure-td58611.html> LDAP External Auth intermittent failure - RequestTracker<http://requesttracker.8502.n7.nabble.com/LDAP-External-Auth-intermittent-failure-td58611.html> requesttracker.8502.n7.nabble.com<http://requesttracker.8502.n7.nabble.com> LDAP External Auth intermittent failure. I'm using RT-4.2.7 installed from source, on ubuntu 14.04LTS. I've been trying to get the External Auth (0.23) extension ... Almost daily the External Auth will randomly start getting the binding error above and stop accepting LDAP logins, a simple restart of RT fixes the problem. I'm using External Auth 0.25 and RT 4.2.12. The only suggestion in the post above is to update RT but these are both recent stable versions. Anyone ran into this problem? Is it an RT_SiteConfig problem? I wouldn't think so since it works for around 24 hours and then stops. Could it be some kind of network connectivity problem? --------- RT 4.4 and RTIR Training Sessions https://bestpractical.com/training * Washington DC - May 23 & 24, 2016 Email Confidentiality Notice: This email message, including all attachments, is for the sole use of the intended recipient(s) and contains confidential information. If you are not the intended recipient, you may not use, disclose, print, copy or disseminate this information. Please reply and notify the sender, delete the message and any attachments and destroy all copies. Email Confidentiality Notice: This email message, including all attachments, is for the sole use of the intended recipient(s) and contains confidential information. If you are not the intended recipient, you may not use, disclose, print, copy or disseminate this information. Please reply and notify the sender, delete the message and any attachments and destroy all copies.
--------- RT 4.4 and RTIR Training Sessions https://bestpractical.com/training * Washington DC - May 23 & 24, 2016
