I finally got it working !!! It was configuration data issues (cn, ou,
...). Thanks to everyone !!! To solve that, I installed Softerra Ldap Browser to get the correct LDAP settings and also to do some LDAP searchs. Special thanks to Joachim and Helmuth. Now everything looks fine, except for the user auto creation. When trying to login with a LDAP user who does not exist in RT database yet, the user authentication fails. Somehow the LDAP filter got messed up and the sAMAccountName is not filled. Starting from the Auth callback, the IsPassword method is called and it does, the filter gets created before LDAP search. autohandler/Auth callback: unless ($session{'CurrentUser'}) { if (defined ($user) && defined ($pass) ) { $session{'CurrentUser'} = RT::CurrentUser->new(); $session{'CurrentUser'}->Load($user); unless ($session{'CurrentUser'}->Id) { // IT GETS HERE IF USER DOES NOT EXIST IN RT DB my $UserObj = RT::User->new($RT::SystemUser); my ($val, $msg) = $UserObj->SetName($user); if ($UserObj->IsPassword($pass)) { // CALL IsPassword in User_Local.pm ...User_Local.pm sub IsLDAPPassword { ... my $filter_string = '(&(' . $RT::LdapAttrMap->{'Name'} . '=' . $self->Name . ')' . $ldap_filter . ')'; // filter_string = (&(sAMAccountName=)(objectclass=user))... } Not sure why sAMAccountName is empty. If I create the same user locally in RT and log in again, the LDAP authentication will be OK. Any help will be appreciated. Regards, Dário Helmuth Ramirez wrote: One thing that got me (due to my COMPLETE LAMP newness) was installing the Net::LDAP module. The other thing I did differently was my objectclass=user not PosixAccount -----Original Message----- From: Dario Luis Coneglian Oliveros [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 20, 2006 2:13 PM To: Helmuth Ramirez Cc: rt-users@lists.bestpractical.com Subject: Re: [rt-users] Question about LdapOverlay and Windows Active Directory Hi Helmuth, That's the one I looked at, but even though I could not get it working. Whenever I try to login, I got the following error: RT::User::IsLDAPPassword search for (&(sAMAccountName=oliveros)(objectclass=posixAccount)) failed: LDAP_REFERRAL 10 (/l/disk0/tools/rt/local/lib/RT/User_Local.pm:177 I am not sure whether it's just a configuration problem or not. Do you happen to know what this error means ? FYI the only step I did not follow in the "New Installs" section of http://wiki.bestpractical.com/?LDAP was #4, which is optional. Thanks, Dário Helmuth Ramirez wrote:There were two ways of doing it in the Wiki...one I failed miserably with, the one that worked for me was this one: http://wiki.bestpractical.com/?LDAP -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dario Luis Coneglian Oliveros Sent: Thursday, July 20, 2006 1:41 PM To: rt-users@lists.bestpractical.com Subject: [rt-users] Question about LdapOverlay and Windows Active Directory Hi there, Has anyone gotten the LdapOverlay working with Windows Active Directory ? Basically I would like to authenticate user against Windows AD without doing it thru Apache. I followed the steps in the section LDAP at RT Wiki, but couldn't get it working yet. Any tips, suggestions or working samples will be appreciated. Thanks, Dário _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com We're hiring! Come hack Perl for Best Practical: http://bestpractical.com/about/jobs.html |
_______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com We're hiring! Come hack Perl for Best Practical: http://bestpractical.com/about/jobs.html