Hi all, Anyone using LDAP Auth for RT with Novell eDirectory?
I've been working through the LDAP documentation at the wiki (http://wiki.bestpractical.com/index.cgi?LDAP) and I've got things mostly working with RT 3.6.1 and Novell eDirectory 8.7.x. I can log in to RT and everything seems to work fine except that every time I log in, eDirectory decrements my grace login total. Once I'm down to zero I can't log in to RT until I go into eDirectory (via ConsoleOne in my case) and give myself some more grace logins. When I look at the eDirectory log I find a socket error (-5871) every time RT sends a search request. RT does a number of LDAP searches for every log in attempt. The odd thing is that I don't get an actual NDS error until RT tries to use the LDAP filter settings that are included in RT_SiteConfig. For example: filter: "(cn=twilson)" isn't a problem. Neither is filter: "([EMAIL PROTECTED])". After those two searches RT tries one that looks like this: filter: "(&(cn=twilson)(objectclass=person))" That one produces an "NDS error: bad password (-222)". Presumably that's when the grace login count gets decremented. The next time I try to log in it fails and the eDirectory log shows "NDS error: password expired (-223)". I've disabled the grace login feature for now, but that's not an effective long-term solution. I'd love to hear some suggestions. -Tim -- Tim Wilson, Director of Technology Buffalo-Hanover-Montrose Schools 214 1st Ave NE Buffalo, MN 55313 ph: 763.682.8740 fax: 763.682.8743 http://www.buffalo.k12.mn.us _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com