Hi,
i'm trying to set up rt to auto-create ldap authenticated users.
authentication from ldap works, all user attributes are mapped correctly
but new user creation fails. i've followed the guide in wiki.
here is my rt ldap configuration:
Set($AuthMethods, ['LDAP', 'Internal']);
Set($LdapExternalAuth, 1);
Set($LdapExternalInfo, 1);
Set($LdapAutoCreateNonLdapUsers, 1);
Set($LdapAttrMap, {'Name' => 'uid',
'EmailAddress' => 'mail',
'RealName' => 'cn',
'ExternalContactInfoId' => 'dn',
'ExternalAuthId' => 'uid',
'Gecos' => 'gecos',
'Comments' => 'gidNumber',
'id' => 'uidNumber'
}
);
Set($LdapRTAttrMatchList, ['ExternalContactInfoId', 'Name',
'EmailAddress', 'RealName']
);
Set($LdapEmailAttrMatchList, ['mail', 'mailRoutingAddress',
'mailAlternateAddress']
);
Set($LdapEmailAttrMatchPrefix, [''] );
Set($LdapServer, 'void');
Set($LdapBase, 'ou=people,dc=ceid,dc=upatras,dc=gr');
Set($LdapFilter, '(objectclass=*)');
Set($LdapDisableFilter, '(employmentStatus=Terminated)');
Set($LdapTLS, 1);
Set($LdapSSLVersion, 3);
a sample ldap user request
# ldapsearch -vx -h void -b "dc=ceid, dc=upatras, dc=gr"
"(uid=voulgaris)"
ldap_initialize( ldap://void )
filter: (uid=voulgaris)
requesting: All userApplication attributes
# extended LDIF
#
# LDAPv3
# base <dc=ceid, dc=upatras, dc=gr> with scope subtree
# filter: (uid=voulgaris)
# requesting: ALL
#
# voulgaris, people, ceid.upatras.gr
dn: uid=voulgaris,ou=people,dc=ceid,dc=upatras,dc=gr
uid: voulgaris
cn: Kon/nos Voulgaris
sn: Voulgaris
uidNumber: 3866
gidNumber: 2005
gecos: Kon/nos Voulgaris
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: radiusprofile
loginShell: /bin/bash
mail: [EMAIL PROTECTED]
shadowMin: -1
shadowMax: 99999
shadowWarning: -1
shadowInactive: -1
shadowExpire: -1
shadowFlag: -1
dialupAccess: yes
homeDirectory: /home/voulgaris
shadowLastChange: 13805
userPassword: {not shown}
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
and my rt log entries.
[Thu Mar 6 15:26:05 2008] [warning]: Use of uninitialized value in
numeric eq (==) at /usr/share/request-tracker3.6/lib/RT/User_Overlay.pm
line 1787. (/usr/share/request-tracker3.6/lib/RT/User_Overlay.pm:1787)
[Thu Mar 6 15:26:05 2008] [warning]: Use of uninitialized value in
numeric eq (==) at /usr/share/request-tracker3.6/lib/RT/User_Overlay.pm
line 1787. (/usr/share/request-tracker3.6/lib/RT/User_Overlay.pm:1787)
#this maybe the root of the problem.
[Thu Mar 6 15:26:05 2008] [warning]: Transaction->Create couldn't, as
you didn't specify an object type and id
(/usr/share/request-tracker3.6/lib/RT/Record.pm:1466)
#ldap authentication succeeds
[Thu Mar 6 15:26:05 2008] [info]: RT::User::IsLDAPPassword AUTH OK:
voulgaris (uid=voulgaris,ou=people,dc=ceid,dc=upatras,dc=gr)
(/usr/share/request-tracker3.6/lib/RT/User_Local.pm:224)
#attributes map correctly
[Thu Mar 6 15:26:05 2008] [info]: RT::User::LookupExternalUserInfo :
ou=people,dc=ceid,dc=upatras,dc=gr uid=voulgaris => Comments: 2005,
EmailAddress: [EMAIL PROTECTED], ExternalAuthId: voulgaris,
ExternalContactInfoId: uid=voulgaris,ou=people,dc=ceid,dc=upatras,dc=gr,
Gecos: Kon/nos Voulgaris, Name: voulgaris, RealName: Kon/nos Voulgaris,
id: 3866 (/usr/share/request-tracker3.6/lib/RT/User_Local.pm:569)
[Thu Mar 6 15:26:05 2008] [info]: RT::User::LookupExternalUserInfo :
ou=people,dc=ceid,dc=upatras,dc=gr [EMAIL PROTECTED] =>
Comments: 2005, EmailAddress: [EMAIL PROTECTED], ExternalAuthId:
voulgaris, ExternalContactInfoId:
uid=voulgaris,ou=people,dc=ceid,dc=upatras,dc=gr, Gecos: Kon/nos
Voulgaris, Name: voulgaris, RealName: Kon/nos Voulgaris, id: 3866
(/usr/share/request-tracker3.6/lib/RT/User_Local.pm:569)
[Thu Mar 6 15:26:05 2008] [info]: RT::User::CanonicalizeEmailAddress
[EMAIL PROTECTED] => [EMAIL PROTECTED]
(/usr/share/request-tracker3.6/lib/RT/User_Local.pm:347)
[Thu Mar 6 15:26:05 2008] [info]: RT::User::CanonicalizeUserInfo
returning Comments: 2005, Disabled: 0, EmailAddress:
[EMAIL PROTECTED], ExternalAuthId: voulgaris,
ExternalContactInfoId: uid=voulgaris,ou=people,dc=ceid,dc=upatras,dc=gr,
Gecos: Kon/nos Voulgaris, Name: voulgaris, Privileged: 0, RealName:
Kon/nos Voulgaris, id: 3866
(/usr/share/request-tracker3.6/lib/RT/User_Local.pm:413)
[Thu Mar 6 15:26:05 2008] [info]: RT::User::LookupExternalUserInfo :
ou=people,dc=ceid,dc=upatras,dc=gr [EMAIL PROTECTED] =>
Comments: 2005, EmailAddress: [EMAIL PROTECTED], ExternalAuthId:
voulgaris, ExternalContactInfoId:
uid=voulgaris,ou=people,dc=ceid,dc=upatras,dc=gr, Gecos: Kon/nos
Voulgaris, Name: voulgaris, RealName: Kon/nos Voulgaris, id: 3866
(/usr/share/request-tracker3.6/lib/RT/User_Local.pm:569)
[Thu Mar 6 15:26:05 2008] [info]: RT::User::CanonicalizeEmailAddress
[EMAIL PROTECTED] => [EMAIL PROTECTED]
(/usr/share/request-tracker3.6/lib/RT/User_Local.pm:347)
[Thu Mar 6 15:26:05 2008] [info]: RT::User::LookupExternalUserInfo :
ou=people,dc=ceid,dc=upatras,dc=gr [EMAIL PROTECTED] =>
Comments: 2005, EmailAddress: [EMAIL PROTECTED], ExternalAuthId:
voulgaris, ExternalContactInfoId:
uid=voulgaris,ou=people,dc=ceid,dc=upatras,dc=gr, Gecos: Kon/nos
Voulgaris, Name: voulgaris, RealName: Kon/nos Voulgaris, id: 3866
(/usr/share/request-tracker3.6/lib/RT/User_Local.pm:569)
[Thu Mar 6 15:26:05 2008] [info]: RT::User::CanonicalizeEmailAddress
[EMAIL PROTECTED] => [EMAIL PROTECTED]
(/usr/share/request-tracker3.6/lib/RT/User_Local.pm:347)
[Thu Mar 6 15:26:05 2008] [info]: RT::User::LookupExternalUserInfo :
ou=people,dc=ceid,dc=upatras,dc=gr [EMAIL PROTECTED] =>
Comments: 2005, EmailAddress: [EMAIL PROTECTED], ExternalAuthId:
voulgaris, ExternalContactInfoId:
uid=voulgaris,ou=people,dc=ceid,dc=upatras,dc=gr, Gecos: Kon/nos
Voulgaris, Name: voulgaris, RealName: Kon/nos Voulgaris, id: 3866
(/usr/share/request-tracker3.6/lib/RT/User_Local.pm:569)
[Thu Mar 6 15:26:05 2008] [info]: RT::User::CanonicalizeEmailAddress
[EMAIL PROTECTED] => [EMAIL PROTECTED]
(/usr/share/request-tracker3.6/lib/RT/User_Local.pm:347)
#some warnings. can't figure out where the problem is.
[Thu Mar 6 15:26:06 2008] [warning]: Use of uninitialized value in
concatenation (.) or string
at /usr/share/request-tracker3.6/lib/RT/Group_Overlay.pm line 566.
(/usr/share/request-tracker3.6/lib/RT/Group_Overlay.pm:566)
[Thu Mar 6 15:26:06 2008] [warning]: Use of uninitialized value in
concatenation (.) or string
at /usr/share/request-tracker3.6/lib/RT/Group_Overlay.pm line 566.
(/usr/share/request-tracker3.6/lib/RT/Group_Overlay.pm:566)
#two critical errors. don't know why
[Thu Mar 6 15:26:06 2008] [crit]: Could not add user to Everyone group
on user creation.
(/usr/share/request-tracker3.6/lib/RT/User_Overlay.pm:293)
[Thu Mar 6 15:26:06 2008] [crit]: Couldn't find that principal
(/usr/share/request-tracker3.6/lib/RT/User_Overlay.pm:294)
#autocreate seems ok
[Thu Mar 6 15:26:06 2008] [info]: Autocreated authenticated user
voulgaris (3866)
(/usr/local/share/request-tracker3.6/html/Callbacks/LDAP/autohandler/Auth:23)
#but no user is created and login fails
[Thu Mar 6 15:26:06 2008] [error]: FAILED LOGIN for voulgaris from
150.140.140.18 (/usr/share/request-tracker3.6/html/autohandler:238)
my rt installation works flawlessly without ldap authentication. my
system info
Debian Etch i386
rt 3.6.1 (from debian repository)
Apache 1.3.34
mysql Ver 14.12 Distrib 5.0.32
perl 5.8.8
Thank you in advance,
Kostas Voulgaris
_______________________________________________
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]
Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
Buy a copy at http://rtbook.bestpractical.com
