Hello, V0.07_01 is working for us for authentication with MSFT AD, after installing it on top of 0.06. New users can log in and get "autocreated" properly.
Thanks a lot to all developers for the quick solution. This is what we added to RT_SiteConfig.pm, in case it may help someone else: ------------------------------------------------- # Config per LDAP Authentication Set( @Plugins, qw(RT::Authen::ExternalAuth) ); ### LDAP Settings # Set($WebExternalAuth , 1); Set($WebFallbackToInternalAuth , 1); Set($ExternalAuthPriority, [ 'AD_LDAP' ] ); Set($ExternalInfoPriority, [ 'AD_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS, 0); Set($AutoCreateNonExternalUsers, 1); Set($ExternalSettings, { # AN EXAMPLE LDAP SERVICE 'AD_LDAP' => { ## GENERIC SECTION # The type of service (db/ldap/cookie) 'type' => 'ldap', # Should the service be used for authentication? 'auth' => 1, # Should the service be used for information? 'info' => 0, # The server hosting the service 'server' => '<MyServerFullyQualifiedNameGoesHere>', ## SERVICE-SPECIFIC SECTION # If you can bind to your LDAP server anonymously you should # remove the user and pass config lines, otherwise specify them here: # # The username RT should use to connect to the LDAP server 'user' => '<MyDomain\username>', # The password RT should use to connect to the LDAP server 'pass' => '<MyPassword>', # # The LDAP search base 'base' => 'ou=<Myouname>,dc=nervianoms,dc=com', # The filter to use to match RT-Users 'filter' => '(&(objectCategory=person)(objectClass=user))', # The filter that will only match disabled users 'd_filter' => '(&(objectCategory=person)(objectClass=user) (userAccountControl:1.2.840.113556.1.4.803:=2))', # Should we try to use TLS to encrypt connections? 'tls' => 0, # What other args should I pass to Net::LDAP->new($host,@args)? 'net_ldap_args' => [ version => 3 ], # Does authentication depend on group membership? What group name? #GV#'group' => 'GROUP_NAME', # What is the attribute for the group object that determines membership? #GV#'group_attr' => 'GROUP_ATTR', ## RT ATTRIBUTE MATCHING SECTION # The list of RT attributes that uniquely identify a user 'attr_match_list' => [ 'Name', 'EmailAddress', 'RealName' ], # The mapping of RT attributes on to LDAP attributes 'attr_map' => { 'Name' => 'sAMAccountName', 'EmailAddress' => 'mail', 'ExternalAuthId' => 'sAMAccountName', } } } ); ### Fine config per LDAP authentication... -------------------------------------------------- Gabriele Franzini ICT Applications Manager Nerviano Medical Sciences SRL PO Box 11 - Viale Pasteur 10 20014 Nerviano Italy _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com