Ok, narrowing this down.
Have a user "rtbind" with the creative password "tickets." Running
ldapsearch from the command line with this user's credentials gets me
results as expected.
Logging in to the web interface using this same user and password gets
me
[Thu Nov 20 18:13:23 2008] [debug]: $pass defined (tickets), Running
IsPassword
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:69)
[Thu Nov 20 18:13:23 2008] [debug]: Password Incorrect
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAu
th/autohandler/Auth:74)
[Thu Nov 20 18:13:23 2008] [error]: FAILED LOGIN for rtbind from
192.168.1.34 (/opt/rt3/share/html/autohandler:265)
So now I'm *really* confused. It's finding the rtbind user in AD and
accepting that (I tested by entering a bogus user (literally), and I see
the expected
[debug]: User Check Failed :: ( AD_LDAP ) bogus User not
found
So the user lookup is okay).
Just for laughs, I made rtbind a domain admin. I assumed that would
remove permission to check passwords in AD as a factor. Was I wrong, or
is there still something dumb in my config somewhere?
I've been using Softerra's LDAP Browser (freeware) to check structure.
I'm not sure what I'm missing at this point :-(.
------------------------
Rob Munsch
IT Administrator
http://www.PhillyCarShare.org <http://www.PhillyCarShare.org>
Our wheels. Your freedom.
215-730-0988 x138
BEGIN:VCARD
VERSION:2.1
N:Munsch;Robert
FN:Robert Munsch
EMAIL;PREF;INTERNET:[EMAIL PROTECTED]
REV:20080605T213203Z
END:VCARD
_______________________________________________
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]
Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
Buy a copy at http://rtbook.bestpractical.com
