Thu 23 Apr 2009 21:26:12 GMT Jeff Lucas wrote: > I’ve configured a DEV instance of RT 3.8.2 to test AD authentication but > am getting the following in my rt.log… > > *[Thu Apr 23 19:37:58 2009] [error]: FAILED LOGIN for jeff from 10.x.x.x > (/apps/rt-3.8.2-dev/share/html/autohandler:268)*
You need to turn on debug logging, provide the debug log output, provide the version ExternalAuth you're using, and provide your Site_Config > > I do not admin and therefore do not have access to monitor things on the > AD side. Is there any way I can further debug the issue via log files, > etc. on my RT server? I never use the AD side for debugging, it can all be done from the RT server. > > I know AD is working as I can query it using ldapsearch, however, I’m > unsure if I’ve configured my "RT_SiteConfig.pm" correctly based on the > working query. Which is why you need to provide it. > > My ldapsearch command uses the following flags… > > -D "CN=RT User,OU=Eagle Access,DC=eagleinvsys,DC=com" -w <password> -b > "OU=Eagle Access,DC=eagleinvsys,DC=com" > > I’m unsure what my “base” should be set to in RT_SiteConfig.pm since > I’m using different settings for –D and –b. This is an LDAP understanding issue. You need to know a little more. The above search says that your base is "OU=Eagle Access,DC=eagleinvsys,DC=com" and you do not have anonymous bind enabled on your AD server suggesting that you need to specify the user "CN=RT User,OU=Eagle Access,DC=eagleinvsys,DC=com" and the password for that user inside your external auth config. > > Also, does a user have to exist in RT (and have credentials) before the > user can be authenticated via AD? No. The user is automatically created inside RT when successful AD authentication occurs. -- Kind Regards, __________________________________________________ Mike Peachey, IT Tel: +44 114 281 2655 Fax: +44 114 281 2951 Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK Comp Reg No: 3191371 - Registered In England http://www.jennic.com __________________________________________________ _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com