Hello Eric: I've got the same problem. After compiling and installing RT::Authen::ExternalAuth I was able to authenticate using my OpenLDAP but any other user that is missing from LDAP will not work.
Even new users that send an email in order to request a ticket isn't working. I am using rt3-3.6.5-3.el5.rpm on a CentOS Machine and RT-Authen-ExternalAuth-0.05. The logs are: [Thu May 7 21:32:44 2009] [error]: RT could not load a valid user, and RT's configuration does not allow [Thu May 7 21:32:44 2009] [error]: RT could not load a valid user, and RT's configuration does not allow [Thu May 7 21:32:44 2009] [error]: Could not record email: Could not load a valid user (/usr/share/rt3/html/REST/1.0/NoAuth/mail-gateway:75) And my configuration is: # Set ldap settings Set( @Plugins, qw(RT::Authen::ExternalAuth) ); # The order in which the services defined in ExternalSettings # should be used to authenticate users. User is authenticated # if successfully confirmed by any service - no more services # are checked. Set($ExternalAuthPriority, [ 'My_LDAP' ]); # The order in which the services defined in ExternalSettings # should be used to get information about users. This includes # RealName, Tel numbers etc, but also whether or not the user # should be considered disabled. # Once user info is found, no more services are checked. Set($ExternalInfoPriority, ['My_LDAP' ]); # If this is set to true, then the relevant packages will # be loaded to use SSL/TLS connections. At the moment, # this just means "use Net::SSLeay;" Set($ExternalServiceUsesSSLorTLS, 0); # If this is set to 1, then users should be autocreated by RT # as internal users if they fail to authenticate from an # external service. Set($AutoCreateNonExternalUsers, 1); # These are the full settings for each external service as a HashOfHashes # Note that you may have as many external services as you wish. They will # be checked in the order specified in the Priority directives above. # e.g. # Set(ExternalAuthPriority,['My_LDAP','My_MySQL','My_Oracle','SecondaryLDAP','Other-DB']); # Set($ExternalSettings, { # AN EXAMPLE LDAP SERVICE 'My_LDAP' => { ## GENERIC SECTION # The type of service (db/ldap/cookie) 'type' => 'ldap', # Should the service be used for authentication? 'auth' => 1, # Should the service be used for information? 'info' => 1, # The server hosting the service 'server' => 'neptuno.ufcspa.edu.br', ## SERVICE-SPECIFIC SECTION # If you can bind to your LDAP server anonymously you should # remove the user and pass config lines, otherwise specify them here: # # The username RT should use to connect to the LDAP server 'user' => 'cn=admin,dc=ufcspa,dc=edu,dc=br', # The password RT should use to connect to the LDAP server 'pass' => 'xxxx', # The LDAP search base 'base' => 'ou=Users,dc=ufcspa,dc=edu,dc=br', # The filter to use to match RT-Users 'filter' => '(objectClass=posixAccount)', # The filter that will only match disabled users 'd_filter' => '(accountStatus=disabled)', # Should we try to use TLS to encrypt connections? 'tls' => 0, # What other args should I pass to Net::LDAP->new($host,@args)? 'net_ldap_args' => [ version => 3 ], ## RT ATTRIBUTE MATCHING SECTION # The list of RT attributes that uniquely identify a user 'attr_match_list' => [ 'Name', 'EmailAddress', 'RealName' ], # The mapping of RT attributes on to LDAP attributes 'attr_map' => { 'Name' => 'uid', 'EmailAddress' => 'mail', 'RealName' => 'displayName' } } } ); Klaus Engelmann CCNA CCDA - CSCO10971632
_______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com