Hi,
I am trying to connect my AD to RT, to let users in AD access RT with
their user names. I tried configuring LDAP different ways, but it always
returns cannot connect to LDAP, Invalid Credentials.
[critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj : Cannot
connect to 10.10.0.5:389
I assume the LDAP search was successful through this command.
LDAP Search:
ldapsearch -LLL -x -H ldap://10.10.0.5:389 -b 'ou=IT, ou=Support,
dc=mcfc, dc=local' -D 'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local' -w
'abc1...@#' '(&(ObjectClass=User)(CN= RT))'
<returned no errors>
Does that mean, the ldap search was successful?
My RT Site Config is below.
Do i have to use AutoCanonical for user to get connected to LDAP.
Where am i doing wrong. Please let me know if you may need some more
files to know where am i doing it wrong.
------------------------RT SITE CONFIG
---------------------------------------------------------------
Set($WebBaseURL,'http://10.10.10.10:443'); Set($WebPath,'');
Set($DatabaseName, 'rt3'); Set($DatabaseType, 'mysql');
Set($DatbaseUser, 'rtuser'); Set($DatabasePassword, 'pass');
Set($rtname,'Ticket'); Set($Organization,"http://www.mcfc.com";);
#Set(@Plugins,(qw(Extension::QuickDelete)));
#Set(@Plguins,(qw(RT::FM)));
#Set($LogtoFileNamed, "rt.log");
#Set($LogtoFile, 'debug');
Set(@Plugins,qw(RT::Authen::ExternalAuth));
Set($CorrespondAddress, 'rt-...@mcfc.com');
Set($CommentAddress, 'rt-comm...@mcfc.com');
@MailCommand , 'sendmail';
$SendMailArguments = "-oi -t";
$SendMailPath = "/usr/sbin/sendmail";
$SenderMustExistInExternalDatabase = undef;
#Set($MailCommand, 'sendmail');
#Set($SendMailArguments, "-bm --rt-...@mcfc.com");
#Set($SendmailPath, "/usr/sbin/exim4");
Set($NotifyActor, 1);
Set($RecordOutgoingEmail, 1);
Set($Timezone, 'US/Central');
$WebURL = $WebBaseURL . $WebPath . "/";
#Set($WebExternalAuth, 1);
#Set($WebFallbackToInternalAuth, true);
#Set($WebExternalAuto , 1);
Set ($ExternalAuthPriority, [ 'My_LDAP' ]);
Set ($ExternalInfoPriority, [ 'My_LDAP' ]);
Set ($ExternalServiceUsesSSLorTLS, 1);
Set ($AutoCreateNonExternalUsers, 1);
Set ($Autocreate, 'Privileged=>1');
Set($ExternalSettings, { 'My_LDAP' =>
{
'type' => 'ldap',
'server' => '10.10.10.10:389',
'user' => 'cn=RT, ou=IT,
ou=Support, dc=mcfc, dc=local',
#'filter' => '(uid=*)',
#'filter' => '(&(ObjectCategory =
User)(ObjectClass=Person))',
'filter' => '(&(ObjectCategory =
User)',
'd_filter' =>
'(userAccountControl=514)',
#'d_filter' =>
'(userAccountControl:1.2.840.113556.1.4.803:=2)',
'tls' => 0,
#'ssl_version' => 3,
'net_ldap_args' => [version => 3],
#'group' =>'cn= ou=Users
dc=server, dc=mcfc, dc=local',
#'group_attr' => 'member',
'attr_match_list' =>
['Name','Email Address'],
#'attr_map' => {'Name' => 'uid',
'EmailAddress' => 'mail'}
'attr_map' => {
'Name' =>
'sAMAaccountName',
'EmailAddress' =>
'mail',
'Organization' =>
'physicalDeliveryOfficeName',
'RealName' => 'cn',
'ExternalAuthId'=>
'sAMAccountname',
'Gecos' =>
'sAMAccountName',
'WorkPhone' =>
'telephoneNumber',
'Address1' =>
'streetAddress',
'City' => '1',
'State' => 'st',
'Zip' =>'postalCode',
'Country' => 'co'
}
}
}
);
1;
RT Training in Washington DC, USA on Oct 25 & 26 2010
Last one this year -- Learn how to get the most out of RT!
