On Wed, Sep 29, 2010 at 03:24:43PM -0500, Ashrock wrote: > Hi, > > I am trying to connect my AD to RT, to let users in AD access RT with > their user names. I > tried configuring LDAP different ways, but it always returns cannot > connect to LDAP, Invalid > Credentials. > [critical]: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj : Cannot > connect to 10.10.0.5:389 > > I assume the LDAP search was successful through this command. > > LDAP Search: > ldapsearch -LLL -x -H [1]ldap://10.10.0.5:389 -b 'ou=IT, ou=Support, > dc=mcfc, dc=local' -D > 'cn=RT, ou=IT, ou=Support, dc=mcfc, dc=local' -w 'abc1...@#' > '(&(ObjectClass=User)(CN= RT))' > <returned no errors> > Does that mean, the ldap search was successful?
Your ldapsearch command specified a password, your RT config does not -kevin > My RT Site Config is below. > Do i have to use AutoCanonical for user to get connected to LDAP. > > Where am i doing wrong. Please let me know if you may need some more files > to know where am i > doing it wrong. > > ------------------------RT SITE CONFIG > --------------------------------------------------------------- > Set($WebBaseURL,'[2]http://10.10.10.10:443'); Set($WebPath,''); > Set($DatabaseName, 'rt3'); Set($DatabaseType, 'mysql'); > Set($DatbaseUser, 'rtuser'); Set($DatabasePassword, 'pass'); > Set($rtname,'Ticket'); Set($Organization,[3]"http://www.mcfc.com"); > > #Set(@Plugins,(qw(Extension::QuickDelete))); > #Set(@Plguins,(qw(RT::FM))); > #Set($LogtoFileNamed, "rt.log"); > #Set($LogtoFile, 'debug'); > > Set(@Plugins,qw(RT::Authen::ExternalAuth)); > Set($CorrespondAddress, '[4]rt-...@mcfc.com'); > Set($CommentAddress, '[5]rt-comm...@mcfc.com'); > > @MailCommand , 'sendmail'; > $SendMailArguments = "-oi -t"; > $SendMailPath = "/usr/sbin/sendmail"; > $SenderMustExistInExternalDatabase = undef; > > #Set($MailCommand, 'sendmail'); > #Set($SendMailArguments, "-bm --rt-...@mcfc.com"); > #Set($SendmailPath, "/usr/sbin/exim4"); > > Set($NotifyActor, 1); > Set($RecordOutgoingEmail, 1); > Set($Timezone, 'US/Central'); > > $WebURL = $WebBaseURL . $WebPath . "/"; > > #Set($WebExternalAuth, 1); > #Set($WebFallbackToInternalAuth, true); > #Set($WebExternalAuto , 1); > > Set ($ExternalAuthPriority, [ 'My_LDAP' ]); > Set ($ExternalInfoPriority, [ 'My_LDAP' ]); > Set ($ExternalServiceUsesSSLorTLS, 1); > Set ($AutoCreateNonExternalUsers, 1); > Set ($Autocreate, 'Privileged=>1'); > > Set($ExternalSettings, { 'My_LDAP' => > { > 'type' => 'ldap', > 'server' => '10.10.10.10:389', > 'user' => 'cn=RT, ou=IT, ou=Support, > dc=mcfc, dc=local', > #'filter' => '(uid=*)', > #'filter' => '(&(ObjectCategory = > User)(ObjectClass=Person))', > 'filter' => '(&(ObjectCategory = > User)', > 'd_filter' => > '(userAccountControl=514)', > #'d_filter' => > '(userAccountControl:1.2.840.113556.1.4.803:=2)', > 'tls' => 0, > #'ssl_version' => 3, > 'net_ldap_args' => [version => 3], > #'group' =>'cn= ou=Users dc=server, > dc=mcfc, dc=local', > #'group_attr' => 'member', > 'attr_match_list' => ['Name','Email > Address'], > #'attr_map' => {'Name' => 'uid', > 'EmailAddress' => > 'mail'} > 'attr_map' => { > 'Name' => > 'sAMAaccountName', > 'EmailAddress' => > 'mail', > 'Organization' => > 'physicalDeliveryOfficeName', > 'RealName' => 'cn', > 'ExternalAuthId'=> > 'sAMAccountname', > 'Gecos' => > 'sAMAccountName', > 'WorkPhone' => > 'telephoneNumber', > 'Address1' => > 'streetAddress', > 'City' => '1', > 'State' => 'st', > 'Zip' =>'postalCode', > 'Country' => 'co' > } > > } > } > ); > 1; > > References > > Visible links > 1. file:///Users/falcone/tmp/ldap:/10.10.0.5:389 > 2. http://10.10.10.10:443/ > 3. http://www.mcfc.com/ > 4. mailto:rt-...@mcfc.com > 5. mailto:rt-comm...@mcfc.com > > RT Training in Washington DC, USA on Oct 25 & 26 2010 > Last one this year -- Learn how to get the most out of RT!
pgpa0lDVDtwi3.pgp
Description: PGP signature
RT Training in Washington DC, USA on Oct 25 & 26 2010 Last one this year -- Learn how to get the most out of RT!