Hi, We're running RT 3.8.8 and using RT-Authen-ExternalAuth 0.08 to authenticate against Active Directory. Any new AD account I create can logon to RT, and have corresponding account created in RT, if it is in the necessary security group, but older accounts, mine included, pass the password test, but fail at the group membership test, and fail to logon. The RT account, however, does get created. The log entries look like this...
Jan 5 15:12:29 RT388 RT: AD_GROUP2 AUTH FAILED: my-name (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:127) Jan 5 15:12:29 RT388 RT: FAILED LOGIN for my-name from 192.168.1.1 (/opt/rt3/bin/../lib/RT/Interface/Web.pm:424) As I said above, older accounts (3 years plus) which are members of the group being tested fail to fully authenticate, while new accounts which are members of the same group, authenticate properly. In fact, If I comment out the group test from RT_SiteConfig.pm, I can logon to RT with my old account. I don't know if this is pertinent, but we upgraded to Exchange 2007 a few months back, and I wonder if the AD schema changes could be affecting things? Lyle.
