Hello Guys
I have a problem to run the Auth. Plugin over ssl.... My settings are: 1. AD Server Windows 2008 2. Client Linux Ubuntu Lynx 10.04 LTS Version So what i have done on the ServerSide: Create a zertificate refered by this Document http://technet.microsoft.com/en-us/library/ee411009%28WS.10%29.aspx Microsoft I had tested the ldap connection over ssl on the server side, by the help of ldp.exe ... this works perfectly On the client side: I had converted the certifiacte from the server Server with openssl in an pm file and installed the imported Certificate in the directory /etc/ssl/certs. But no ssl connections take place ... the plugin makes an fallback ( proofed with thshark,perfmon and ssldump) on port 389 ( i wonder why). so here is my plugin config: ##RT Authenth############# Set( @Plugins,qw(RT::Authen::ExternalAuth)); Set($ExternalAuthPriority,['My_LDAP']); Set($ExternalInfoPriority,['My_LDAP']); Set($ExternalServiceUsesSSLorTLS,1); Set($AutoCreateNonExternalUsers,1); Set($AutoCreate,{Privileged => 1}); Set($ExternalSettings,{'My_LDAP' =>{ ## GENERIC SECTION 'type' => 'ldap', 'server' => 'xxxxxxxxxxxxxx', 'user' => 'CN=xxxxxxxxx,OU=xxxxxxxxx,OU=xxxx,DC=xxxxxxxxxxxl', 'pass' => 'xxxxxxxxxxxxx', 'base' => 'OU=Benutzer,OU=xxxx,DC=xxxx,DC=xxx', 'filter' => '(memberOf=CN=xxxx,OU=Gruppen,OU=xxxx,DC=xxxxxxxx)', 'd_filter' => '(userAccountControl=514)', 'tls' => 1, 'ssl_version' => 3, 'net_ldap_args' => [ version => 3 ], #'group' => '', #'group_attr' => '', 'attr_match_list' => [ 'Name', 'EmailAddress', ], 'attr_map' => { 'Name' => 'sAMAccountName', 'RealName' => 'cn', 'EmailAddress' => 'mail', 'Organization' => 'physicalDeliveryOfficeName', 'ExternalAuthId' => 'sAMAccountName', 'WorkPhone' => 'telephoneNumber', 'Address1' => 'streetAddress', 'City' => 'l', 'Zip' => 'postalCode', Does the plugin need an self signed certificate ?... if so, how i can create this with windows 2008 server? or do i need some software like likewise , that the server can authorize against the linux client ? i tried to make an ldapsearch with the following command: ldapsearch -h xxx.local -p 636 -Z -D "sbah\admin" -w "password" -b " CN=Configuration,DC=xxx,DC=local" -s sub "sAMAccountName=USER" comes an error: ldap_start_tls: Can't contact LDAP server (-1) ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) don't have a clue whats wrong best regards skyerjoe -- View this message in context: http://old.nabble.com/RT-Authen%3A-External-Auth-won%27t-work-over-ssl-tp31594799p31594799.html Sent from the Request Tracker - User mailing list archive at Nabble.com.