I am trying desparately to get this goingnd am not seeing that my externalauth is even being called. I am attaching my RT_SiteConfig.pm for review. I am a newbie and don't know much about anything RT as yet. I see very little in my /var/log/messages other tham LOGIN failed for xxxxx from web.pm, so I don't really think my externalauth is really in play as of yet. Any assistance in getting this going would be greatly appreciated.
Thanks. Brian Murphy Eastern Illinois University # Any configuration directives you include here will override # RT's default configuration file, RT_Config.pm # # To include a directive here, just copy the equivalent statement # from RT_Config.pm and change the value. We've included a single # sample value below. # # This file is actually a perl module, so you can include valid # perl code, as well. # # The converse is also true, if this file isn't valid perl, you're # going to run into trouble. To check your SiteConfig file, use # this comamnd: # # perl -c /path/to/your/etc/RT_SiteConfig.pm # # You must restart your webserver after making changes to this file. # You must install Plugins on your own, this is only an example # of the correct syntax to use when activating them. # There should only be one @Plugins declaration in your config file. #Set(@Plugins,(qw(RT::Extension::QuickDelete RT::Extension::CommandByMail RT::Extension::ActivityReports))); #Set(@Plugins,(qw(RT::Extension::ActivityReports))); Set(@Plugins,(qw(RT::Extension::ActivityReports RT::Authen::ExternalAuth))); Set( $CorrespondAddress, '' ); Set( $rtname, 'EIU ITS Campus Technology' ); Set( $DatabaseRequireSSL, '' ); Set( $WebPort, '8080' ); Set( $DatabaseType, 'mysql' ); Set( $SendmailPath, '/usr/sbin/sendmail' ); Set( $WebDomain, 'localhost' ); Set( $CommentAddress, '' ); Set($Timezone, "US/Central"); Set($UnsafeEmailCommands, 1); Set($ParseNewMessageForTicketCcs, 1); Set($NotifyActor, 1); Set( $OwnerEmail, '' ); Set( $DatabaseUser, 'rt_user' ); Set( $DatabasePort, '' ); Set( $DatabasePassword, 'RT_pass1-' ); Set( $DatabaseAdmin, 'root' ); Set( $DatabaseAdminPassword, 'Mtfbwu+1' ); Set( $DatabaseHost, 'localhost' ); Set( $DatabaseName, 'rt4' ); Set( $Organization, 'ITS' ); 1; # The order in which the services defined in ExternalSettings # should be used to authenticate users. User is authenticated # if successfully confirmed by any service - no more services # are checked. Set($ExternalAuthPriority, [ 'EIUAD' ] ); # The order in which the services defined in ExternalSettings # should be used to get information about users. This includes # RealName, Tel numbers etc, but also whether or not the user # should be considered disabled. # # Once user info is found, no more services are checked. # # You CANNOT use a SSO cookie for authentication. Set($ExternalInfoPriority, [ 'EIUAD' ] ); # If this is set to true, then the relevant packages will # be loaded to use SSL/TLS connections. At the moment, # this just means "use Net::SSLeay;" Set($ExternalServiceUsesSSLorTLS, 0); # If this is set to 1, then users should be autocreated by RT # as internal users if they fail to authenticate from an # external service. Set($AutoCreateNonExternalUsers, 0); # These are the full settings for each external service as a HashOfHashes # Note that you may have as many external services as you wish. They will # be checked in the order specified in the Priority directives above. # e.g. # Set(ExternalAuthPriority,['My_LDAP','My_MySQL','My_Oracle','SecondaryLDAP','Other-DB']); # Set($ExternalSettings, { # EIUAD Active Directory 'EIUAD' => { ## GENERIC SECTION # The type of service (db/ldap/cookie) 'type' => 'ldap', # The server hosting the service 'server' => 'xxxxx.xxx.edu', ## SERVICE-SPECIFIC SECTION # If you can bind to your LDAP server anonymously you should # remove the user and pass config lines, otherwise specify them here: # # The username RT should use to connect to the LDAP server 'user' => 'rtauth', # The password RT should use to connect to the LDAP server 'pass' => 'xxxxxxx, # # The LDAP search base 'base' => 'dc=xxxxx,dc=xxx,dc=edu', # # ALL FILTERS MUST BE VALID LDAP FILTERS ENCASED IN PARENTHESES! # YOU **MUST** SPECIFY A filter AND A d_filter!! # # The filter to use to match RT-Users 'filter' => '(objectclass=person)', # A catch-all example filter: '(objectClass=*)' # # The filter that will only match disabled users 'd_filter' => '(objectclass=Foo)', # A catch-none example d_filter: '(objectClass=FooBarBaz)' # # Should we try to use TLS to encrypt connections? 'tls' => 0, # SSL Version to provide to Net::SSLeay *if* using SSL 'ssl_version' => 3, # What other args should I pass to Net::LDAP->new($host,@args)? 'net_ldap_args' => [ version => 3 ], # Does authentication depend on group membership? What group name? 'group' => 'rt_access', # What is the attribute for the group object that determines membership? 'group_attr' => 'memberOf', ## RT ATTRIBUTE MATCHING SECTION # The list of RT attributes that uniquely identify a user # This example shows what you *can* specify.. I recommend reducing this # to just the Name and EmailAddress to save encountering problems later. 'attr_match_list' => [ 'Name' ], # The mapping of RT attributes on to LDAP attributes 'attr_map' => { 'Name' => 'sAMAccountName' } } } ); 1; -------- RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA September 26 & 27, 2011 * San Francisco, CA, USA October 18 & 19, 2011 * Washington DC, USA October 31 & November 1, 2011 * Melbourne VIC, Australia November 28 & 29, 2011 * Barcelona, Spain November 28 & 29, 2011