Hi,
After many searches, it works for some of my users and don't work for some others. Is it possible that parameter $RTAddressRegexp interfers with RT::Authen::ExternalAuth ? On Active directory side no error, only successes logs. Do you no about any other debug options I could use ? Thanks On Wed, Aug 21, 2013 at 12:33 PM, Maximilien Drouet <mdro...@randco.fr>wrote: > Hi Nathan, > > After many searchs with your help and our AD Administrator we found that > the account was not authorized. > > I was given another one and now, command line binds and authenticate well > but no chance with RT. Here is the command line > > ldapsearch -LLL -H ldap://myserver.mydomain.local -x -D > 'mydomain\ldapuser' -W -b ou=FR,dc=mydomain,dc=local uid=mysuer > > and the output. > > > dn: CN=Firstname Lastname,OU=z - y - x,OU=city,OU=Users & > Clients,OU=mydomain,OU=FR,DC=mydomain,DC=local > v > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: user > cn: Firstname Lastname > sn: Lastname > c: FR > l: city > title: myTitle > postalCode: Zipcode > physicalDeliveryOfficeName: z - y - x > telephoneNumber: myTelephonenumber > givenName: FirstName > distinguishedName: CN=Firstname Lastname,OU=z - y - x,OU=city,OU=Users & > Clients,OU=mydomain,OU=FR, > DC=mydomain,DC=local > instanceType: 4 > whenCreated: 20100701014148.0Z > whenChanged: 20130821001737.0Z > displayName: Firstname Lastname > uSNCreated: 73679 > memberOf: CN=LL.microsoftproject,OU=SDG Groups,DC=mydomain,DC=local > memberOf: CN=LL.Crystal.Reports.XI,OU=SDG Groups,DC=mydomain,DC=local > memberOf: CN=LL.IE8,OU=SDG Groups,DC=mydomain,DC=local > memberOf: CN=LL.itop,OU=Groups,OU=mydomain,OU=FR,DC=mydomain,DC=local > memberOf: CN=LL.msvisio2003,OU=SDG Groups,DC=mydomain,DC=local > memberOf: CN=LL.ClickToCall,OU=SDG Groups,DC=mydomain,DC=local > memberOf: > CN=mydomain.LL.dsi,OU=Groups,OU=mydomain,OU=FR,DC=mydomain,DC=local > uSNChanged: 10019507 > co: FRANCE > department: z - y - x > streetAddress: myaddress > name: Firstname Lastname > objectGUID:: l8cI/GO3KEOyA0E8neccKA== > userAccountControl: 544 > badPwdCount: 0 > codePage: 0 > countryCode: 250 > badPasswordTime: 130215493735596806 > lastLogoff: 0 > lastLogon: 130214762950697235 > pwdLastSet: 130214610102266437 > primaryGroupID: 513 > objectSid:: AQUAAAAAAAUVAAAAEQz3vwuoUpdtKTGZJPEAAA== > accountExpires: 130251384000000000 > logonCount: 197 > sAMAccountName: mysuer > sAMAccountType: 805306368 > userPrincipalName: mymail > lockoutTime: 0 > objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=mydomain,DC=local > dSCorePropagationData: 20130524093118.0Z > dSCorePropagationData: 20130523093743.0Z > dSCorePropagationData: 16010101000001.0Z > lastLogonTimestamp: 130214610103032919 > uid: mysuer > mail: mymail > > > > I'm quite confused with the RT configuration file and it's option, even > looking at the documentation I'm a litte bit lost, maybe the problem is > there. > > Here is the RT_Config extract > > # External Authentication Configuration > Set($ExternalAuthPriority, [ 'My_LDAP']); > Set($ExternalInfoPriority, [ 'My_LDAP']); > Set($ExternalSettings, { > > # AN EXAMPLE LDAP SERVICE > 'My_LDAP' => { > 'type' => 'ldap', > 'server' => 'myserver.mydomain.local', > 'user' => 'ldapaccount', > 'pass' => 'ldapaccountpassword', > 'base' => 'ou=FR,dc=mydomain,dc=local', > 'filter' => > '(&(ObjectCategory=User)(ObjectClass=Person))', > > 'd_filter' => > '(userAccountControl:1.2.840.113556.1.4.803:=2)', > 'group' => 'OU=Users & > Clients,OU=MYDOMAIN,OU=FR,DC=mydomain,DC=local', > 'group_attr' => 'member', > 'tls' => 0, > 'ssl_version' => 3, > > 'net_ldap_args' => [ version => 3 ], > 'group_scope' => 'base', > 'group_attr_value' => '*', > 'attr_match_list' => ['Name'], > 'attr_map' => { > 'Name' => 'sAMAccountName', > 'EmailAddress' => 'mail', > 'Organization' => 'physicalDeliveryOfficeName', > 'RealName' => 'cn', > 'ExternalAuthId' => 'sAMAccountName', > 'Gecos' => 'sAMAccountName', > 'WorkPhone' => 'telephoneNumber', > 'Address1' => 'streetAddress', > 'City' => 'l', > 'State' => 'st', > 'Zip' => 'postalCode', > 'Country' => 'co' > }, > }, > } ); > > > Any other Idea ? > > > -- > Regards > > Maximilien > > > > > -- Regards Maximilien