Kevin/Chris: Thanks for taking the time to reply. After taking both your suggestions into account I got a service account setup and configured the attr_map attribute. Initially, I was trying to get this working using just my certificate and then binding as the user who was authenticating (not needing a service account). As I understand now however, this is necessary for this plugin.
Thanks, Jason On Thu, Apr 3, 2014 at 1:55 PM, Kevin Falcone <[email protected]>wrote: > On Wed, Apr 02, 2014 at 02:44:31PM -0500, Jason Batchelor wrote: > > Set($ExternalSettings, { > > 'My_LDAP' => { > > 'type' => 'ldap', > > 'server' => 'ldaps://[1]example.company.org', > > 'base' => 'dc=xxxxx,dc=org', > > 'filter' => '(objectClass=*)', > > 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)', > > 'tls' => 0, > > 'ssl_version' => 3, > > 'net_ldap_args' => [ version => 3 ] > > }, > > } ); > > -------------------------------------- > > I am trying to do this via LDAPS using our root CAs (which I have > already configured via > > openLDAP). Each time I attempt to authenticate I get the following > error in the logs... > > The debugging line blows up because the filter constructed is invalid > because you've not provided attr_map, which means RT has no idea how > to map things in LDAP to things in RT. > > You'll need a complete config to use RT::Authen::ExternalAuth > > Also, since you're just setting up, upgrade to the current release of > the module. > > The docs cover the needed config settings > > https://metacpan.org/source/FALCONE/RT-Authen-ExternalAuth-0.18/etc/RT_SiteConfig.pm#L212 > > -kevin > > -- > RT Training - Dallas May 20-21 > http://bestpractical.com/training >
-- RT Training - Dallas May 20-21 http://bestpractical.com/training
