Hi Anton, I used following block in my RT_SiteConfig :
Set(@Plugins, qw(RT::Authen::ExternalAuth) ); Set($ExternalAuthPriority, ["My_LDAP"]); Set($ExternalInfoPriority, ["My_LDAP"]); Set($AutoCreateNonExternalUsers, 1); Set($ExternalSettings, { 'My_LDAP' => { ## GENERIC SECTION 'type' => 'ldap', 'server' => ' vmns1.cs.sunysb.edu', 'user' => 'CN=Recruit LDAP user,OU=Service Accounts,OU=SBCS,DC=cs,DC=stonybrook,DC=edu', 'pass' => '*******', 'base' => 'ou=SBCS,dc=cs,dc=stonybrook,DC=edu', # 'filter' => '((&(objectCategory=Users)))', filter => '(objectClass=*)', 'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)', # 'd_filter' => '(&(objectCategory=User) (ObjectClass=Person))' , 'tls' => 1, 'ssl_version' => 3, 'net_ldap_args' => [ version => 3 ], # 'group' => 'CN=Domain Users,CN=Users,DC=cs,DC=stonybrook,DC=edu', # 'group_attr' => 'member', 'attr_match_list' => [ 'Name', 'EmailAddress' ], 'attr_map' => { 'Name' => 'sAMAccountName', 'EmailAddress' => 'mail' } } } ); Is anything that I'm missing ? Thanks, Bharath. On Tue, Oct 13, 2015 at 8:04 PM, Anton Panetta < anton.pane...@haircareaust.com> wrote: > Whats the block you put in your RT_SiteConfig relating to external auth? > > > > > > > > *From:* rt-users [mailto:rt-users-boun...@lists.bestpractical.com] *On > Behalf Of *bharath reddy > *Sent:* Wednesday, 14 October 2015 3:58 AM > *To:* RT-List <rt-users@lists.bestpractical.com> > *Subject:* [rt-users] Regarding External Authentication using LDAP > > > > Dear All, > > > > I followed the link https://metacpan.org/pod/RT::Authen::ExternalAuth and > made required changes and then restarted my apache server. But when I'm > logging into the RT from web it fails with : > > "*Your username or password is incorrect*" > > > > But user exists in the LDAP. > > > > Log file contains : > > [22441] [Tue Oct 13 16:58:25 2015] [error]: FAILED LOGIN for > <my_user_name> from 130.245.10.107 (/rt/lib//RT/Interface/Web.pm:810) > > > > From the code(/rt/lib//RT/Interface/Web.pm) it fails at this point : > > > > unless ( $user_obj->id && $user_obj->IsPassword( $ARGS->{pass} ) ) { > > $RT::Logger->error("FAILED LOGIN for @{[$ARGS->{user}]} from > $ENV{'REMOTE_ADDR'}"); > > > > Can any one help me how to change the flow to authenticate from LDAP i.e > it should check the username and password against the LDAP and not from DB. > > > > Any help or pointers to this issue will be appreciated. > > > > Thanks, > > Bharath. > The information contained in this email message and any attachments may be > confidential information. If you are not the intended recipient, any use, > interference with, disclosure or copying of this material is unauthorised > and prohibited. If you have received this email in error, please advise us > immediately and delete the email and all copies. The content and opinions > in non-business email are not necessarily those of Haircare Australia. >