[rt-users] RT 4.2.10 and ExternalAuth using LDAP
Hi,
I'm setting up an RT server on:
CentOS 7.1 x64
Apache 2.4
PostgreSQL
Perl v5.16.3
Trying to use ExternalAuth to LDAP (Microsoft AD) using these settings in
RT_SiteConfig.pm:
Plugin( RT::Authen::ExternalAuth );
Set( $ExternalAuthPriority, [My_LDAP] );
Set( $ExternalInfoPriority, [My_LDAP] );
Set($ExternalSettings, {
'My_LDAP' = {
'type' = 'ldap',
'server'= '1.1.1.1',
'user' = 'rtbinduser@domain.server',
'pass' = 'rtbinduserpw',
'base' = 'ou=Dom Users,ou=Company
AD,dc=domain,dc=server',
'attr_match_list' = [
'Name',
'EmailAddress',
],
'attr_map' = {
'Name' = 'sAMAccountName',
'EmailAddress' = 'mail',
'Organization' = 'physicalDeliveryOfficeName',
'RealName' = 'cn',
'ExternalAuthId' = 'sAMAccountName',
'Gecos' = 'sAMAccountName',
'WorkPhone' = 'telephoneNumber',
'Address1' = 'streetAddress',
'City' = 'l',
'State' = 'st',
'Zip' = 'postalCode',
'Country' = 'co'
},
},
} );
I start the RT using it's own server : /opt/rt4/sbin/rt-server --port 8080
Page loads in the browser and I can log in as root but when I try to log in
using AD account I see in the logs:
[warning]: Use of uninitialized value $filter in concatenation (.) or
string at
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
line 453.
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:451)
I have been digging through google and the LDAP.pm without success. When I
messed with the 'base' value error changed:
[25778] [Mon Apr 20 08:55:33 2015] [warning]: Use of uninitialized value
$filter in concatenation (.) or string at
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
line 453.
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:451)
[25778] [Mon Apr 20 08:55:33 2015] [error]: Can't call method as_string
on an undefined value at
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
line 357.
Stack:
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357]
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:843]
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:885]
[/opt/rt4/sbin/../lib/RT/User.pm:141]
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:486]
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:10]
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Session:1]
[/opt/rt4/sbin/../lib/RT/Interface/Web.pm:310]
[/opt/rt4/share/html/autohandler:53]
(/opt/rt4/sbin/../lib/RT/Interface/Web/Handler.pm:208)
Any suggestions to a right direction are welcome.
PS! Went with LDAP because other services on the server use it
successfully. I have installed RT using Kerberos auth before but decided to
use something simpler. :D
--
Indrek
Re: [rt-users] RT 4.2.10 and ExternalAuth using LDAP
Hi,
messing with the filter = '(objectClass=*)', gave me FAILED LOGIN as did
=person. Then tested the LDAP Import plugin and it worked. Now I need to
see about AD user permissions (create tickets etc).
Thank you for the suggestions and thank you Trev for making it more
understandable. Your configuration helped me understand other needed values
as well.
Regards,
--Indrek
On Mon, Apr 20, 2015 at 4:19 PM Jeff Blaine jbla...@kickflop.net wrote:
https://metacpan.org/pod/RT::Authen::ExternalAuth::LDAP
says:
filter
The filter to use to match RT users. You must specify
it and it must be a valid LDAP filter encased in parentheses.
For example:
filter = '(objectClass=*)',
On 4/20/2015 5:16 AM, Indrek Paas wrote:
Hi,
I'm setting up an RT server on:
CentOS 7.1 x64
Apache 2.4
PostgreSQL
Perl v5.16.3
Trying to use ExternalAuth to LDAP (Microsoft AD) using these settings
in RT_SiteConfig.pm:
Plugin( RT::Authen::ExternalAuth );
Set( $ExternalAuthPriority, [My_LDAP] );
Set( $ExternalInfoPriority, [My_LDAP] );
Set($ExternalSettings, {
'My_LDAP' = {
'type' = 'ldap',
'server'= '1.1.1.1',
'user' = 'rtbinduser@domain.server
',
'pass' = 'rtbinduserpw',
'base' = 'ou=Dom Users,ou=Company
AD,dc=domain,dc=server',
'attr_match_list' = [
'Name',
'EmailAddress',
],
'attr_map' = {
'Name' = 'sAMAccountName',
'EmailAddress' = 'mail',
'Organization' = 'physicalDeliveryOfficeName',
'RealName' = 'cn',
'ExternalAuthId' = 'sAMAccountName',
'Gecos' = 'sAMAccountName',
'WorkPhone' = 'telephoneNumber',
'Address1' = 'streetAddress',
'City' = 'l',
'State' = 'st',
'Zip' = 'postalCode',
'Country' = 'co'
},
},
} );
I start the RT using it's own server : /opt/rt4/sbin/rt-server --port
8080
Page loads in the browser and I can log in as root but when I try to log
in using AD account I see in the logs:
[warning]: Use of uninitialized value $filter in concatenation (.) or
string at
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
line 453.
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:451)
I have been digging through google and the LDAP.pm without success. When
I messed with the 'base' value error changed:
[25778] [Mon Apr 20 08:55:33 2015] [warning]: Use of uninitialized value
$filter in concatenation (.) or string at
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
line 453.
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:451)
[25778] [Mon Apr 20 08:55:33 2015] [error]: Can't call method
as_string on an undefined value at
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
line 357.
Stack:
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357]
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:843]
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:885]
[/opt/rt4/sbin/../lib/RT/User.pm:141]
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:486]
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Elements/DoAuth:10]
[/opt/rt4/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Session:1]
[/opt/rt4/sbin/../lib/RT/Interface/Web.pm:310]
[/opt/rt4/share/html/autohandler:53]
(/opt/rt4/sbin/../lib/RT/Interface/Web/Handler.pm:208)
Any suggestions to a right direction are welcome.
PS! Went with LDAP because other services on the server use it
successfully. I have installed RT using Kerberos auth before but decided
to use something simpler. :D
--
Indrek
--
Jeff Blaine
kickflop.net
PGP/GnuPG Key ID: 0x0C8EDD02
Re: [rt-users] RT4.0.2 Branded Queue
On Wed, Sep 14, 2011 at 5:25 PM, Kevin Falcone falc...@bestpractical.com wrote: On Wed, Sep 14, 2011 at 03:23:51PM +0300, Indrek Paas wrote: I have a clean RT 4.0.2 install. Templates have not been modified in any way. I tried modifying the Autoreply template by translating the text to my native language but this broke the RT4 autoreply. When new ticket was created no reply was sent. But is this fix a number of places to use $TicketObj-SubjectTag required to get the Queue branding to work? Nope, the RT4 templates already called $TicketObj-SubjectTag There is no need to reply to this message right now. Your ticket has been assigned an ID of [support #46]. Please include the string: [support #46] What did you expect to see here? WEB - which is the queue name. I can see it in the top part of the message. This message has been automatically generated in response to the creation of a trouble ticket regarding: WEB: VPN serveri mälu, And aslo on subject line it states support. -- Indrek -kevin RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA — September 26 27, 2011 * San Francisco, CA, USA — October 18 19, 2011 * Washington DC, USA — October 31 November 1, 2011 * Melbourne VIC, Australia — November 28 29, 2011 * Barcelona, Spain — November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA September 26 27, 2011 * San Francisco, CA, USA October 18 19, 2011 * Washington DC, USA October 31 November 1, 2011 * Melbourne VIC, Australia November 28 29, 2011 * Barcelona, Spain November 28 29, 2011
Re: [rt-users] RT4.0.2 Branded Queue
I have a clean RT 4.0.2 install. Templates have not been modified in any way. I tried modifying the Autoreply template by translating the text to my native language but this broke the RT4 autoreply. When new ticket was created no reply was sent. But is this fix a number of places to use $TicketObj-SubjectTag required to get the Queue branding to work? --Indrek On Tue, Sep 13, 2011 at 9:46 PM, Kevin Falcone falc...@bestpractical.com wrote: On Tue, Sep 13, 2011 at 07:04:51PM +0300, Indrek Paas wrote: Branding kind of works. But something is still off a bit. In subject I can still see the old Queue name and in auto reply it is like this: If you've customized your templates or upgraded your RT, you likely need to fix a number of places to use $TicketObj-SubjectTag -kevin This message has been automatically generated in response to the creation of a trouble ticket regarding: WEB: RT Branding test 2, a summary of which appears below. There is no need to reply to this message right now. Your ticket has been assigned an ID of [support #46]. Please include the string: [support #46] I have tried different options and settings but don't seem to get it working. Regards, Indrek P. On Tue, Sep 13, 2011 at 5:24 PM, Indrek Paas indrekp...@gmail.com wrote: Hi, That was easy. Didn't notice the field before. I will test it when I get the chance. Thank you, On Tue, Sep 13, 2011 at 5:03 PM, Kevin Falcone falc...@bestpractical.com wrote: On Tue, Sep 13, 2011 at 01:19:36PM +0300, Indrek Paas wrote: Hi, I have been trying to get BrandedQueues to work with RT4 on Debian. Got the extension installed but when I activate in RT_SiteConfig.pm and issue Apache restart I get: The BrandedQueues extension has been part of core since 3.8.0 and the plugin is likely to break modern RTs. You can access the subject tag branding from the Queue Admin page. -kevin # /etc/init.d/apache2 restart Restarting web server: apache2[Tue Sep 13 10:12:34 2011] [warning]: (in cleanup) Error while loading /opt/rt4/sbin/rt-server: Can't locate object method new via package RT::CurrentUser at /opt/rt4/sbin/../lib/RT/Handle.pm line 239. (/opt/rt4/sbin/../lib/RT.pm:342) ... waiting [Tue Sep 13 10:12:35 2011] [warning]: (in cleanup) Error while loading /opt/rt4/sbin/rt-server: Can't locate object method new via package RT::CurrentUser at /opt/rt4/sbin/../lib/RT/Handle.pm line 239. (/opt/rt4/sbin/../lib/RT.pm:342) When I comment out the line: use RT::Extension::BrandedQueues; Apache starts and RT is back. I have been going through articles from Google and old posts in mailing list. All were pointing to this extension and I didn't find anything that would suggest that queue branding is built into RT4. RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA — September 26 27, 2011 * San Francisco, CA, USA — October 18 19, 2011 * Washington DC, USA — October 31 November 1, 2011 * Melbourne VIC, Australia — November 28 29, 2011 * Barcelona, Spain — November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA September 26 27, 2011 * San Francisco, CA, USA October 18 19, 2011 * Washington DC, USA October 31 November 1, 2011 * Melbourne VIC, Australia November 28 29, 2011 * Barcelona, Spain November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA — September 26 27, 2011 * San Francisco, CA, USA — October 18 19, 2011 * Washington DC, USA — October 31 November 1, 2011 * Melbourne VIC, Australia — November 28 29, 2011 * Barcelona, Spain — November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA September 26 27, 2011 * San Francisco, CA, USA October 18 19, 2011 * Washington DC, USA October 31 November 1, 2011 * Melbourne VIC, Australia November 28 29, 2011 * Barcelona, Spain November 28 29, 2011
[rt-users] RT4.0.2 Branded Queue
Hi, I have been trying to get BrandedQueues to work with RT4 on Debian. Got the extension installed but when I activate in RT_SiteConfig.pm and issue Apache restart I get: # /etc/init.d/apache2 restart Restarting web server: apache2[Tue Sep 13 10:12:34 2011] [warning]: (in cleanup) Error while loading /opt/rt4/sbin/rt-server: Can't locate object method new via package RT::CurrentUser at /opt/rt4/sbin/../lib/RT/Handle.pm line 239. (/opt/rt4/sbin/../lib/RT.pm:342) ... waiting [Tue Sep 13 10:12:35 2011] [warning]: (in cleanup) Error while loading /opt/rt4/sbin/rt-server: Can't locate object method new via package RT::CurrentUser at /opt/rt4/sbin/../lib/RT/Handle.pm line 239. (/opt/rt4/sbin/../lib/RT.pm:342) When I comment out the line: use RT::Extension::BrandedQueues; Apache starts and RT is back. I have been going through articles from Google and old posts in mailing list. All were pointing to this extension and I didn't find anything that would suggest that queue branding is built into RT4. Regards, IndrekP. RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA September 26 27, 2011 * San Francisco, CA, USA October 18 19, 2011 * Washington DC, USA October 31 November 1, 2011 * Melbourne VIC, Australia November 28 29, 2011 * Barcelona, Spain November 28 29, 2011
Re: [rt-users] RT4.0.2 Branded Queue
Hi, That was easy. Didn't notice the field before. I will test it when I get the chance. Thank you, On Tue, Sep 13, 2011 at 5:03 PM, Kevin Falcone falc...@bestpractical.com wrote: On Tue, Sep 13, 2011 at 01:19:36PM +0300, Indrek Paas wrote: Hi, I have been trying to get BrandedQueues to work with RT4 on Debian. Got the extension installed but when I activate in RT_SiteConfig.pm and issue Apache restart I get: The BrandedQueues extension has been part of core since 3.8.0 and the plugin is likely to break modern RTs. You can access the subject tag branding from the Queue Admin page. -kevin # /etc/init.d/apache2 restart Restarting web server: apache2[Tue Sep 13 10:12:34 2011] [warning]: (in cleanup) Error while loading /opt/rt4/sbin/rt-server: Can't locate object method new via package RT::CurrentUser at /opt/rt4/sbin/../lib/RT/Handle.pm line 239. (/opt/rt4/sbin/../lib/RT.pm:342) ... waiting [Tue Sep 13 10:12:35 2011] [warning]: (in cleanup) Error while loading /opt/rt4/sbin/rt-server: Can't locate object method new via package RT::CurrentUser at /opt/rt4/sbin/../lib/RT/Handle.pm line 239. (/opt/rt4/sbin/../lib/RT.pm:342) When I comment out the line: use RT::Extension::BrandedQueues; Apache starts and RT is back. I have been going through articles from Google and old posts in mailing list. All were pointing to this extension and I didn't find anything that would suggest that queue branding is built into RT4. RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA — September 26 27, 2011 * San Francisco, CA, USA — October 18 19, 2011 * Washington DC, USA — October 31 November 1, 2011 * Melbourne VIC, Australia — November 28 29, 2011 * Barcelona, Spain — November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA September 26 27, 2011 * San Francisco, CA, USA October 18 19, 2011 * Washington DC, USA October 31 November 1, 2011 * Melbourne VIC, Australia November 28 29, 2011 * Barcelona, Spain November 28 29, 2011
Re: [rt-users] RT4.0.2 Branded Queue
Branding kind of works. But something is still off a bit. In subject I can still see the old Queue name and in auto reply it is like this: This message has been automatically generated in response to the creation of a trouble ticket regarding: WEB: RT Branding test 2, a summary of which appears below. There is no need to reply to this message right now. Your ticket has been assigned an ID of [support #46]. Please include the string: [support #46] I have tried different options and settings but don't seem to get it working. Regards, Indrek P. On Tue, Sep 13, 2011 at 5:24 PM, Indrek Paas indrekp...@gmail.com wrote: Hi, That was easy. Didn't notice the field before. I will test it when I get the chance. Thank you, On Tue, Sep 13, 2011 at 5:03 PM, Kevin Falcone falc...@bestpractical.com wrote: On Tue, Sep 13, 2011 at 01:19:36PM +0300, Indrek Paas wrote: Hi, I have been trying to get BrandedQueues to work with RT4 on Debian. Got the extension installed but when I activate in RT_SiteConfig.pm and issue Apache restart I get: The BrandedQueues extension has been part of core since 3.8.0 and the plugin is likely to break modern RTs. You can access the subject tag branding from the Queue Admin page. -kevin # /etc/init.d/apache2 restart Restarting web server: apache2[Tue Sep 13 10:12:34 2011] [warning]: (in cleanup) Error while loading /opt/rt4/sbin/rt-server: Can't locate object method new via package RT::CurrentUser at /opt/rt4/sbin/../lib/RT/Handle.pm line 239. (/opt/rt4/sbin/../lib/RT.pm:342) ... waiting [Tue Sep 13 10:12:35 2011] [warning]: (in cleanup) Error while loading /opt/rt4/sbin/rt-server: Can't locate object method new via package RT::CurrentUser at /opt/rt4/sbin/../lib/RT/Handle.pm line 239. (/opt/rt4/sbin/../lib/RT.pm:342) When I comment out the line: use RT::Extension::BrandedQueues; Apache starts and RT is back. I have been going through articles from Google and old posts in mailing list. All were pointing to this extension and I didn't find anything that would suggest that queue branding is built into RT4. RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA — September 26 27, 2011 * San Francisco, CA, USA — October 18 19, 2011 * Washington DC, USA — October 31 November 1, 2011 * Melbourne VIC, Australia — November 28 29, 2011 * Barcelona, Spain — November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Chicago, IL, USA September 26 27, 2011 * San Francisco, CA, USA October 18 19, 2011 * Washington DC, USA October 31 November 1, 2011 * Melbourne VIC, Australia November 28 29, 2011 * Barcelona, Spain November 28 29, 2011
