Re: [rt-users] Transitory error on login (LDAP against AD)
Your My_LDAP 'user' needs to be the fully qualified 'CN=s_dqs_svn, ou=people,dc=mdanderson,dc=edu'. And I hope that is a bogus password! Otherwise, I would change it. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University =+=+=+=+=+=+=+=+=+ On Fri, Mar 2, 2012 at 10:16 AM, Zhang,Jun jhzh...@mdanderson.org wrote: Thomas, Since I'm new to RT, could you please tell where I did wrong in configuration? May be I need to change the order of the ExternalAuthPriority. Below is my RT_SiteConfig.pm file content. Thanks. Jun Set( $DatabaseUser, 'rt_user' ); Set( $CorrespondAddress, 'x...@mdanderson.org' ); Set( $rtname, 'xrt.mdanderson.edu' ); Set( $DatabaseRequireSSL, '' ); Set( $WebPort, '80' ); Set( $Organization, 'mdanderson.edu' ); Set( $DatabaseType, 'mysql' ); Set( $DatabasePort, '' ); Set( $DatabasePassword, 'password' ); Set( $DatabaseAdmin, 'root' ); Set( $SendmailPath, '/usr/sbin/sendmail' ); Set( $WebDomain, 'xrt.mdanderson.edu' ); Set( $DatabaseAdminPassword, '' ); Set( $CommentAddress, 'x...@mdanderson.org' ); Set( $DatabaseHost, 'localhost' ); Set( $DatabaseName, 'rt4' ); Set( $OwnerEmail, 'x...@mdanderson.org' ); Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set($ExternalAuthPriority, [ 'My_MySQL', 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS,0); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, { 'My_MySQL' = { 'type' = 'db', 'server' = 'dqsrt.mdanderson.edu', 'database' = 'rt4', 'table' = 'Users', 'user' = 'rt_user', 'pass' = 'password', 'port' = '3306', 'dbi_driver' = 'mysql', 'u_field' = 'Name', 'p_field' = 'Password', 'p_enc_pkg' = 'Crypt::MySQL', 'p_enc_sub' = 'password', 'd_field' = 'disabled', 'd_values' = ['0'], 'attr_map' = { 'Name' = 'Name', } }, 'My_LDAP' = { 'type' = 'ldap', 'server' = 'dcpwpdc1.mdanderson.edu', 'user' = 's_dqs_svn', 'pass' = 'Juoo9k88', 'base' = 'ou=people,dc=mdanderson,dc=edu', 'd_filter' = '(userAccountControl:1.2.840.113556.1.4.803:=2)', 'tls' = 0, 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], 'attr_map' = { 'Name' = 'samaccountname', 'EmailAddress' = 'mail', 'Organization' = 'physicaldeliveryofficename', 'RealName' = 'gecos', 'ExternalAuthId' = 'sAMAccountName', 'Gecos' = 'gecos', 'WorkPhone' = 'telephoneNumber', 'Address1' = 'streetAddress', 'City' = 'l', 'State' = 'st', 'Zip' = 'postalCode', 'Country' = 'co' } } } ); 1; -Original Message- From: rt-users-boun...@lists.bestpractical.com [mailto: rt-users-boun...@lists.bestpractical.com] On Behalf Of Thomas Sibley Sent: Friday, March 02, 2012 11:57 AM To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] Transitory error on login (LDAP against AD) On 03/02/2012 12:48 PM, Zhang,Jun wrote: I got the same error and I understand
[rt-users] Plugin Permissions
/staff 143 2012-02-23 16:18 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Elements/EditLinks/NewLinks drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/ drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/index.html/ -r--r--r-- root/staff 302 2012-02-23 16:18 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/index.html/Default drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Elements/ drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Elements/SystemTabs/ -r--r--r-- root/staff 735 2012-02-23 16:18 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Elements/SystemTabs/Default drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Elements/CustomFieldTabs/ -r--r--r-- root/staff 725 2012-02-23 16:18 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Elements/CustomFieldTabs/Default drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Elements/Tabs/ -r--r--r-- root/staff 197 2012-02-23 16:18 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Elements/Tabs/Default drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Elements/GlobalCustomFieldTabs/ -r--r--r-- root/staff 548 2012-02-23 16:18 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Elements/GlobalCustomFieldTabs/Default drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Global/ drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Global/index.html/ -r--r--r-- root/staff 1081 2012-02-23 16:18 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Global/index.html/Default drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Global/CustomFields/ drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Global/CustomFields/index.html/ -r--r--r-- root/staff 576 2012-02-23 16:18 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Admin/Global/CustomFields/index.html/Default drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Tools/ drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Tools/index.html/ -r--r--r-- root/staff 217 2012-02-23 16:18 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Tools/index.html/Default drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Tools/Elements/ drwxr-s--- root/staff0 2012-02-23 16:24 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Tools/Elements/Tabs/ -r--r--r-- root/staff 138 2012-02-23 16:18 usr/local/share/request-tracker3.8/plugins/RTx-AssetTracker/html/Callbacks/AssetTracker/Tools/Elements/Tabs/Default Shouldn't I have read permissions for all on the Callbacks tree? What is a typical owner/group for files? =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
[rt-users] ExternalAuth for only Auth
Is there a way to tell ExternalAuth to only Authenticate and forget about trying to CanonicalizeUserInfo? I create tickets through an external REST API and create the user at the same time as the ticket. We have users that are in AD and do not have an email address, I pull their address from a database. Here is the relevant snippet from the log file: [Thu Feb 16 00:57:18 2012] [debug]: RT::Authen::ExternalAuth::CanonicalizeUserInfo called by RT::Authen::ExternalAuth /usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 668 with: Disabled: , EmailAddress: u...@hotmail.com, Name: jdoe, Privileged: , RealName: John Doe (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:565) [Thu Feb 16 00:57:18 2012] [warning]: Use of uninitialized value $_[1] in join or string at /usr/share/perl5/Log/Dispatch.pm line 21. (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573) [Thu Feb 16 00:57:18 2012] [debug]: Attempting to get user info using this external service: (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573) [Thu Feb 16 00:57:18 2012] [info]: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: , EmailAddress: j...@hotmail.com, Name: jdoe, Privileged: , RealName: John Doe (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:651) [Thu Feb 16 00:57:19 2012] [debug]: Got a resolved(inactive) ticket with undefined resolved date. Setting to now. (/usr/share/request-tracker3.8/lib/RT/Ticket_Overlay.pm:361) [Thu Feb 16 00:57:19 2012] [error]: Unable to parse an email address from jdoe: Couldn't find row (/usr/share/request-tracker3.8/lib/RT/EmailParser.p ### # ExternalAuth Configuration ### Set ( $ExternalAuthPriority, [ 'GFU_LDAP' ] ); #Set ( $ExternalInfoPriority, [ 'GFU_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS,0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'GFU_LDAP' = { 'type' = 'ldap', 'server'= 'server.georgefox.edu', 'user' = 'CN=User,OU=Group,DC=Base,DC=Base,DC=edu', 'pass' = 'Password', 'base' = 'DC=Group,DC=Base,DC=edu', 'filter'= '(objectClass=user)', 'd_filter' = '(objectClass=Doesntexist)', 'tls' = 0, 'ssl_version' = 3, 'net_ldap_args' = [version = 3, port = 636 ], 'group' = 'CN=User,OU=Group,DC=Base,DC=Base,DC=edu', 'group_attr'= 'member', 'attr_match_list' = ['Name',], 'attr_map' = {'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'ExternalAuthId' = 'sAMAccountName', 'Gecos' = 'sAMAccountName', } } } ); Before I commended out ExternalInfoPriority, this is what was in the log file: [Wed Feb 15 23:28:49 2012] [debug]: RT::Authen::ExternalAuth::CanonicalizeUserInfo called by RT::Authen::ExternalAuth /usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 668 with: Comments: Autocreated when added as a watcher, Disabled: , EmailAddress: , Name: , Privileged: , RealName: jdoe (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:565) [Wed Feb 15 23:28:49 2012] [debug]: Attempting to get user info using this external service: GFU_LDAP (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573) [Wed Feb 15 23:28:49 2012] [debug]: Attempting to use this canonicalization key: Name (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:587) [Wed Feb 15 23:28:49 2012] [debug]: This attribute ( Name ) is null or incorrectly defined in the attr_map for this service ( GFU_LDAP ) (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:589) [Wed Feb 15 23:28:49 2012] [info]: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments: Autocreated when added as a watcher, Disabled: , EmailAddress: , Name: , Privileged: , RealName: jdoe (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:651) [Wed Feb 15 23:28:54 2012] [crit]: Failed to create user : Could not set user info (/usr/share/request-tracker3.8/lib/RT/User_Overlay.pm:513) =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
[rt-users] ExternalAuth logging
I can't seem to get any response at login from ExternalAuth 0.09 using RT 3.8.7 . I have the following logging setup, which will only show me Login Success or Failure with Web.pm. Set($LogToSyslog,'warning'); Set($LogToFile,'debug'); Set($LogToFileNamed,'rt.log'); Set($LogDir,'/var/log/request-tracker3.8'); Below is my ExternalAuth Config: ### LDAP Configuration ### Set ( $ExternalAuthPriority, [ 'GFU_LDAP' ] ); Set ( $ExternalInfoPriority, [ 'GFU_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS,0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'GFU_LDAP' = { 'type' = 'ldap', 'server'= ' ads-nbg.campus.georgefox.edu', 'user' = 'CN=user,OU=group,DC=base,DC=base,DC=edu', 'pass' = 'pass', 'base' = 'DC=base,DC=base,DC=edu', 'filter'= '(objectClass=user)', 'd_filter' = '(objectClass=Doesntexist)', 'tls' = 0, 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], 'group' = 'CN=All Users,OU=group,DC=base,DC=base,DC=edu', 'group_attr'= 'member', 'attr_match_list' = ['Name', 'EmailAddress', ], 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'ExternalAuthId' = 'sAMAccountName', 'Gecos' = 'sAMAccountName', } } } ); The only logging I see is when I create a ticket, then I get the following: [Mon Jan 23 22:02:06 2012] [debug]: RT::Authen::ExternalAuth::CanonicalizeUserInfo called by RT::Authen::ExternalAuth /usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 553 with: Disabled: 0, EmailAddress: , Name: jdoe, Privileged: 0 (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:450) [Mon Jan 23 22:02:06 2012] [debug]: Attempting to get user info using this external service: GFU_LDAP (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:458) [Mon Jan 23 22:02:06 2012] [debug]: Attempting to use this canonicalization key: Name (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:472) [Mon Jan 23 22:02:06 2012] [debug]: LDAP Search === Base: DC=base,DC=base,DC=edu == Filter: ((objectClass=user)(sAMAccountName=jdoe)) == Attrs: mail,sAMAccountName,sAMAccountName,sAMAccountName (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:195) [Mon Jan 23 22:02:06 2012] [info]: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: 0, EmailAddress: j...@georgefox.edu, ExternalAuthId: jdoe, Gecos: jdoe, Name: jdoe, Privileged: 0, RealName: (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536 It seems ExternalAuth isn't even being polled at login. Any ideas? =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Here's a twist on my inability to get ExternalAuth to log. I've started developing some scripts using the REST API and I found that I will get ExternalAuth debug information when I am creating a user. Nice, verbose, wonderful debug information. Unfortunatly, login attempts still only report the success or failure of web.pm. Any ideas? =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
[rt-users] User Custom Fields and REST
Anyone have any experience reading and writing to user custom fields through the REST API. I can create and read everything but custom fields. I'm posting to server/REST/1.0/user/new/edit with the following: id: new email: jsm...@georgefox.edu name: jsmith CF-Emplid: 1190885 The user is successfully created, but the Emplid Custom Field is blank. I'm connecting as root and can see/edit the field through the web. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
[rt-users] ExternalAuth Installed but not working
Oops! I'm running RT 3.8.7 with ExternalAuth 0.0.9 =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ Your thread never seemed to contain an RT version and an RT-Authen-ExternalAuth version. If you provided those and I missed them, I'm sorry. Without them, I'd be guessing blindly about your problem. RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] User Custom Fields and REST
Looking at the database, it would be a simply SQL statement to insert the desired value into the user custom field... Do I need to be aware of anything before I start directly inserting into the RT tables? =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Yes and Yes, Here are the configs. I can login to RT and see ExternalAuth on the Configuration page as well. Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set($LogToSyslog,'warning'); Set($LogToFile,'debug'); Set($LogToFileNamed,'rt.log'); Set($LogDir,'/var/log/request-tracker3.8'); =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ -- Forwarded message -- From: Mike Johnson mike.john...@nosm.ca To: rt-users@lists.bestpractical.com Date: Mon, 12 Dec 2011 09:00:28 -0500 Subject: Re: [rt-users] ExternalAuth Installed but not working Hmm, Have you set ExternalAuth in your @Plugins? Have you set your logging level to debug? On Sat, Dec 10, 2011 at 12:16 PM, Ryan Backman rback...@georgefox.edu wrote: Thanks Mike and Kenn for the replies... Kenn, I was a little overzealous when redacting out of the my example config... my actual config has the double parenthesis at the end. Mike, I've tried the both your example and a '(objectClass=DoesntExist)' with no change. Does anyone have any ideas about why I can't see any log information from ExternalAuth. It looks like its installed but the only log info I get is about Web.pm. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston — March 5 6, 2012 RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] ExternalAuth Installed but not working
Thanks Mike and Kenn for the replies... Kenn, I was a little overzealous when redacting out of the my example config... my actual config has the double parenthesis at the end. Mike, I've tried the both your example and a '(objectClass=DoesntExist)' with no change. Does anyone have any ideas about why I can't see any log information from ExternalAuth. It looks like its installed but the only log info I get is about Web.pm. =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
[rt-users] ExternalAuth Installed but not working
I'm having a bit of trouble getting ExternalAuth to work. I've scoured the archives and the net and found many suggestions, but none have made any changes. - I've setup logging to go to a seperate file, but all I get is a Login Failure message in this file when I try to login: [Thu Dec 8 23:38:32 2011] [error]: FAILED LOGIN for rbackman from xx.xx.xx.xx (/usr/share/request-tracker3.8/lib/RT/Interface/Web.pm:424) - I'm seeing correct values in the online configuration view inside RT indicating that ExternalAuth is loaded as a Plugin and that ExternalAuthPriority is My_LDAP. - I can use the ldapsearch tool with the same variables on the same box successfully Any help is much appreciated. Below is my configuration: Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set ( $ExternalAuthPriority, [ 'My_LDAP' ] ); Set ( $ExternalInfoPriority, [ 'My_LDAP' ] ); Set($ExternalServiceUsesSSLorTLS,0); Set($AutoCreateNonExternalUsers,0); Set($ExternalSettings, { 'My_LDAP' = { 'type' = 'ldap', 'server'= 'server.domain.edu', 'user' = 'CN=user,OU=admin...', 'pass' = 'pass', 'base' = 'dc=domain,...', 'filter'= '((objectClass=user)(memberOf=CN=Staff...)', 'd_filter' = '(userAccountControl=514)', 'tls' = 0, 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], 'group' = 'CN=All Users,...', 'group_attr'= 'member', 'attr_match_list' = ['Name', 'EmailAddress' ], 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'ExternalAuthId' = 'sAMAccountName', 'Gecos' = 'sAMAccountName' } } } ); 1; =+=+=+=+=+=+=+=+=+ Ryan Backman Programmer / Analyst George Fox University 503.554.2576 =+=+=+=+=+=+=+=+=+ RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012