dden email]
Sent: 15/01/2016 17:28
To: [hidden email]
Subject: [rt-users] "RT::Authen::ExternalAuth".
Question on "RT::Authen::ExternalAuth".
I've set the ExternalAuth and it worked
Is there a way to have both auth External and still be able to log with the
internal DB
ds, ['LDAP' , Internal']);
I,ll be happy if you let me know the result
Good Luck
-Original Message-
From: "ggamache"
Sent: 15/01/2016 17:28
To: "rt-users@lists.bestpractical.com"
Subject: [rt-users] "RT::Authen::ExternalAuth".
Question on "
Question on "RT::Authen::ExternalAuth".
I've set the ExternalAuth and it worked
Is there a way to have both auth External and still be able to log with the
internal DB ?
regards,
Ghis
--
View this message in context:
http://requesttracker.8502.n7.nabble.com/RT-Authen-ExternalAuth-tp61193.ht
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This is a note that RT-Authen-ExternalAuth version 0.24, released
October 9th, has a known bug which adds an extra newline at the
beginning of all content returned from RT. This is especially
problematic for binary content, such as charts, attachmen
This is just about as basic an RT install as you can get. everything
was installed by CPAN and RPMs.
I can give you instructions or if you have a place I can put a 1-2GB
file I could probably just build a CentOS VM that exhibits the
problem.
On Thu, Mar 27, 2014 at 4:53 PM, Alex Vandiver wrote:
On Thu, 2014-03-27 at 16:42 -0500, Dewhirst, Rob wrote:
> RT 4.0.19 (because of RTIR)
> mod_perl
Interesting; we've seen another report of this previously, but I've been
unable to replicate it. It's presumably caused by a disagreement of
mod_ssl with the SSL libraries that perl uses for LDAPS sup
RT 4.0.19 (because of RTIR)
mod_perl
RHEL 6.5 x64
Server version: Apache/2.2.15 (Unix)
Server built: Aug 2 2013 08:02:15
Server's Module Magic Number: 20051115:25
Server loaded: APR 1.3.9, APR-Util 1.3.9
Compiled using: APR 1.3.9, APR-Util 1.3.9
Architecture: 64-bit
Server MPM: Prefork
On Thu, 2014-03-27 at 16:01 -0500, Dewhirst, Rob wrote:
> I can get RT up and running just fine using LDAP with
> RT::Authen::ExternalAuth. But as soon as I shut down the server and
> install mod_ssl, apache won't restart, segfaults.
What version of RT and Apache? I presume you're running with a
I can get RT up and running just fine using LDAP with
RT::Authen::ExternalAuth. But as soon as I shut down the server and
install mod_ssl, apache won't restart, segfaults.
Similarly, I can install mod_ssl just fine but as soon as I install
RT::Authen::ExternalAuth and add the known-working LDAP s
It' always a judgement call what to post and what to leave out. I
can't post the full settings, strictly speaking.
'server'=> 'ldaps://server',
seems to have fixed it. Thanks all.
On Wed, Mar 5, 2014 at 10:22 AM, Gerald Vogt wrote:
> It's always much easier to h
On Wed, Mar 05, 2014 at 10:08:53AM -0600, Dewhirst, Rob wrote:
> thanks, I should have clarified that LDAP over TLS on 389 is not an
> option for us. We can only do LDAPS over 636.
If you want to do LDAPS to the LDAPS port and not STARTTLS on the
standard port, you probably want
server => 'ldaps:
It's always much easier to help if you post the full settings instead of
some parts.
Did you use ldaps in the server definition or did you add ldaps or the
different port number in net_ldap_args?
-Gerald
On 05.03.2014 17:08, Dewhirst, Rob wrote:
> thanks, I should have clarified that LDAP over T
thanks, I should have clarified that LDAP over TLS on 389 is not an
option for us. We can only do LDAPS over 636.
On Tue, Mar 4, 2014 at 11:32 AM, k...@rice.edu wrote:
> TLS would still be over port 389 if it was being used.
>
> Regards,
> Ken
>
> On Tue, Mar 04, 2014 at 11:29:48AM -0600, Dewhir
Is the CA certificate which signed your LDAP servers certs on your RT
host? It would need to be installed in /etc/ssl/certs or
/etc/pki/trust/anchors and hashed to be trusted.
--
Later,
Darin
On Tue, Mar 4, 2014 at 12:29 PM, Dewhirst, Rob wrote:
> I am successfully authenticating via LDAP (clear
TLS would still be over port 389 if it was being used.
Regards,
Ken
On Tue, Mar 04, 2014 at 11:29:48AM -0600, Dewhirst, Rob wrote:
> I am successfully authenticating via LDAP (cleartext) over TCP 389
> using RT::Authen::ExternalAuth
>
> However, once I change:
>
> Set($ExternalServiceUsesSSLorT
I am successfully authenticating via LDAP (cleartext) over TCP 389
using RT::Authen::ExternalAuth
However, once I change:
Set($ExternalServiceUsesSSLorTLS,1);
and in the ExternalSettings for My_LDAP:
'tls' => 1,
'ssl_version' => 3,
It s
Hi
> Is it possible that parameter $RTAddressRegexp interfers with
> RT::Authen::ExternalAuth ?
I doubt it.
> On Active directory side no error, only successes logs.
Are you saying that a user attempts to log in, you see successful LDAP
bind on the LDAP server, and RT login fails? If so, please
Hi,
After many searches, it works for some of my users and don't work for some
others.
Is it possible that parameter $RTAddressRegexp interfers with
RT::Authen::ExternalAuth
?
On Active directory side no error, only successes logs.
Do you no about any other debug options I could use ?
Thank
Hi All,
I'm moving from RT3.6 -> RT4.0.17 and have decided to try going with
RT::Authen::ExternalAuth instead of an OverRide I wrote previously.
My system sets a cookie for all visitors, which is just a session ID (no
other information in the cookie - for security .. this is then linked to
the ac
Hi Nathan,
After many searchs with your help and our AD Administrator we found that
the account was not authorized.
I was given another one and now, command line binds and authenticate well
but no chance with RT. Here is the command line
ldapsearch -LLL -H ldap://myserver.mydomain.local -x -D 'm
> It binds because i receive all aditional fields and even creates the user
> with those .
Yes, it binds, but anonymously. All the information fields are first
retrieved that way. Only then does the authentication phase start,
when it attempts to bind as the user with the password that the user
en
Hi
You are right, i'm using RT::Authen::ExternalAuth.
It binds because i receive all aditional fields and even creates the user
with those .
The problem is really focused on authentication step and i can't understand
why :(
> To be more specific, when i remove the user, at next login RT creates again
> the user with the right values ( i.e. Name, ZIP code, etc. ) but fails at
> authentication step.
IIRC you are using RT::Authen::ExternalAuth, right? That extension
authenticates by attempting to bind to the LDAP server
Hello,
To be more specific, when i remove the user, at next login RT creates again
the user with the right values ( i.e. Name, ZIP code, etc. ) but fails at
authentication step.
Here are the debug logs for that specific scenario.
[Wed Jul 31 09:54:41 2013] [debug]: Loading new user ( myUser )
Hi,
Unfortunately same problem with this filter :(
Regarding the address I tried many times, even fresh install :(
Same problem.
On Mon, Jul 29, 2013 at 3:37 PM, Nathan Cutler wrote:
> > Any other idea ?
>
> Yes. As Kevin indicated, I would start with your 'attr_match_list'. On
> your test
> Any other idea ?
Yes. As Kevin indicated, I would start with your 'attr_match_list'. On
your testing/development RT instance, try running it with just:
'attr_match_list' => [ 'Name' ],
and see if the user can log in. Tell us what happens.
Also, judging from the "Couldn't create user myuser :
Hi,
Yes the user is found and data retrieved correctly (i.e address, zip, etc.
) .
Any other idea ?
On Tue, Jul 23, 2013 at 11:19 AM, Maximilien Drouet wrote:
> Hi,
>
>
> Let me try, i never used ldapsearch before so i need to check the syntax.
>
>
> On Tue, Jul 23, 2013 at 11:04 AM, Craig
Hi,
Let me try, i never used ldapsearch before so i need to check the syntax.
On Tue, Jul 23, 2013 at 11:04 AM, Craig Ringer wrote:
> On 07/04/2013 11:00 PM, Maximilien Drouet wrote:
> > (&(&(ObjectCategory=User)(ObjectClass=Person))(sAMAccountName=myuser ))
>
> If you execute this LDAP search
On 07/04/2013 11:00 PM, Maximilien Drouet wrote:
> (&(&(ObjectCategory=User)(ObjectClass=Person))(sAMAccountName=myuser ))
If you execute this LDAP search directly against your directory with the
same base dn as given in the logs, does it find the user?
--
Craig Ringer http://
Hello,
Anyone with an idea ?
I've tried many times without any success.
Thanks for your help.
On Fri, Jul 5, 2013 at 4:18 PM, Maximilien Drouet wrote:
> Hi,
>
>
> Both AD & RT have a user matching email && Username.
>
> Regarding RealName, yes I read about it but in my case, real names are
Hi,
Both AD & RT have a user matching email && Username.
Regarding RealName, yes I read about it but in my case, real names are
NEVER the same they use Kevin FALCONE, KEVIN A FALCONE, KEVIN B FALCONE,
and so on. But yes you're right about what's documented.
On Fri, Jul 5, 2013 at 4:14 PM, Kevi
On Thu, Jul 04, 2013 at 05:00:23PM +0200, Maximilien Drouet wrote:
>As you can see in the log output I successfully find the user BUT I have
> an error "Couldn't
>create user myuser " which I don't understand because YES user exists but
> I just want to
>authenticate not recreate a u
Hello
I'm using version 4.0.13 of RT.
I'm trying to authenticate via an AD.
As you can see in the log output I successfully find the user BUT I have an
error "Couldn't create user myuser " which I don't understand because YES
user exists but I just want to authenticate not recreate a user.
Any
On Thu, May 9, 2013 at 10:44 PM, Chris Foster wrote:
> Hi Alex,
>
> Thanks for your response. I have further looked and yes there does appear
> to be a couple more of lines of errors before this line, they are:
>
> [warning]: Subroutine handle_startup_error redefined at /opt/rt4/sbin
> rt-server
: Friday, 10 May 2013 7:27 a.m.
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT::Authen::ExternalAuth extension loading issue
On Thu, 2013-05-09 at 11:51 +1200, Chris Foster wrote:
> Error while loading /opt/rt4/sbin/rt-server: Attempt to reload
> RT/Authen/ExternalAuth.pm a
On Thu, 2013-05-09 at 11:51 +1200, Chris Foster wrote:
> Error while loading /opt/rt4/sbin/rt-server: Attempt to reload
> RT/Authen/ExternalAuth.pm aborted. \nCompilation failed in require
> at /opt/rt4/sbin…/lib/RT.pm line 730.
Please show the complete error. There should be an error message abo
Hi,
I am new to RT and I am trying to get RT::Authen::ExternalAuth extension
working, I have it all installed and configuration to query our Active
Directory server all set, but when going into RT I set HTTP 500 Internal
Server Error.
I have therefore checked the error log and it has the follo
Hi,
I would like to have some informations about the differents possibilities of RT
with this extension RT-Authen-ExternalAuth.
In fact, we work with the RT 3.8.8 and I would like to export to an other DB
(Linux, Mysql...) some information about tickets.
Some personnes of my company have t
You know, I looked into the same thing. What I found was that it was
*not* so easy to use RT-Authen-ExternlAuth -- that is, if your LDAP
server is secure enough. My LDAP server requires a certificate to build
an SSL or STARTTLS connection, as part of our baseline security.
RT-Authen-ExternalA
On Tue, Oct 16, 2012 at 6:46 AM, Marko Cupać wrote:
> I have been using rt4 for some time now in plain protocols (site is on
> http, fetchmail is plain pop3, external auth is done from ldap without
> ssl). Now, I am increasing security by switching to encrypted
> protocols.
>
> Switching apache to
I have been using rt4 for some time now in plain protocols (site is on
http, fetchmail is plain pop3, external auth is done from ldap without
ssl). Now, I am increasing security by switching to encrypted
protocols.
Switching apache to https was easy thing to do, and I spent a few hours
with fetchm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 4/20/12 2:52 AM, Joop wrote:
> Glenn Sieb wrote:
>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA1
>>
>> On 4/19/12 9:23 PM, Jeff Blaine wrote:
>>
>>> Share the solution?
>>>
>>
>> In the LDAP definition of RT_SiteConfig, where you set up the
>>
On Fri, Apr 20, 2012 at 08:52:34AM +0200, Joop wrote:
> Glenn Sieb wrote:
> >On 4/19/12 9:23 PM, Jeff Blaine wrote:
> >>Share the solution?
> >
> >In the LDAP definition of RT_SiteConfig, where you set up the user to
> >query as, and such, the ldap user login wasn't working until we added
> >the @d
Glenn Sieb wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 4/19/12 9:23 PM, Jeff Blaine wrote:
Share the solution?
In the LDAP definition of RT_SiteConfig, where you set up the user to
query as, and such, the ldap user login wasn't working until we added
the @domain.ou bit to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 4/19/12 9:23 PM, Jeff Blaine wrote:
> Share the solution?
In the LDAP definition of RT_SiteConfig, where you set up the user to
query as, and such, the ldap user login wasn't working until we added
the @domain.ou bit to the end of it.
So if the AD
Share the solution?
On 4/19/2012 6:46 PM, Glenn Sieb wrote:
Thanks to jibsheet& Paul in the IRC channel for their help!
Best,
--Glenn
Thanks to jibsheet & Paul in the IRC channel for their help!
Best,
--Glenn
Greetings.. :)
I'm at $work, trying to set up AD authentication for RT 4.0.5.
I'm getting the following error:
[Thu Apr 19 18:38:57 2012] [critical]:
RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
LDAP_INVALID_CREDENTIALS 49
(/data/IH-Websites/rt/sbin/../local/lib/RT/Authen/Externa
I hate to be "that guy" (top posting, reposting.. how many more taboos
can I break!) However, I'm hoping a Monday-morning post will get better
attention than a Thursday evening one.
Anyone have ideas on the below? Thanks!
On 3/22/12 4:10 PM, Steve Huston wrote:
> I'm in the process of setting u
I'm in the process of setting up a new RT instance which is going to be
used differently than the one I've been running for many years now.
Previously I only cared about the web interface for administrators, but
now it's desired to have web access for all users.
We use a CAS-enabled virtualhost (s
Thanks Bart.
User interface is not affected. Only Php/Perl code execution.
On Feb 1, 2012, at 11:32 PM, "Bart" mailto:b...@pleh.info>>
wrote:
Are you only getting the errors when executing the custom PHP/Perl code? Or
does this also affect RT's user interface/functionality?
-- Bart
Op 2 fe
Are you only getting the errors when executing the custom PHP/Perl code? Or
does this also affect RT's user interface/functionality?
-- Bart
Op 2 februari 2012 02:33 schreef Srikumar Nair het
volgende:
>
>
> We have a RT 4.0.4 installation running on Apache.
> We have some front end PHP code
We have a RT 4.0.4 installation running on Apache.
We have some front end PHP code that calls Perl scripts which use Perl RT APIs
for RT interactions.
Recently we installed the RT-Authen-ExternalAuth plugin (version 0.09) to RT.
This creates the the following error when ever the php tries to in
I have the ldap import plugin running and it does import new users and update
existing information based on the options you set in config. You must set up a
cron job for this.
Thanks,
Jim Lesinski
On Jan 30, 2012, at 11:24 AM, Bart wrote:
> Hi,
>
> Not sure if that's possible with ExternalA
Hi,
Not sure if that's possible with ExternalAuth, it automatically creates a
user during login but doesn't sync the LDAP. (at least, like you I can't
find an option for it)
You'll probably need to run something separate from ExternalAuth to import
those users, this plugin might help with that:
Alle,
So we've installed RT::Authen::ExternalAuth, but when we try to search
for users to create groups and such, if the user hasn't logged in to RT
at least once, they cannot be found. Here is the LDAP excerpt from
RT_SiteConfig.PM:
Set(@Plugins, (qw(RT::Authen::ExternalAuth)));
Set($Ext
Thank you Kevin, I got rid of those parameters and everything is now fine.
Best regards,
Iulian
RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston March 5 & 6, 2012
On Thu, Dec 15, 2011 at 06:18:04AM -0800, Iulian Dragan wrote:
>Hello,
>I am upgrading from 3.8.7 (apache2 + mod_perl) to 4.0.4 (apache2 +
> mod_fastcgi) and I notice a
>strange behaviour of RT-Authen-ExternalAuth -0.09.
>The authentication works fine, however, the login page gets
Hello,
I am upgrading from 3.8.7 (apache2 + mod_perl) to 4.0.4 (apache2 + mod_fastcgi)
and I notice a strange behaviour of RT-Authen-ExternalAuth -0.09.
The authentication works fine, however, the login page gets redirected straight
away here:
http://rt.address.com/NoAuth/Login.html?next=x
On Thu, Nov 17, 2011 at 3:30 PM, Adrian Stel wrote:
> Hi Ruslan,
>
[snip]
>
> In log I can see:
>
> p_check for My_MySQL failed: unrecognised crypt scheme $H$ at
> /opt/rt4/etc/RT_SiteConfig.pm line 154
Looks like it works.
> This is the line:
>
> 154 return Authen::Passphrase->from_crypt($h
Hi Ruslan,
I comment in RT_SiteConfig.pm:
#p_enc_pkg =>
#p_enc_sub =>
and put:
p_check => sub {
my ($hash, $pass) = @_;
use Authen::Passphrase;
return Authen::Passphrase->from_crypt($hash || '*')->match($pass);
},
In log I can see:
p_check for My_MySQL failed: unrecognised crypt sche
On Thu, Nov 17, 2011 at 1:49 PM, Adrian Stel wrote:
> Hi Ruslan,
>
> If I understand well:
>
> 1) apply patch - easy to do (just add line to
> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/DBI.pm)
>
> 2) Here I have some question because I'm not sure how set 'p_enc_pkg'
Hi Ruslan,
If I understand well:
1) apply patch - easy to do (just add line to
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/DBI.pm)
2) Here I have some question because I'm not sure how set 'p_enc_pkg'
and 'p_enc_sub'
I need add this check to RT_SiteConfig.pm: ??
p
Hello,
I didn't read full thread, but long time ago I talked with zordrak
about how password checking is wrong and not flexible. The current set
of options is not suitable for many cases. I've cooked a patch [1].
The following config with patched extension can check any format
supported by Authen:
Hi,
I get some info from PHPass but I don't know how use it ;/ any
sugestion from your site ?
>'p_enc_pkg' => 'Authen::Passphrase::PHPass',
>'p_enc_sub' => 'cost',
The comment above, the example below, and a bit of googling all show that
p_enc_pkg and p_enc_su
Hi,
DBI.pm
this is the place with p_enc_sub:
sub GetAuth {
my ($service, $username, $password) = @_;
my $config = $RT::ExternalSettings->{$service};
$RT::Logger->debug( "Trying external auth service:",$service);
my $db_table= $config->{'table'};
my $db_u_field
Hi,
Can't use string ("user password") as a HASH ref while "strict refs"
in use at /usr/local/share/perl/5.10.1/Authen/Passphrase/PHPass.pm
line 278.
Problem is with type of user password.
Still need to know where I should search.
Best
Adrian
2011/11/15 Adrian Stel :
> Hi,
>
> any idea wh
Hi,
any idea where I should look, file name ? function ?
Best
Adrian
2011/11/14 Zordrak :
> Adrian Stel wrote:
>> Hi,
>>
>>
>> thanks :)
>>
>> phpass has many method I use hash_base64, RTSiteConfig.pm:
>>
>> 'p_enc_pkg' => 'Authen::Passphrase::PHPass',
>> 'p_enc_sub'
On Mon, Nov 14, 2011 at 03:10:46PM +0100, Adrian Stel wrote:
> Hi,
>
>
> thanks :)
>
> phpass has many method I use hash_base64, RTSiteConfig.pm:
>
> 'p_enc_pkg' => 'Authen::Passphrase::PHPass',
> 'p_enc_sub' => 'hash_base64',
>
>
> and when i put user/pass I
Hi,
thanks :)
phpass has many method I use hash_base64, RTSiteConfig.pm:
'p_enc_pkg' => 'Authen::Passphrase::PHPass',
'p_enc_sub' => 'hash_base64',
and when i put user/pass I get:
RT Site:
http://150.254.148.60/NoAuth/Login.html
Can't use string ("*") a
Hi,
I'm trying to configure ExternalAuth on my RT4.0.2
External database use Portable PHP password hashing framework. (phpbb3)
http://www.openwall.com/phpass/
There is perl module for this Authen::Passphrase::PHPass (Perl module
reimplements the support for portable hashes introduced in phpass
On 07/18/2011 12:27 PM, James Zuelow wrote:
> I did look at the WebExternal settings in RT. Using them, RT does do
> authentication and log the user in. But at least in my experience over the
> last week it does not synchronize data from from AD. Admittedly, I am doing
> this as a side projec
On 07/17/2011 07:27 PM, James Zuelow wrote:
> In testing I noticed that the debug log was complaining about there not
> being a user to authenticate. Since I still had Apache performing NTLM
> authentication, I knew there was user information available via REMOTE_USER.
>
>
> Modifying RT::Au
Google tells me there are people interested in this question that
aren't finding a solution, so hopefully this is useful to some of them.
I've been evaluating RT for the past week or so, looking at it as an
alternative to our current ticket system.
One of my requirements is Active Directory in
So RT 3.8.10 is working swimmingly well except for one possible post
upgrade snag - two users (out of 100+) reported that after RT was
restarted they were logged in as someone else.
Any ideas?
On Tue, 2011-06-14 at 15:17 -0400, Kevin Falcone wrote:
> On Tue, Jun 14, 2011 at 02:50:24PM -0400, Jos
On Tue, Jun 14, 2011 at 02:50:24PM -0400, Joshua Knarr wrote:
>Kevin - We gave up on RT 4. RTFM is not the answer. The problem is
> threefold:
Oh, now that I reread your original thread I see.
You didn't run any database upgrades between 3.4.5 and 4.0.0 other than
those described in UPGRADIN
On Tue, Jun 14, 2011 at 02:50:24PM -0400, Joshua Knarr wrote:
>1) DBI is too new to upgrade the old style DB. People running fedora or
> rawhide are going to
>start yelling at some point when they go to upgrade if they're upgrading
> from an old enough
>version.
I'm afraid I don't un
Hello mailing list,
Kevin - We gave up on RT 4. RTFM is not the answer. The problem is
threefold:
1) DBI is too new to upgrade the old style DB. People running fedora or
rawhide are going to start yelling at some point when they go to upgrade
if they're upgrading from an old enough version.
2) FC
Solved with a help from a colleague
Here's the solution:
Set($ExternalSettings,{'My_LDAP' =>{ ## GENERIC SECTION
'type' => 'ldap',
'server' => 'xxx.xxx.local',
'user' =>
'
@Mike Johnson20
My gut feeling is your Base DN is wrong.
Not really, right direction but still wrong :)
But joking aside
I have it done it with a help from a colleague
It was a hard piece of work with many trial and error parts .
here is my solution:
Set($ExternalSettings,{'My_
-users-boun...@lists.bestpractical.com
>
> 26/04/2011 10:44
>A
> rt-users@lists.bestpractical.com
> cc
> Objet
> Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
>
>
>
>
>
> Turn your RT debug logging on and check that log to see what it's doing.#
t have the good parameters between RT and your AD
config so you can match and find the USER
Raphaël
"john s."
Envoyé par : rt-users-boun...@lists.bestpractical.com
26/04/2011 10:44
A
rt-users@lists.bestpractical.com
cc
Objet
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i nee
Turn your RT debug logging on and check that log to see what it's doing.#
Hello mike the rt.log says the following:
username: USER , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)pr
26 06:58:11 2011] [debug]: LDAP Search === Base:
ou=User
Turn your RT debug logging on and check that log to see what it's doing.
I believe the debug log shows you the actual LDAP call it's doing... then
you can verify what is failing based on that.
Good luck!
Mike.
On Thu, Apr 21, 2011 at 10:55 AM, john s. wrote:
>
>
> @Raphael
>
>
> so are you us
@Raphael
so are you using the good login on RT screen ?
Waht do you mean with an "good login"?
@Mike
Hello Mike
I have readed the 2 Articles and modified my config in such way ...
but the same error occurs ...
but i have found sth... on my AD, i 'll try to copy the infos which shoul
One thing that stands out in your config is your d_filter. I read on the RT
wiki somewhere that d_filter for an AD you needed to put what I have below:
'd_filter' => '(userAccountControl:1.2.840.113556.1.4.803:=2)',
Read these 2 microsoft support KB to learn more on why
http://support.
"password" -b "'dc=xxx, dc=local" -s sub "sAMAccountName=
USER"
>that mean USER is existing in the database
so are you using the good login on RT screen ?
"john s."
Envoyé par : rt-users-boun...@lists.bestpractical.com
21/04/2011 13:43
A
rt-use
Hello Raphael
No nothing has changed at all... still the same error
sth. goes really wrong ... i have to track the issue in order to determine
the issue but i don't know how ..
any idea or a clue ?
Her is the tcpdumpo log:
13:27:25.872995 IP ubunturt3.52185 > xxx.xxx.local.ldap: Flags [
Phone: +33 (0)5 59 58 41 51
Email: raphael.mouney...@sagemcom.com
"john s."
Envoyé par : rt-users-boun...@lists.bestpractical.com
21/04/2011 11:31
A
rt-users@lists.bestpractical.com
cc
Objet
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Is it clear what
Is it clear what i want? No? okay i try to describe a litte bit more exaclty
as far as possible from myself
okay my ldapseach command which runs perfectly is:
sudo ldapsearch -h xxx.xxx.local -D "xxx\User" -w "password" -b "'dc=xxx,
dc=local" -s sub "sAMAccountName=USER"
So here are my RT
okay i'm gonna one step closer to finish ... i think
so i had logged my ldap request on both sides server ( win2008 with perfmon)
and client ( ubuntu with tcpdump)
so the request still works but if i look closer to the log file from the
server, there is an entry with ldap request from the cli
Greetign Raphael i have changed this ... and nothing happens ...
here is an outline from my apachelogfile:
[Mon Apr 18 15:33:33 2011] [debug]: Attempting to use external auth service:
My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)
[Mon Apr 18 15:33:33
om
18/04/2011 15:32
A
cc
Objet
Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i need for
Hi John,
It looks that you missed a comma after 'd_filter' =>
'(userAccountControl=514)'
In addition, please check you settings here
'attr_map&#x
Auth-0.08 which packages i need for
(john s.)
Message: 4
Date: Mon, 18 Apr 2011 04:07:28 -0700 (PDT)
From: "john s."
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i
need for
Message-ID: <31422830.p...@talk.nabble.c
Addition:
So i have make an tracelog over port 389 with tcpdump
The Result:
No request is going out if I try to authorize on RT
so i think the plugin doesn't work anymore ...
best regards john s.
--
View this message in context:
http://old.nabble.com/Re%3A-RT-Authen-ExternalAuth-0
Greetings Luis
okay i have trimmed my config a little bit and now it look like this:
Set($ExternalAuthPriority, [ ' My_LDAP' ]);
Set($ExternalInfoPriority, ['My_LDAP']);
#Set($ExternalServiceUsesSSLorTLS, 0 );
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {'My_LDAP' =>
egards john s.
Message: 3
Date: Fri, 15 Apr 2011 02:26:11 -0700 (PDT)
From: "john s."
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT-Authen-ExternalAuth-0.08 which packages i
need for
Message-ID:
Content-Type: text/plain; charset=us-ascii
Greetings
Greetings Louis
Despite your piece of good advice my Syntax is correct also,
Cause i only used the # Sign to comment out the Lines which will apache2 get
into trouble.If try to run normally the same issue appears.
And in refer to the Readme .. you can also write:
'attr_match_list'
Hi John,
apparently your problem is this:
'attr_match_list' => [ 'Name',
# 'EmailAddress', ],
# 'attr_map'
=> { 'Name' => 'sAMAccountName',
...
You have to ensure formatting correctly the list. For example:
'attr_match_list' => [ 'Name' ]... you are doing this: 'attr_match_list' =>
Hello Luis
First of all many thanks for you help
I have set my ldap configuration in this way which you have described,
but there are still coming some error messages in relation to the apache2
log file:
cutout apache.log:
Couldn't load RT config file RT_SiteConfig.pm:\n\nsyntax error at
/opt/
1 - 100 of 257 matches
Mail list logo
