On Jun 29, 2009, at 2:53 PM, Wes Topping wrote: > I am not sure what is happening here. All I know is that if a user > in AD is created without a comma in the container name they log in > just fine. When someone that does have a comma in their CN name > tries to authenticate this is what happens.
I'd be curious to see the group/group_attr part of your configuration (and to know if you're trying to enforce group membership to log in to RT) It appears Net::LDAP::Filter is throwing away \s, so it may be worth trying to forcibly escape the \, on line 98ish before passing to new(), but without a system exhibiting this problem, its hard to test a change like that. -kevin > > [Fri Jun 26 20:29:58 2009] [debug]: Attempting to use external auth > service: My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/ > RT/Authen/ExternalAuth.pm:64) > [Fri Jun 26 20:29:58 2009] [debug]: Calling UserExists with > $username (smellring) and $service (My_LDAP) (/opt/rt3/local/plugins/ > RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105) > [Fri Jun 26 20:29:58 2009] [debug]: UserExists params: > username: smellring , service: My_LDAP (/opt/rt3/local/plugins/RT- > Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274) > [Fri Jun 26 20:29:58 2009] [debug]: LDAP Search === Base: > DC=starkbrosfulfillment,DC=com == Filter: (&(objectClass=*) > (sAMAccountName=smellring)) == Attrs: > l > ,st > ,mail > ,sAMAccountName > ,co > ,streetAddress > ,postalCode > ,telephoneNumber > ,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName (/opt/rt3/ > local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/ > LDAP.pm:304) > [Fri Jun 26 20:29:58 2009] [debug]: Password validation required for > service - Executing... (/opt/rt3/local/plugins/RT-Authen- > ExternalAuth/lib/RT/Authen/ExternalAuth.pm:155) > [Fri Jun 26 20:29:58 2009] [debug]: Trying external auth service: > My_LDAP (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ > ExternalAuth/LDAP.pm:16) > [Fri Jun 26 20:29:58 2009] [debug]: LDAP Search === Base: > DC=starkbrosfulfillment,DC=com == Filter: > (&(sAMAccountName=smellring)(objectClass=*)) == Attrs: dn (/opt/rt3/ > local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/ > LDAP.pm:43) > [Fri Jun 26 20:29:58 2009] [debug]: Found LDAP DN: CN=Mellring\, > Scott A.,OU=IS,OU=Users,OU=HQ,DC=starkbrosfulfillment,DC=com (/opt/ > rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/ > LDAP.pm:75) > [Fri Jun 26 20:29:58 2009] [debug]: LDAP Search === Base: > DC=starkbrosfulfillment,DC=com == Filter: (member=CN=Mellring, Scott > A.,OU=IS,OU=Users,OU=HQ,DC=starkbrosfulfillment,DC=com) == Attrs: dn > (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ > ExternalAuth/LDAP.pm:100) > [Fri Jun 26 20:29:58 2009] [info]: My_LDAP AUTH FAILED: smellring (/ > opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ > ExternalAuth/LDAP.pm:127) > [Fri Jun 26 20:29:58 2009] [debug]: LDAP password validation result: > 0 (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ > ExternalAuth.pm:334) > [Fri Jun 26 20:29:58 2009] [debug]: Password Validation Check > Result: 0 (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/ > Authen/ExternalAuth.pm:159) > [Fri Jun 26 20:29:58 2009] [debug]: Autohandler called ExternalAuth. > Response: (0, Password Invalid) (/opt/rt3/local/plugins/RT-Authen- > ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Auth:26) > [Fri Jun 26 20:29:58 2009] [error]: FAILED LOGIN for smellring from > 10.31.4.90 (/opt/rt3/share/html/autohandler:268) > > > The password is valid. > > Even though the authentication fails the user is created in RT. > > Any ideas would be greatly appreciated. > > > > <image001.gif> > Wes Topping > Director of Enterprise Technology > 317.713.8687 > 317.631.6585 fax > wtopp...@sigma-micro.com > <image002.gif> > www.sigma-micro.com > <image003.gif> > <image001.gif> > <image004.gif> > Sigma Micro LLC, 6720 Parkdale Place, Indianapolis, IN 46254 > Confidentiality Notice > > > _______________________________________________ > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users > > Community help: http://wiki.bestpractical.com > Commercial support: sa...@bestpractical.com > > > Discover RT's hidden secrets with RT Essentials from O'Reilly Media. > Buy a copy at http://rtbook.bestpractical.com _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com