I've set up RT, and am testing it with rt-server. Â Everything seems to
be going smoothly except LDAP with RT::Authen::ExternalAuth.  I read
the docs and have implemented the suggested changes in
/opt/rt4/etc/RT_SiteConfig.pm like so:
Set( $ExternalAuthPriority, ["My_LDAP"] );
Set( $ExternalInfoPriority, ["My_LDAP"] );
Set($ExternalAuth, 1);
Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings, {
  'My_LDAP'       =>  {
    'type'             =>  'ldap',
    'server'           =>  'ggdc1.domain.int',
    'user'             =>  'LDAP_ACCOUNT',
    'pass'             =>  'LDAP_ACCOUNT_PASS',
    'base'             =>  'ou=Production,dc=domain,dc=int',
    'filter'           =>  '(objectClass=inetOrgPerson)',
    'attr_match_list'  => [.
      'Name',
      'EmailAddress',
    ],
    'attr_map' => {
                'Name'         => 'sAMAccountName',
                'EmailAddress' => 'mail',
                'RealName'     => 'cn',
        'WorkPhone'    => 'telephoneNumber',
                'Address1'     => 'streetAddress',
                'City'         => 'l',
                'State'        => 'st',
                'Zip'          => 'postalCode',
                'Country'      => 'co',
    },
  },
} );
The issue is when I try to login the users aren't allowed access, and I
get the following error from rt-server:
[error]: FAILED LOGIN for username_redacted from IP_REDACTED
(/opt/rt4/sbin/../lib/RT/Interface/Web.pm:826)
Just for kicks, if I run /opt/rt4/sbin/rt-ldapimport --debug
I get:Â
 [critical]: Expected 'PeerHost' at
/usr/local/share/perl/5.20.2/Net/LDAP.pm line 164.
(/opt/rt4/sbin/../lib/RT.pm:390)
Any ideas? Â I read every document I could find, but it's hard to know
which non-official ones you can trust since RT has been around so long
and ExternalAuth was just added to the core. Â Also, the official docs
are a bit terse.
---------
RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training
* Boston - October 24-26
* Los Angeles - Q1 2017
be going smoothly except LDAP with RT::Authen::ExternalAuth.  I read
the docs and have implemented the suggested changes in
/opt/rt4/etc/RT_SiteConfig.pm like so:
Set( $ExternalAuthPriority, ["My_LDAP"] );
Set( $ExternalInfoPriority, ["My_LDAP"] );
Set($ExternalAuth, 1);
Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings, {
  'My_LDAP'       =>  {
    'type'             =>  'ldap',
    'server'           =>  'ggdc1.domain.int',
    'user'             =>  'LDAP_ACCOUNT',
    'pass'             =>  'LDAP_ACCOUNT_PASS',
    'base'             =>  'ou=Production,dc=domain,dc=int',
    'filter'           =>  '(objectClass=inetOrgPerson)',
    'attr_match_list'  => [.
      'Name',
      'EmailAddress',
    ],
    'attr_map' => {
                'Name'         => 'sAMAccountName',
                'EmailAddress' => 'mail',
                'RealName'     => 'cn',
        'WorkPhone'    => 'telephoneNumber',
                'Address1'     => 'streetAddress',
                'City'         => 'l',
                'State'        => 'st',
                'Zip'          => 'postalCode',
                'Country'      => 'co',
    },
  },
} );
The issue is when I try to login the users aren't allowed access, and I
get the following error from rt-server:
[error]: FAILED LOGIN for username_redacted from IP_REDACTED
(/opt/rt4/sbin/../lib/RT/Interface/Web.pm:826)
Just for kicks, if I run /opt/rt4/sbin/rt-ldapimport --debug
I get:Â
 [critical]: Expected 'PeerHost' at
/usr/local/share/perl/5.20.2/Net/LDAP.pm line 164.
(/opt/rt4/sbin/../lib/RT.pm:390)
Any ideas? Â I read every document I could find, but it's hard to know
which non-official ones you can trust since RT has been around so long
and ExternalAuth was just added to the core. Â Also, the official docs
are a bit terse.
---------
RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training
* Boston - October 24-26
* Los Angeles - Q1 2017