Ok, I have a much better lead on what is happening here now. Something like this:
1. We get a new student who signs up for a department account, which goes into LDAP. 2. Couple of days later, this new user submits a helpdesk request via email using their yahoo/gmail/whatever account instead of their department account. 3. RT receives the request, and sees there is no account for [EMAIL PROTECTED], so starts trying to canonicalize this email address with one that is already in LDAP. 4. It matches the incoming request to a user in LDAP based on the Gecos field (or some other mapping that it can extract from the incoming email request) and canonicalizes [EMAIL PROTECTED] --> [EMAIL PROTECTED] 5. RT creates a new account for [EMAIL PROTECTED] and bootstraps it with info from LDAP here's where it breaks: 6. RT then tries to load the user [EMAIL PROTECTED] again, and fails. It complains about a "name in use" and then says that it cannot load [EMAIL PROTECTED] nor can it create a new account. So, in summary, RT seems to successfully canonicalize it to [EMAIL PROTECTED] once, but forgets that info or fails to canonicalize again and then tries to load the account by the original email address. I think the root of the problem is that canonicalization is only working some of the time in my setup. I'm using the combined LDAP integration overlay that does both auth and info, described on this page: http://wiki.bestpractical.com/view/LDAP Here's a log sample of that happening (with my narrative in [ ] ) [ First RT tries several ways to find an existing user '[EMAIL PROTECTED]' using the LookupExternalUserInfo module. Not finding it, it canonicalizes it to [EMAIL PROTECTED] [EMAIL PROTECTED] doesn't exist as an RT account either, so RT creates an account by that name ] Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealN ame: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mail=smtp:[EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailRoutingAddress=smtp:[EMAIL PROTECTED] => EmailAddre ss: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailAlternateAddress=smtp:[EMAIL PROTECTED] => EmailAdd ress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mail=SMTP:[EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailRoutingAddress=SMTP:[EMAIL PROTECTED] => EmailAddre ss: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailAlternateAddress=SMTP:[EMAIL PROTECTED] => EmailAdd ress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::CanonicalizeEmailAddress [EMAIL PROTECTED] => [EMAIL PROTECTED] (/usr/local/rt-3.6.4/local/lib/RT/User_Loc al.pm:347) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealNa me: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealN ame: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) [ Ok here is where it finally maps [EMAIL PROTECTED] ---> [EMAIL PROTECTED] ] Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu cn=Joe User => Address1: , Address2: , EmailAddress: joeuser@ cis.uab.edu, ExternalAuthId: joeuser, ExternalContactInfoId: uid=joeuser,ou=People,dc=cis,dc=uab,dc=edu, Gecos: joeuser, Name: joeuser, Organization: , RealName: Joe User, WorkPhone: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => Address1: , Address2: , EmailAddres s: [EMAIL PROTECTED], ExternalAuthId: joeuser, ExternalContactInfoId: uid=joeuser,ou=People,dc=cis,dc=uab,dc=edu, Gecos: joeuser, Name: joeuser, Organization: , RealName : Joe User, WorkPhone: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::CanonicalizeEmailAddress [EMAIL PROTECTED] => [EMAIL PROTECTED] (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:347) [ Here RT is indicating that it has auto-created the account [EMAIL PROTECTED] based on a ticket submission ] Sep 10 09:01:08 cherokee RT: RT::User::CanonicalizeUserInfo returning Address1: , Address2: , Comments: Autocreated on ticket submission, Disabled: 0, Email Address: [EMAIL PROTECTED], ExternalAuthId: joeuser, ExternalContactInfoId: uid=joeuser,ou=People,dc=cis,dc=uab,dc=edu, Gecos: joeuser, Name: joeuser, Organization: , Pa ssword: , Privileged: 0, RealName: Joe User, WorkPhone: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:413) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => Address1: , Address2: , EmailAddres s: [EMAIL PROTECTED], ExternalAuthId: joeuser, ExternalContactInfoId: uid=joeuser,ou=People,dc=cis,dc=uab,dc=edu, Gecos: joeuser, Name: joeuser, Organization: , RealName : Joe User, WorkPhone: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::CanonicalizeEmailAddress [EMAIL PROTECTED] => [EMAIL PROTECTED] (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:347) [ Ok now for some reason RT has reverted to looking for [EMAIL PROTECTED] all over again ] Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealN ame: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mail=smtp:[EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailRoutingAddress=smtp:[EMAIL PROTECTED] => EmailAddre ss: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailAlternateAddress=smtp:[EMAIL PROTECTED] => EmailAdd ress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mail=SMTP:[EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailRoutingAddress=SMTP:[EMAIL PROTECTED] => EmailAddre ss: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailAlternateAddress=SMTP:[EMAIL PROTECTED] => EmailAdd ress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::CanonicalizeEmailAddress [EMAIL PROTECTED] => [EMAIL PROTECTED] (/usr/local/rt-3.6.4/local/lib/RT/User_Loc al.pm:347) [ The following error message confuses me - what happened here? ] Sep 10 09:01:08 cherokee RT: User creation failed in mailgateway: Name in use (/usr/local/rt-3.6.4/lib/RT/Interface/Email.pm:243) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealN ame: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu [EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mail=smtp:[EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailRoutingAddress=smtp:[EMAIL PROTECTED] => EmailAddre ss: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailAlternateAddress=smtp:[EMAIL PROTECTED] => EmailAdd ress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mail=SMTP:[EMAIL PROTECTED] => EmailAddress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailRoutingAddress=SMTP:[EMAIL PROTECTED] => EmailAddre ss: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::LookupExternalUserInfo : ou=People,dc=cis,dc=uab,dc=edu mailAlternateAddress=SMTP:[EMAIL PROTECTED] => EmailAdd ress: , Name: , RealName: (/usr/local/rt-3.6.4/local/lib/RT/User_Local.pm:566) Sep 10 09:01:08 cherokee RT: RT::User::CanonicalizeEmailAddress [EMAIL PROTECTED] => [EMAIL PROTECTED] (/usr/local/rt-3.6.4/local/lib/RT/User_Loc al.pm:347) [ It decides to give up because it could not create the account [EMAIL PROTECTED] (see "name in use" error above) and it says that RT's configuration does not allow for the creation of a new user for this account, which is not true, the general queue -does- have CreateTicket for Everyone set ] Sep 10 09:01:08 cherokee RT: Couldn't load user '[EMAIL PROTECTED]'.giving up (/usr/local/rt-3.6.4/lib/RT/Interface/Email.pm:329) Sep 10 09:01:08 cherokee RT: User '[EMAIL PROTECTED]' could not be loaded in the mail gateway (/usr/local/rt-3.6.4/lib/RT/Interface/Email.pm:243) Sep 10 09:01:09 cherokee RT: RT could not load a valid user, and RT's configuration does not allow for the creation of a new user for this email (joeuser @hotmail.com). You might need to grant 'Everyone' the right 'CreateTicket' for the queue general. (/usr/local/rt-3.6.4/lib/RT/Interface/Email.pm:243) Sep 10 09:01:09 cherokee RT: RT could not load a valid user, and RT's configuration does not allow for the creation of a new user for your email. (/usr/loca l/rt-3.6.4/lib/RT/Interface/Email.pm:243) Sep 10 09:01:09 cherokee RT: Could not record email: Could not load a valid user (/usr/local/rt-3.6.4/share/html/REST/1.0/NoAuth/mail-gateway:75) Fran Fabrizio wrote: > Definitely not a disabled account already on the system (although why > would that matter? Everyone can create a ticket in our setup. Or am I > misunderstanding your comment?) > > It happened again over the weekend. A user tried to submit to our > helpdesk using her hotmail account and it failed (twice). She then > tried with her gmail and it worked. This was a user who had never > contacted the helpdesk before. > > Drew Barnes wrote: > >> Check to make sure that address is not a disabled account already on the >> system. >> >> Fran Fabrizio wrote: >> >> >>> Occasionally, I get a >>> >>> RT could not load a valid user, and RT's configuration does not allow >>> for the creation of a new user for this email ([EMAIL PROTECTED]). >>> >>> even though in this queue, Everyone has the right to CreateTicket. >>> (There's nothing special about @uab.edu, I just picked that as the latest >>> example - it happens with all sorts of domains) >>> >>> Has anyone else seen this? It's sporadic, once every week or two. RT 3.6.4 >>> >>> >>> >>> > > > -- Fran Fabrizio Senior Systems Analyst Department of Computer and Information Sciences University of Alabama at Birmingham http://www.cis.uab.edu/ 205.934.0653 _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
