On 10.02.2014 09:29, Mathew Snyder wrote: > A user who sends in an email for the first time should generate an > unprivileged account which sets the username as the email address. It > doesn't exist so it should be created.
The user has been created with e-mail address [email protected] mapping to user name "user". Now the user sends e-mail from e-mail address [email protected] which you map to the same user "user" with LDAP. That's not supported. That would mean the same LDAP user has two e-mail addresses. You match users in LDAP using either of these attributes: 'attr_match_list' => [ 'Name', 'EmailAddress', 'RealName', ], If you don't have the gmail address in LDAP then it's probably the real name which matches. With your configuration you can only have one RT account for each real name. Thus if there is another "Mathew Snyder" with a different e-mail address it gets rejected because again. You don't want RealName in attr_match_list unless you are sure that each real name will only match to a single person with a single e-mail address. -Gerald > > On Feb 9, 2014 9:09 PM, "Gerald Vogt" <[email protected] > <mailto:[email protected]>> wrote: > > On 10.02.2014 06:46, Mathew Snyder wrote: > ... > > [15816] [Fri Feb 7 05:29:01 2014] [debug]: Going to create user with > > address '[email protected] <mailto:[email protected]> > <mailto:[email protected] <mailto:[email protected]>>' > > (/opt/rt4/sbin/../lib/RT/Interface/Email/Auth/MailFrom.pm:100) > ... > > [15816] [Fri Feb 7 05:29:01 2014] [info]: > > RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments: > > Autocreated on ticket submission, Disabled: , EmailAddress: > > [email protected] <mailto:[email protected]> > <mailto:[email protected] <mailto:[email protected]>>, Name: user, > Password: , > > Privileged: , RealName: User Example > > > > (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:685) > > If these logs are correct then the user has two or more email addresses > in LDAP and [email protected] <mailto:[email protected]> is already in > the RT database. The user > sends from the second address [email protected] > <mailto:[email protected]>. This is not > supported (yet). > > Users with multiple email addresses in LDAP are not supported (even > though some docs say otherwise). We have just discussed this recently. > See this thread: > > http://lists.bestpractical.com/pipermail/rt-users/2014-January/082549.html > > The user must use the email address in the RT database. Mails from any > other email address in LDAP is rejected because the user already exists > in the RT database. > > You may try to manually create a second RT user with the second email > address and then use the MergeUser extension to merge the accounts. > > -Gerald >
