[rt-users] WebExternalAuth and no root for you
So I am trying to see if I can understand how to use WebExternalAuth. In /etc/apache2/sites-available/default I have: DocumentRoot /var/www Directory / Options FollowSymLinks AllowOverride None AuthType Kerberos AuthName Kerberos Login KrbAuthRealms DOMAIN.COM KrbServiceName HTTP Krb5Keytab /etc/apache2/krb5.keytab KrbMethodK5Passwd on KrbDelegateBasic on Require valid-user /Directory Then in RT_SiteConf.pm I added Set($WebExternalAuth , 1); Set($WebFallbackToInternalAuth , 1); Set($WebExternalAuto , 1); When I try to login as the root user, I am told it does not exist in kerberos: [Mon Nov 21 03:53:34 2011] [error] [client 192.168.1.115] krb5_get_init_creds_password() failed: Client not found in Kerberos database Would anyone know why it is not checking if rt knows of this user internally (as opposite to through kerberos)? RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
[rt-users] Upgrade from 3.8 - 4 // having password problems
Hello, I'm building a new instance of RT to replace our old server. The old one was RT3.8.7 on debian and the new one is 4.0.3 on Ubuntu 10.04 When I import the database I can login ok and do this and that. When I come back later or logout, I can't log back in. If I open up the DB on the old server, I can take the password string from my user and paste it in to the new DB. Then I can login for one more session. As I understand it, RT4 re-encrypts the password for every session (it sticks !sha512! in front of it in the DB) but I'm obviously missing something somewhere as it can't read these passwords that it's encrypted. Can anyone point me in the right direction? -- View this message in context: http://old.nabble.com/Upgrade-from-3.8---4having-password-problems-tp32870342p32870342.html Sent from the Request Tracker - User mailing list archive at Nabble.com. RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
[rt-users] Upgrade from 3.8 - 4 // having password problems
Hello, I'm building a new instance of RT to replace our old server. The old one was RT3.8.7 on debian and the new one is 4.0.3 on Ubuntu 10.04 When I import the database I can login ok and do this and that. When I come back later or logout, I can't log back in. If I open up the DB on the old server, I can take the password string from my user and paste it in to the new DB. Then I can login for one more session. As I understand it, RT4 re-encrypts the password for every session (it sticks !sha512! in front of it in the DB) but I'm obviously missing something somewhere as it can't read these passwords that it's encrypted. Can anyone point me in the right direction? -- View this message in context: http://old.nabble.com/Upgrade-from-3.8---4having-password-problems-tp32870344p32870344.html Sent from the Request Tracker - User mailing list archive at Nabble.com. RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
[rt-users] Upgrade from 3.8 - 4 // having password problems
Hello, I'm building a new instance of RT to replace our old server. The old one was RT3.8.7 on debian and the new one is 4.0.3 on Ubuntu 10.04 When I import the database I can login ok and do this and that. When I come back later or logout, I can't log back in. If I open up the DB on the old server, I can take the password string from my user and paste it in to the new DB. Then I can login for one more session. As I understand it, RT4 re-encrypts the password for every session (it sticks !sha512! in front of it in the DB) but I'm obviously missing something somewhere as it can't read these passwords that it's encrypted. Can anyone point me in the right direction? RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] Email address in use
El 18/11/11 17:33, Kevin Falcone escribió: On Fri, Nov 18, 2011 at 10:23:01AM +, Eduardo Suarez-Santana wrote: Is it possible to avoid this behaviour? Running RT-3.8. You can fix it by searching for the Unprivileged user and changing the username to John. You can change it longer-term by writing a local/lib/RT/User_Local.pm which overrides CanonicalizeUserInfo and causes the username to be correct from the start. Do you mean searching in the database? Or is that possible via web interface? Afaik, it is not possible to search for unprivileged users in the web interface, is it? I'd also like the user to be privileged. Is there a flag in the database for that? RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] steal ticket - not sending email
On Sun, Nov 20, 2011 at 04:42:56PM +, ronen_am...@dell.com wrote: Hi all, I am using RT 4.0.3 on CentOS 5.6 When we try to steal a ticket, we don't get a notification. Stealing a ticket means that you're now the owner. I assume you have $NotifyActor set to the default of 0 in your config. Since you stole the ticket, RT won't email you to tell you about the change. It sounds like you want to notify the previous owner, which means you may want http://search.cpan.org/dist/RT-Extension-NotifyOwners/lib/RT/Extension/NotifyOwners.pm and another scrip to notify Requestors on Owner Change. -kevin From the logs: [Sun Nov 20 16:34:56 2011] [info]: rt-4.0.3-4667-1321806896-823.22-...@xxx.com #22/793 - Scrip 2 On Owner Change Notify Owner (/opt/rt4/sbin/../lib/RT/Action/SendEmail.pm:301) [Sun Nov 20 16:34:56 2011] [info]: rt-4.0.3-4667-1321806896-823.22-...@xxx.com No recipients found. Not sending. (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:352) Why is that? Where can I configure that it will send emails to both old owner and requestor? Regards, Ronen RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain ? November 28 29, 2011 pgpe8bFAtt7wP.pgp Description: PGP signature RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] International usage of a single RT instance
On Mon, Nov 21, 2011 at 08:43:54AM +0100, Soula, Christophe wrote: I try to implement for my international company request tracker version 4 as a single instance to support our IT helpdesk activities. I have two main helpdesk team : one in France and one in US Customer able to send request are coming from everywhere in the world I have a different queue for US based support and one for the European based support. Everything is working fine with the exceptio of the different date shown in the interface. I try to figure out how to configure or customize RT 4 to be able to have a central instance located in Europe which should be used from all over the world. I have search for a solution without success... My attempts have all failed and searching both the wiki and the mailing list archives hasn't improved my understanding enough to make it work or to understand if it could works or not. So far, I've tried to set on one user a different time zone but without effect on the date shown in the SelfService interface for example. I'm using RT [4.02] on Debain OS. Web server apache. Database mysql mod_perl or fastcgi? If mod_perl, please review the documentation in docs/web_deployment.pod about certain Apache worker models and time zones. -kevin pgpXEf3Id3ZGj.pgp Description: PGP signature RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] WebExternalAuth and no root for you
On Mon, Nov 21, 2011 at 03:57:30AM -0500, Mauricio Tavares wrote: So I am trying to see if I can understand how to use WebExternalAuth. In /etc/apache2/sites-available/default I have: DocumentRoot /var/www Directory / Options FollowSymLinks AllowOverride None AuthType Kerberos AuthName Kerberos Login KrbAuthRealms DOMAIN.COM KrbServiceName HTTP Krb5Keytab /etc/apache2/krb5.keytab KrbMethodK5Passwd on KrbDelegateBasic on Require valid-user /Directory Then in RT_SiteConf.pm I added Set($WebExternalAuth , 1); Set($WebFallbackToInternalAuth , 1); Set($WebExternalAuto , 1); When I try to login as the root user, I am told it does not exist in kerberos: [Mon Nov 21 03:53:34 2011] [error] [client 192.168.1.115] krb5_get_init_creds_password() failed: Client not found in Kerberos database Would anyone know why it is not checking if rt knows of this user internally (as opposite to through kerberos)? I suspect you need a Satisfy line in your apache config to allow it through kerberos to the normal RT login screen. -kevin pgpwNA6VjIJau.pgp Description: PGP signature RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
[rt-users] rt4 and dashboards
I just upgraded from 3.8.7 to 4.0.4 this weekend. Things look great!! I have one issue that I believe existed in 3.8.7 where I can create a dashboard and assign a search to it, but cannot seem to figure out how to make it show in the list under the Home tab. I can view the dashboard by clicking on All Dashboards and then the one I added though. I am also trying to figure out what I need to do to make the subscriptions send emails. I am sure it is something simple, but I cannot seem to find it. Any help would be greatly appreciated. Thanks! Joe RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] rt4 and dashboards
On Mon, Nov 21, 2011 at 7:27 PM, Joe Harris drey...@gmail.com wrote: [snip] I am also trying to figure out what I need to do to make the subscriptions send emails. sbin/rt-email-dashboards, see README I am sure it is something simple, but I cannot seem to find it. Any help would be greatly appreciated. Thanks! Joe RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011 -- Best regards, Ruslan. RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] Email address in use
On Mon, Nov 21, 2011 at 09:50:25AM +, Eduardo Suarez-Santana wrote: El 18/11/11 17:33, Kevin Falcone escribió: On Fri, Nov 18, 2011 at 10:23:01AM +, Eduardo Suarez-Santana wrote: Is it possible to avoid this behaviour? Running RT-3.8. You can fix it by searching for the Unprivileged user and changing the username to John. You can change it longer-term by writing a local/lib/RT/User_Local.pm which overrides CanonicalizeUserInfo and causes the username to be correct from the start. Do you mean searching in the database? Or is that possible via web interface? Afaik, it is not possible to search for unprivileged users in the web interface, is it? Use the autocompleter or the Find all users who match: boxes. I'd also like the user to be privileged. Is there a flag in the database for that? It's available in the web ui after you search for the user. -kevin pgpyjhxTmMXMq.pgp Description: PGP signature RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] Email address in use
El 21/11/11 15:38, Kevin Falcone escribió: On Mon, Nov 21, 2011 at 09:50:25AM +, Eduardo Suarez-Santana wrote: Do you mean searching in the database? Or is that possible via web interface? Afaik, it is not possible to search for unprivileged users in the web interface, is it? Use the autocompleter or the Find all users who match: boxes. I'd also like the user to be privileged. Is there a flag in the database for that? It's available in the web ui after you search for the user. Thanks. I'll try. RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] WebExternalAuth and no root for you
On Mon, Nov 21, 2011 at 10:15 AM, Kevin Falcone falc...@bestpractical.com wrote: On Mon, Nov 21, 2011 at 03:57:30AM -0500, Mauricio Tavares wrote: So I am trying to see if I can understand how to use WebExternalAuth. In /etc/apache2/sites-available/default I have: DocumentRoot /var/www Directory / Options FollowSymLinks AllowOverride None AuthType Kerberos AuthName Kerberos Login KrbAuthRealms DOMAIN.COM KrbServiceName HTTP Krb5Keytab /etc/apache2/krb5.keytab KrbMethodK5Passwd on KrbDelegateBasic on Require valid-user /Directory Then in RT_SiteConf.pm I added Set($WebExternalAuth , 1); Set($WebFallbackToInternalAuth , 1); Set($WebExternalAuto , 1); When I try to login as the root user, I am told it does not exist in kerberos: [Mon Nov 21 03:53:34 2011] [error] [client 192.168.1.115] krb5_get_init_creds_password() failed: Client not found in Kerberos database Would anyone know why it is not checking if rt knows of this user internally (as opposite to through kerberos)? I suspect you need a Satisfy line in your apache config to allow it through kerberos to the normal RT login screen. Thanks for the suggestion! I just tried Satisfy any and after I restarted apache, I was able to login as root. Unfortunately I then was not able to login as a kerberos user. In fact, it now cheerfully ignores the TGT. I know I am missing a step somewhere... -kevin RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain — November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] Nightly enoch root script change
Alright, figured out how this was setup initiall. it's a rt-crontool task in the crontab /opt/rt4/bin/rt-crontool --search RT::Search::FromSQL --search-arg status = 'stall_oth' and starts 'now' --action RT::Action::AutoOpen --verbose --transaction last Is there an --action module I can use to set the Starts ticket field to (Not Set) at the same time? --- Vance Walsh Network and Systems Administrator Concord Academy - Concord, Mass. RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
[rt-users] Final fetchmailrc configuration
A brief summary of what I did to get RT mail working with Exchange 2007 without opening up plaintext passwords in Exchange. - Mike CentOS 5.7 (Final) RT 4.0.2 fetchmail release 6.3.21+NTLM+SSL+HESIOD+NLS Exchange 2007 Install openssl and openssl-devel Download latest fetchmail package Unpack and cd to fetchmail-6.3.21 ./configure --enable-NTLM --with-ssl make make install add these to /etc/aliases: # Request Tracker aliases kiss: |/opt/smrsh/rt-mailgate --queue general --action correspond --url http://server.domain.com/ kiss-comment: |/opt/smrsh/rt-mailgate --queue general --action comment --url http://server.domain.com/http://%3cserver%3e.%3cdomain%3e.com/ this fetchmailrc worked for me: [rt_user@x-tracker-01 ~]$ cat .fetchmailrc # Configuration created Fri Nov 18 16:22:13 2011 by fetchmailconf 1.57 set postmaster postmaster set bouncemail set no spambounce set softbounce set properties set daemon 20 poll mail.domain.com with proto IMAP and options no dns user 'rt_requests' there with password 'keepmefromlookingsilly' is 'kiss' here options stripcr ssl mda '/opt/rt4/bin/rt-mailgate --url http://server.domain.com. --queue General --action correspond' RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
[rt-users] Loop
Can anyone help with this issue: rt4.0 centos6 Started to crop up with no changes: [Mon Nov 21 22:43:12 2011] [crit]: RT Received mail (2021224308.45f6e79...@rt.wsd.bucklehq.com ) from itself. (/apps/rt4/sbin/../lib/RT/Interface/Email.pm:1770) [Mon Nov 21 22:43:12 2011] [crit]: RT thinks this message may be a bounce (/apps/rt4/sbin/../lib/RT/Interface/Email.pm:244) [Mon Nov 21 22:43:12 2011] [error]: Could not record email: Message Bounced (/apps/rt4/share/html/REST/1.0/NoAuth/mail-gateway:75) [Mon Nov 21 22:43:23 2011] [warning]: Deep recursion on subroutine RT::I18N::SetMIMEEntityToEncoding at /apps/rt4/sbin/../lib/RT/I18N.pm line 215. (/apps/rt4/sbin/../lib/RT/I18N.pm:215) [Mon Nov 21 22:43:23 2011] [warning]: Deep recursion on subroutine RT::I18N::SetMIMEEntityToEncoding at /apps/rt4/sbin/../lib/RT/I18N.pm line 215. (/apps/rt4/sbin/../lib/RT/I18N.pm:215) [Mon Nov 21 22:43:26 2011] [warning]: Deep recursion on subroutine RT::I18N::SetMIMEEntityToEncoding at /apps/rt4/sbin/../lib/RT/I18N.pm line 215. (/apps/rt4/sbin/../lib/RT/I18N.pm:215) [Mon Nov 21 22:43:26 2011] [warning]: Deep recursion on subroutine RT::I18N::SetMIMEEntityToEncoding at /apps/rt4/sbin/../lib/RT/I18N.pm line 215. (/apps/rt4/sbin/../lib/RT/I18N.pm:215) which loops mail also: Nov 21 16:47:48 rt postfix/pickup[3049]: 224C160096: uid=48 from= Nov 21 16:47:48 rt postfix/cleanup[2891]: 224C160096: message-id=2021224748.224c160...@rt.wsd.bucklehq.com Nov 21 16:47:48 rt postfix/qmgr[1304]: 224C160096: from=, size=2953669, nrcpt=1 (queue active) Nov 21 16:47:48 rt postfix/local[2877]: 858F860094: to=ws...@rt.bucklehq.com, relay=local, delay=22, delays=0.81/2.1/0/19, dsn=2.0.0, status=sent (delivered to command: /apps/rt4/bin/rt-mailgate --queue WSDSupport --action correspond --url https://rt.wsd.bucklehq.com/) Nov 21 16:47:48 rt postfix/qmgr[1304]: 858F860094: removed Nov 21 16:47:49 rt postfix/local[2893]: 906A9794F5: to=ws...@rt.bucklehq.com, relay=local, delay=1.7, delays=0.05/0.75/0/0.9, dsn=2.0.0, status=sent (delivered to command: /apps/rt4/bin/rt-mailgate --queue WSDSupport --action correspond --url https://rt.wsd.bucklehq.com/) Nov 21 16:47:49 rt postfix/qmgr[1304]: 906A9794F5: removed Nov 21 16:47:49 rt postfix/pickup[3049]: 3888B79568: uid=48 from= Nov 21 16:47:49 rt postfix/cleanup[2891]: 3888B79568: message-id=2021224749.3888b79...@rt.wsd.bucklehq.com Nov 21 16:47:49 rt postfix/qmgr[1304]: 3888B79568: from=, size=37965, nrcpt=1 (queue active) RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
[rt-users] RT 3.6.1 configure out going address used by smtp
Hi. I have moved our RT from a legacy server to a new one. I would like to define the from: address used. At present all outgoing email is relayed via Postfix at localhost, the emails going out from RT are doing out using www-d...@newserver.mydom.com (Apache user www-data), which causes issues as this sever is internal so the domain newserver.mydom.com is not valid on the Internet. To get around this I have configured a temporary address rewrite. What I want it the emails from RT to go out as r...@mydom.com and not as teh Apache user. How do I configure this ? My email config so far for emails : Set ($SMTPServer, 'localhost'); Set($CorrespondAddress , 'r...@mydom.com'); Set($CommentAddress , 'rt-comm...@mydom.com'); Thanks G RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011