Re: [rt-users] Deleting one attachment
Inline... On Wed, Oct 19, 2016 at 9:39 AM, Matt Zagrabelny wrote: > On Wed, Oct 19, 2016 at 11:28 AM, Ram wrote: > > Hi all, > > A user at work added an attachment that violates corporate policy to a > > ticket; the ticket itself is valid and must be kept. I need to delete the > > attachment. A quick look at the rt-shredder tool does not make it > apparent > > to me how to do this with rt-shredder. I can readily do it editing the > db in > > mysql but I'd rather use rt-shredder if it will do the job. > > any help? > > Then perhaps something like: > > /opt/rt4/sbin/rt-shredder --plugin > Attachments=files_only,1;file,some_secret_document.pdf > > > Thanks Matt. I did look at that - the problem is that DOC009.pdf is far from unique in our system. What I really need is to specify the ticket id, attachment id , or both. specifying a minimum size *might* work - I'd have to check and see if that's the only DOC009.pdf over 75kb but I wouldn't be surprised if there are others. - RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training * Boston - October 24-26 * Los Angeles - Q1 2017
Re: [rt-users] Deleting one attachment
On Wed, Oct 19, 2016 at 11:28 AM, Ram wrote: > Hi all, > A user at work added an attachment that violates corporate policy to a > ticket; the ticket itself is valid and must be kept. I need to delete the > attachment. A quick look at the rt-shredder tool does not make it apparent > to me how to do this with rt-shredder. I can readily do it editing the db in > mysql but I'd rather use rt-shredder if it will do the job. > any help? Running 4.2.12 here... # /opt/rt4/sbin/rt-shredder --plugin list Plugins list: Objects SQLDump Summary Tickets Attachments Users So it looks like it can shred attachments. /opt/rt4/sbin/rt-shredder --plugin help-Attachments USAGE masks If any argument is marked with keyword `mask' then it means that this argument support two special characters: 1) `*' matches any non empty sequence of the characters. For example `*@example.com' will match any email address in `example.com' domain. 2) `?' matches exactly one character. For example `' will match any string four characters long. NAME RT::Shredder::Plugin::Attachments - search plugin for wiping attachments. ARGUMENTS files_only - boolean value Search only file attachments. file - mask Search files with specific file name only. Example: '*.xl?' or '*.gif' longer - attachment content size Search attachments which content is longer than specified. You can use trailing 'K' or 'M' character to specify size in kilobytes or megabytes. Then perhaps something like: /opt/rt4/sbin/rt-shredder --plugin Attachments=files_only,1;file,some_secret_document.pdf I didn't try the above and I would _for sure_ try it on a test system first - at least a test ticket with a test attachment. -m - RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training * Boston - October 24-26 * Los Angeles - Q1 2017
[rt-users] Deleting one attachment
Hi all, A user at work added an attachment that violates corporate policy to a ticket; the ticket itself is valid and must be kept. I need to delete the attachment. A quick look at the rt-shredder tool does not make it apparent to me how to do this with rt-shredder. I can readily do it editing the db in mysql but I'd rather use rt-shredder if it will do the job. any help? thanks Ram - RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training * Boston - October 24-26 * Los Angeles - Q1 2017
Re: [rt-users] rt-crontool on condition x change queue
Hello,
Indeed you are right, and I found a guy named Andy Smith in the UK that solved
the problem, I've attached his solution to the email (not sure if attachments
works). Put it in rt4/lib/RT/Action/QChange.pm and then call it with relevant
query with: --action RT::Action::QChange --action-arg YOURQUEUE --template
'blank'
Works like a charm, I use it in this way for SLA purposes to escalate a TT that
passes over the defined ServiceAgreement:
rt-crontool --transaction last --search RT::Search::FromSQL --search-arg "Queue
= 'SLA' AND (Status='new' OR Status='open')" --condition RT::Condition::Overdue
--action RT::Action::QChange --action-arg QUEUE --template 'SLA-escalation'
Regards, Joel
Från: rt-users [mailto:rt-users-boun...@lists.bestpractical.com] För Emmanuel
Lacour
Skickat: den 18 oktober 2016 16:01
Till: rt-users@lists.bestpractical.com
Ämne: Re: [rt-users] rt-crontool on condition x change queue
Le 18/10/2016 à 11:03, Joel Bergmark a écrit :
Hi,
Just a quick one this time, is there any easy way to use rt crontool get
something like this working:
/opt/rt4/bin/rt-crontool --search RT::Search::FromSQL --search-arg "Queue = 'X'
AND (Status='new' OR Status='open')" --condition RT::Condition::Overdue
--action RT::Queue "Newqueue"
I know its not really under rt::action but is there a way to call upon
rt::queue from this? Tried a bunch of different syntax but get
"RT::Queue::Prepare Unimplemented in main."
there is no stock SetQueue RT action, you have to write it yourself. Just put
the following content (untested) in rt/local/lib/RT/Action/SetQueue.pm and call
it like this:
/opt/rt4/bin/rt-crontool --search RT::Search::FromSQL --search-arg "Queue = 'X'
AND (Status='new' OR Status='open')" --condition RT::Condition::Overdue
--action SetQueue --action-arg "Newqueue"
cut
package RT::Action::SetQueue;
use base 'RT::Action';
use strict;
use warnings;
sub Describe {
my $self = shift;
return (ref $self . " will set a ticket's queue to the argument provided.");
}
sub Prepare {
return 1;
}
sub Commit {
my $self = shift;
$self->TicketObj->SetQueue($self->Argument);
}
1;
cut
QChange.pm
Description: QChange.pm
-
RT 4.4 and RTIR training sessions, and a new workshop day!
https://bestpractical.com/training
* Boston - October 24-26
* Los Angeles - Q1 2017
Re: [rt-users] RT 4.4.1 on Debian with RT::Authen::ExternalAuth?
Hi Malcolm,
The output from rt-ldapimport is normal if no changes are required, as
I've just tried it here in my lab and it is working.
Incidentally LDAPImport doesn't currently support TLS, I've written a
patch which
you are welcome to have if you would like it. I'm afraid I haven't
submitted it to BP
yet, but intend too when I get some time.
Best Regards
Martin
On 2016-10-19 14:21, Malcolm Galland wrote:
Ah, yes. It looks like I had commented it out during testing, and
that's what was causing the PeerHost error. Below is the section of
SiteConfig dedicated to LDAPImport:
Set($LDAPHost,'ggdc1.domain.int');
Set($LDAPUser,'LDAP_ACCOUNT');
Set($LDAPPassword,'LDAP_ACCOUNT_PASS');
Set($LDAPBase, 'dc=domain,dc=int');
Set($LDAPFilter, '(&(cn = users))');
Set($LDAPMapping, {Name => 'uid', # required
EmailAddress => 'mail',
RealName => 'cn',
WorkPhone=> 'telephoneNumber',
Organization => 'departmentName'});
# If you want to sync Groups from LDAP into RT
Set($LDAPGroupBase, 'dc=domain,dc=int');
Set($LDAPGroupFilter, '(&(cn = Groups))');
Set($LDAPGroupMapping, {Name => 'cn',
Member_Attr=> 'member',
Member_Attr_Value => 'dn' });
Interesting follow up question though, when I run rt-ldapimport I don't
get any errors, but the output doesn't exactly instill a feeling of
sucess either:
/opt/rt4/sbin/rt-ldapimport --debug
Running test import, no data will be changed
Rerun command with --import to perform the import
Rerun command with --debug for more information
Testing group import
Finished test
On Wed, 2016-10-19 at 14:09 +, Martin Wheldon wrote:
Hi Malcolm,
You are missing the LDAP import configuration, which is separate
from
the External auth config.
The following will help:
https://docs.bestpractical.com/rt/4.4.1/RT/LDAPImport.html
Best Regards
Martin
On 2016-10-19 13:37, Malcolm Galland wrote:
>
> I've set up RT, and am testing it with rt-server. Everything seems
> to
> be going smoothly except LDAP with RT::Authen::ExternalAuth. I
> read
> the docs and have implemented the suggested changes in
> /opt/rt4/etc/RT_SiteConfig.pm like so:
>
> Set( $ExternalAuthPriority, ["My_LDAP"] );
> Set( $ExternalInfoPriority, ["My_LDAP"] );
> Set($ExternalAuth, 1);
> Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
> Set($AutoCreateNonExternalUsers, 1);
> Set($ExternalSettings, {
> 'My_LDAP' => {
> 'type' => 'ldap',
> 'server' => 'ggdc1.domain.int',
> 'user' => 'LDAP_ACCOUNT',
> 'pass' => 'LDAP_ACCOUNT_PASS',
> 'base' => 'ou=Production,dc=domain,dc=int',
> 'filter' => '(objectClass=inetOrgPerson)',
> 'attr_match_list' => [
> 'Name',
> 'EmailAddress',
> ],
> 'attr_map' => {
> 'Name' => 'sAMAccountName',
> 'EmailAddress' => 'mail',
> 'RealName' => 'cn',
> 'WorkPhone'=> 'telephoneNumber',
> 'Address1' => 'streetAddress',
> 'City' => 'l',
> 'State'=> 'st',
> 'Zip' => 'postalCode',
> 'Country' => 'co',
> },
> },
> } );
>
> The issue is when I try to login the users aren't allowed access,
> and I
> get the following error from rt-server:
>
> [error]: FAILED LOGIN for username_redacted from IP_REDACTED
> (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:826)
>
> Just for kicks, if I run /opt/rt4/sbin/rt-ldapimport --debug
> I get:
> [critical]: Expected 'PeerHost' at
> /usr/local/share/perl/5.20.2/Net/LDAP.pm line 164.
> (/opt/rt4/sbin/../lib/RT.pm:390)
>
> Any ideas? I read every document I could find, but it's hard to
> know
> which non-official ones you can trust since RT has been around so
> long
> and ExternalAuth was just added to the core. Also, the official
> docs
> are a bit terse.
> -
> RT 4.4 and RTIR training sessions, and a new workshop day!
> https://bestpractical.com/training
> * Boston - October 24-26
> * Los Angeles - Q1 2017
-
RT 4.4 and RTIR training sessions, and a new workshop day!
https://bestpractical.com/training
* Boston - October 24-26
* Los Angeles - Q1 2017
Re: [rt-users] RT 4.4.1 on Debian with RT::Authen::ExternalAuth?
Hi Malcolm,
Are you able to get any results from the LDAP server when you try the
same search
using ldapsearch from the commandline on the Debian box?
Something like:
ldapsearch -D LDAP_ACCOUNT -x -w -ZZ -H ldap://ggdc1.domain.int/ -b
ou=Production,dc=domain,dc=int "(objectClass=inetOrgPerson)"
I'm guessing your LDAP server is MS AD so you will probably need to
configure TLS.
The following items come from my configuration.
Set( $ExternalAuthPriority, ["My_LDAP"] );
Set( $ExternalInfoPriority, ["My_LDAP"] );
Set($ExternalAuth, 1);
Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
Set($AutoCreateNonExternalUsers, 1);
# Use TLS
Set($ExternalServiceUsesSSLorTLS,1);
Set($ExternalSettings, {
'My_LDAP' => {
'type' => 'ldap',
'server' => 'ggdc1.domain.int',
# Configure TLS settings
'tls' => {
'verify'=> 'require',
'cafile'=> '/etc/ssl/certs/CACert.pem', # Path CA
file
},
'user' => 'LDAP_ACCOUNT',
'pass' => 'LDAP_ACCOUNT_PASS',
'base' => 'ou=Production,dc=domain,dc=int',
'filter' => '(objectClass=inetOrgPerson)',
'attr_match_list' => [
'Name',
'EmailAddress',
],
'attr_map' => {
'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'RealName' => 'cn',
'WorkPhone'=> 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => 'l',
'State'=> 'st',
'Zip' => 'postalCode',
'Country' => 'co',
},
},
} );
Best Regards
Martin
On 2016-10-19 13:37, Malcolm Galland wrote:
I've set up RT, and am testing it with rt-server. Everything seems to
be going smoothly except LDAP with RT::Authen::ExternalAuth. I read
the docs and have implemented the suggested changes in
/opt/rt4/etc/RT_SiteConfig.pm like so:
Set( $ExternalAuthPriority, ["My_LDAP"] );
Set( $ExternalInfoPriority, ["My_LDAP"] );
Set($ExternalAuth, 1);
Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings, {
'My_LDAP' => {
'type' => 'ldap',
'server' => 'ggdc1.domain.int',
'user' => 'LDAP_ACCOUNT',
'pass' => 'LDAP_ACCOUNT_PASS',
'base' => 'ou=Production,dc=domain,dc=int',
'filter' => '(objectClass=inetOrgPerson)',
'attr_match_list' => [
'Name',
'EmailAddress',
],
'attr_map' => {
'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'RealName' => 'cn',
'WorkPhone'=> 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => 'l',
'State'=> 'st',
'Zip' => 'postalCode',
'Country' => 'co',
},
},
} );
The issue is when I try to login the users aren't allowed access, and I
get the following error from rt-server:
[error]: FAILED LOGIN for username_redacted from IP_REDACTED
(/opt/rt4/sbin/../lib/RT/Interface/Web.pm:826)
Just for kicks, if I run /opt/rt4/sbin/rt-ldapimport --debug
I get:
[critical]: Expected 'PeerHost' at
/usr/local/share/perl/5.20.2/Net/LDAP.pm line 164.
(/opt/rt4/sbin/../lib/RT.pm:390)
Any ideas? I read every document I could find, but it's hard to know
which non-official ones you can trust since RT has been around so long
and ExternalAuth was just added to the core. Also, the official docs
are a bit terse.
-
RT 4.4 and RTIR training sessions, and a new workshop day!
https://bestpractical.com/training
* Boston - October 24-26
* Los Angeles - Q1 2017
-
RT 4.4 and RTIR training sessions, and a new workshop day!
https://bestpractical.com/training
* Boston - October 24-26
* Los Angeles - Q1 2017
Re: [rt-users] RT 4.4.1 on Debian with RT::Authen::ExternalAuth?
Hi Malcolm,
You are missing the LDAP import configuration, which is separate from
the External auth config.
The following will help:
https://docs.bestpractical.com/rt/4.4.1/RT/LDAPImport.html
Best Regards
Martin
On 2016-10-19 13:37, Malcolm Galland wrote:
I've set up RT, and am testing it with rt-server. Everything seems to
be going smoothly except LDAP with RT::Authen::ExternalAuth. I read
the docs and have implemented the suggested changes in
/opt/rt4/etc/RT_SiteConfig.pm like so:
Set( $ExternalAuthPriority, ["My_LDAP"] );
Set( $ExternalInfoPriority, ["My_LDAP"] );
Set($ExternalAuth, 1);
Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings, {
'My_LDAP' => {
'type' => 'ldap',
'server' => 'ggdc1.domain.int',
'user' => 'LDAP_ACCOUNT',
'pass' => 'LDAP_ACCOUNT_PASS',
'base' => 'ou=Production,dc=domain,dc=int',
'filter' => '(objectClass=inetOrgPerson)',
'attr_match_list' => [
'Name',
'EmailAddress',
],
'attr_map' => {
'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'RealName' => 'cn',
'WorkPhone'=> 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => 'l',
'State'=> 'st',
'Zip' => 'postalCode',
'Country' => 'co',
},
},
} );
The issue is when I try to login the users aren't allowed access, and I
get the following error from rt-server:
[error]: FAILED LOGIN for username_redacted from IP_REDACTED
(/opt/rt4/sbin/../lib/RT/Interface/Web.pm:826)
Just for kicks, if I run /opt/rt4/sbin/rt-ldapimport --debug
I get:
[critical]: Expected 'PeerHost' at
/usr/local/share/perl/5.20.2/Net/LDAP.pm line 164.
(/opt/rt4/sbin/../lib/RT.pm:390)
Any ideas? I read every document I could find, but it's hard to know
which non-official ones you can trust since RT has been around so long
and ExternalAuth was just added to the core. Also, the official docs
are a bit terse.
-
RT 4.4 and RTIR training sessions, and a new workshop day!
https://bestpractical.com/training
* Boston - October 24-26
* Los Angeles - Q1 2017
-
RT 4.4 and RTIR training sessions, and a new workshop day!
https://bestpractical.com/training
* Boston - October 24-26
* Los Angeles - Q1 2017
[rt-users] RT 4.4.1 on Debian with RT::Authen::ExternalAuth?
I've set up RT, and am testing it with rt-server. Everything seems to
be going smoothly except LDAP with RT::Authen::ExternalAuth. I read
the docs and have implemented the suggested changes in
/opt/rt4/etc/RT_SiteConfig.pm like so:
Set( $ExternalAuthPriority, ["My_LDAP"] );
Set( $ExternalInfoPriority, ["My_LDAP"] );
Set($ExternalAuth, 1);
Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings, {
'My_LDAP' => {
'type' => 'ldap',
'server' => 'ggdc1.domain.int',
'user' => 'LDAP_ACCOUNT',
'pass' => 'LDAP_ACCOUNT_PASS',
'base' => 'ou=Production,dc=domain,dc=int',
'filter' => '(objectClass=inetOrgPerson)',
'attr_match_list' => [
'Name',
'EmailAddress',
],
'attr_map' => {
'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'RealName' => 'cn',
'WorkPhone'=> 'telephoneNumber',
'Address1' => 'streetAddress',
'City' => 'l',
'State'=> 'st',
'Zip' => 'postalCode',
'Country' => 'co',
},
},
} );
The issue is when I try to login the users aren't allowed access, and I
get the following error from rt-server:
[error]: FAILED LOGIN for username_redacted from IP_REDACTED
(/opt/rt4/sbin/../lib/RT/Interface/Web.pm:826)
Just for kicks, if I run /opt/rt4/sbin/rt-ldapimport --debug
I get:
[critical]: Expected 'PeerHost' at
/usr/local/share/perl/5.20.2/Net/LDAP.pm line 164.
(/opt/rt4/sbin/../lib/RT.pm:390)
Any ideas? I read every document I could find, but it's hard to know
which non-official ones you can trust since RT has been around so long
and ExternalAuth was just added to the core. Also, the official docs
are a bit terse.
-
RT 4.4 and RTIR training sessions, and a new workshop day!
https://bestpractical.com/training
* Boston - October 24-26
* Los Angeles - Q1 2017
