[rt-users] REST API for Assets

[Bart Bunting]

Hi,

Is there a REST API for assets in RT?

I can't find any documentation for it.

Can anyone shed any light on if it exists or is in the works?


Kind regards
Bart
-- 

Bart Bunting - URSYS
PH: 02 87452811
Mbl: 0409560005
-
RT 4.4 and RTIR training sessions, and a new workshop day! 
https://bestpractical.com/training
* Los Angeles - January 9-11 2017

[rt-users] Emailing dashboards?

[Alex Hall]

Hi all,
I know RT can automatically email dashboards to specific users. I've just
not sure how to set this up. I found one list of dashboards where a
"subscription" column was present in the table, but it only listed a
single, global dashboard and not those for a given user. I've been through
users and settings, but didn't find it. This must be obvious, but where
would I tell users to go to set up subscriptions to their custom
dashboards? I just want certain users to get emails once a day with the
content of a specific saved search. Thanks!

-- 
Alex Hall
Automatic Distributors, IT department
ah...@autodist.com
-
RT 4.4 and RTIR training sessions, and a new workshop day! 
https://bestpractical.com/training
* Los Angeles - January 9-11 2017

Re: [rt-users] RT 4.4.1 - ExternalAuth intermittently failing

[Mike Johnson]

Hi,

It happened again today. Our AD admin didn't see anything unusual in the
logs. I'm getting him to see if successful bind attempts show up anywhere,
and if so... if RT is actually successful and the error message is just not
appropriate(ie something else behind the scenes is going on and it's just
reported as a failed bind).

Anyone have any thoughts on this?

We have multiple other LDAP authenticated, and Windows authenticated
systems on campus using this AD service(different usernames) and we haven't
had reports of any of these failing.

The things that have changed from what it was working:
- OS: CentOS 7.2.15.11
- perl 5.16.3
- RT version 4.4.1

I can't recall the previous OS version or perl version, but it was at least
on Redhat 4 or 5, and RT was 3.8.X using ExternalAuth extension(on 3.8 it
wasn't rolled into baseline yet).

Any thoughts are appreciated!
Mike.

On Tue, Nov 22, 2016 at 4:40 PM, Kenneth Marshall  wrote:

> On Tue, Nov 22, 2016 at 04:13:46PM -0500, Mike Johnson wrote:
> > We just went live with RT 4.4.1 and it seems that LDAP authentication is
> > failing.
> >
> > It has now died 2 days in a row, at approximately the same time.
> >
> > The RT log is showing the following error:
> > 2819] [Mon Nov 21 21:10:28 2016] [critical]:
> > RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind:
> > LDAP_INVALID_CREDENTIALS 49
> > (/opt/rt4/sbin/../lib/RT/Authen/ExternalAuth/LDAP.pm:678)
> >
> > This seems like a generic LDAP error, and it's not pointing us to a
> > specific issue.
> >
> > The user that we are binding with is a user that was in-use on our RT
> 3.8.X
> > environment that hadn't had an issue in years (3?).
> >
> > Restarting apache resolves the immediate issue, but clearly there is
> > something else going on that we should be able to fix permanently. Anyone
> > have any ideas on where to look?
> >
> > This didn't come up in our testing, but I don't believe we had the volume
> > of credential testing that we do in prod.
> >
> > Any help would be great!
> >
> > P.S. The LDAP server is a Microsoft Active Directory server. This same
> > server was being used for ExternalAuth extension in 3.8.
> >
> > Mike.
>
> Hi Mike,
>
> You probably will need to check your AD logs as well. We have seen issues
> with AD authentication when an account is locked out by a bad password
> login attempt. Since it is about the same time of day, maybe something
> else is trying to login with those credentials and causing it to lock.
>
> Regards,
> Ken
>



-- 
Mike Johnson
Datatel Programmer/Analyst
Northern Ontario School of Medicine
955 Oliver Road
Thunder Bay, ON   P7B 5E1
Phone: (807) 766-7331
Email: mike.john...@nosm.ca
-
RT 4.4 and RTIR training sessions, and a new workshop day! 
https://bestpractical.com/training
* Los Angeles - January 9-11 2017

Re: [rt-users] Exporting Data From RT

[Matt Zagrabelny]

Hey Eddie,

You can get spreadsheet (TSV) representation of ticket search results -
which could include CFs. I'm not sure about the transaction (txn) history.

Perhaps via REST?

I'm guessing that there isn't an *easy* way to get all that.

-m

On Wed, Nov 23, 2016 at 9:05 AM, Eddie Jones 
wrote:

> *From:* Eddie Jones [mailto:ejo...@eastontelecom.com]
> *Sent:* Wednesday, November 23, 2016 9:55 AM
> *To:* 'rt-users@lists.bestpractical.com'
> *Subject:* Exporting Data From RT
>
>
>
> Hello,
>
>
>
> I need to export data from RT, including all ticket information (comments,
> custom field values, etc.).  Is there an easy way to do that?
>
>
>
> Thanks,
>
>
>
> Eddie Jones
>
> Systems Administrator
>
> Easton Telecom Services
>
> www.eastontelecom.com
>
> 330-659-6700  x234
>
>
>
> [image: logo]
>
>
>
> -
> RT 4.4 and RTIR training sessions, and a new workshop day!
> https://bestpractical.com/training
> * Los Angeles - January 9-11 2017
>
-
RT 4.4 and RTIR training sessions, and a new workshop day! 
https://bestpractical.com/training
* Los Angeles - January 9-11 2017

[rt-users] Exporting Data From RT

[Eddie Jones]

From: Eddie Jones [mailto:ejo...@eastontelecom.com] 
Sent: Wednesday, November 23, 2016 9:55 AM
To: 'rt-users@lists.bestpractical.com'
Subject: Exporting Data From RT

 

Hello,

 

I need to export data from RT, including all ticket information (comments,
custom field values, etc.).  Is there an easy way to do that?

 

Thanks,

 

Eddie Jones

Systems Administrator

Easton Telecom Services

www.eastontelecom.com  

330-659-6700  x234

 

logo

 

-
RT 4.4 and RTIR training sessions, and a new workshop day! 
https://bestpractical.com/training
* Los Angeles - January 9-11 2017

Re: [rt-users] Plugin JSGantt causes CSRF on automatically reload

[Patrick G. Stoesser]

Pardon me, accidentially threadnapping!

Am 23.11.2016 um 10:56 schrieb Patrick G. Stoesser:

Hello there,

on my working Debian Jessie RT I'm using the JSGantt Plugin which also

> [...]
-
RT 4.4 and RTIR training sessions, and a new workshop day! 
https://bestpractical.com/training
* Los Angeles - January 9-11 2017

[rt-users] Plugin JSGantt causes CSRF on automatically reload

[Patrick G. Stoesser]

Hello there,

on my working Debian Jessie RT I'm using the JSGantt Plugin which also
workes fine except causing a Possible cross-site request forgery on
automatic reload.

Generally, CSRF occuring were eliminated at the beginning of the
installation several months ago by setting

# Webdomain override
Set($WebDomain, '172.18.200.41');
Set($WebPort, 443);
Set($WebPath , "/rt");
Set($WebBaseURL , "https://172.18.200.41;);

and today I added

# Cross-site forgery verhindern
Set(@ReferrerWhitelist, qw(172.18.200.41:443 127.0.0.1:443));

When you call Gantt Chart, everything is fine. Now I have set

#Refresh global
Set($HomePageRefreshInterval, "900");.
Set($SearchResultsRefreshInterval, "60");

so the Gantt Chart is reloaded automatically. And by the first reload
ist causes the CSRF. Then, when you resume the request manually, all
following automatically reloads work without problems.

The error message complains about a missing referrer:

> Possible cross-site request forgery
>
> RT has detected a possible cross-site request forgery for this
> request, because your browser did not supply a Referrer header. A
> malicious attacker may be trying to modify or access a search on your
> behalf. If you did not initiate this request, then you should alert
> your security team.
>
> If you really intended to visit /rt/Search/JSGantt.html and modify or
> access a search, then click here to resume your request.


After you called Gantt Chart, the URL is



and after you resumed the reload request, the URL is



I helped myself by disabling Set($SearchResultsRefreshInterval, "60"); 
since noone uses it, but maybe anyway anyone has an advice?


Kind regards, Patrick
-
RT 4.4 and RTIR training sessions, and a new workshop day! 
https://bestpractical.com/training
* Los Angeles - January 9-11 2017

[rt-users] Plugin JSGantt causes CSRF on automatically reload

[Patrick G. Stoesser]

Hello there,

on my working Debian Jessie RT I'm using the JSGantt Plugin which also
workes fine except causing a Possible cross-site request forgery on
automatic reload.

Generally, CSRF occuring were eliminated at the beginning of the
installation several months ago by setting

# Webdomain override
Set($WebDomain, '172.18.200.41');
Set($WebPort, 443);
Set($WebPath , "/rt");
Set($WebBaseURL , "https://172.18.200.41;);

and today I added

# Cross-site forgery verhindern
Set(@ReferrerWhitelist, qw(172.18.200.41:443 127.0.0.1:443));

When you call Gantt Chart, everything is fine. Now I have set

#Refresh global
Set($HomePageRefreshInterval, "900");.
Set($SearchResultsRefreshInterval, "60");

so the Gantt Chart is reloaded automatically. And by the first reload
ist causes the CSRF. Then, when you resume the request manually, all
following automatically reloads work without problems.

The error message complains about a missing referrer:


Possible cross-site request forgery

RT has detected a possible cross-site request forgery for this
request, because your browser did not supply a Referrer header. A
malicious attacker may be trying to modify or access a search on your
behalf. If you did not initiate this request, then you should alert
your security team.

If you really intended to visit /rt/Search/JSGantt.html and modify or
access a search, then click here to resume your request.



After you called Gantt Chart, the URL is



and after you resumed the reload request, the URL is



I helped myself by disabling Set($SearchResultsRefreshInterval, "60"); 
since noone uses it, but maybe anyway anyone has an advice?


Kind regards, Patrick
-
RT 4.4 and RTIR training sessions, and a new workshop day! 
https://bestpractical.com/training
* Los Angeles - January 9-11 2017