Re: [rt-users] LDAP Configuration

[t s]

Thanks for your help.  I changed my ExternalAuth SiteConfig settings to match 
the LDAPImport settings, and that worked!


Now I'm logging the regular RT login page using my Windows Login.  Is there any 
way to read the login in from IE (or nginx) and bypass the login screen, or is 
that an IIS feature?



From: Lush, Aaron 
Sent: Wednesday, April 20, 2016 11:29 AM
To: t s
Cc: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] LDAP Configuration

Please post all of the recent RT entries in your SYSLOG, after running 
rt-ldapimport. This should provide some insight into where your ExternalAuth is 
failing.

Sincerely,

Aaron Lush
Network Administrator
South Central Community School Corporation
(219) 767-2266 ext. 

On Wed, Apr 20, 2016 at 10:18 AM, t s 
> wrote:


Debug mode was successful.  What's my next step?




From: Lush, Aaron >
Sent: Wednesday, April 20, 2016 8:45 AM
Cc: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] LDAP Configuration

Set your log to "debug" and then run rt-ldapimport. Please post what your 
syslog says concerning RT.

Sincerely,

Aaron Lush
Network Administrator
South Central Community School Corporation
(219) 767-2266 ext. 

On Wed, Apr 20, 2016 at 7:28 AM, 
> wrote:

Having lots of trouble getting Request Tracker (4.2) hooked up with 
ExternalAuth for LDAP.  I have nginx (1.8.0) working with LDAP so it 
successfully authenticates to the login page using Active Directory, but it is 
not passing the username and password to the login page, so the user ends up 
having to login twice.


Please take a look, this is a huge headache!


Here is my nginx config and my RT_SiteConfig:


nginx config:


# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

events {
worker_connections 1024;
}


http {
log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
  '$status $body_bytes_sent "$http_referer" '
  '"$http_user_agent" "$http_x_forwarded_for"';

  auth_ldap_cache_enabled on;
  auth_ldap_cache_expiration_time 1;
  auth_ldap_cache_size 1000;

  ldap_server acmeLDAP {

url 
"ldap://ldapserver:389/OU=Corp,OU=Users,OU=acme,DC=corp,DC=acme,DC=net?sAMAccountName?sub?(objectClass=person)";
binddn "acme\\appaccount";
binddn_passwd "password";
group_attribute member;
group_attribute_is_dn on;
satisfy any;
require valid_user;
}





access_log  /var/log/nginx/access.log  main;

sendfileon;
tcp_nopush  on;
tcp_nodelay on;
keepalive_timeout   65;
types_hash_max_size 2048;

include /etc/nginx/mime.types;
default_typeapplication/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

server {
listen   80 default_server;
listen   [::]:80 default_server;
server_name  _;
root /usr/share/nginx/html;

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

location / {
}

 location  ^~ /phpmyadmin/ {
  alias /usr/share/phpmyadmin/;

  location ~ \.php$ {
   include fastcgi_params;
   fastcgi_param SCRIPT_FILENAME $request_filename;
   fastcgi_pass  localhost:9000;
  }
  index index.php;
 }

error_page 404 /404.html;
location = /40x.html {
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
error_page 403 = @login;
location @login {
  rewrite ^.* https://secure.example.com/login;
}
}



server {
listen 80;
auth_ldap "Please enter your ldap user";
auth_ldap_servers acmeLDAP;

server_name rt.servername.acme.com;
access_log  /var/log/nginx/access.log;
error_log /var/log/nginx/rt debug;

location / {

  alias /opt/rt4/share/html/;

  fastcgi_param  QUERY_STRING   $query_string;
  fastcgi_param  REQUEST_METHOD $request_method;
  fastcgi_param  CONTENT_TYPE   $content_type;
  fastcgi_param  CONTENT_LENGTH $content_length;

  fastcgi_param  SCRIPT_NAME'';
  fastcgi_param  PATH_INFO  $uri;
  fastcgi_param  REQUEST_URI$request_uri;
  fastcgi_param  DOCUMENT_URI   $document_uri;
  

Re: [rt-users] LDAP Configuration

[Lush, Aaron]

Please post all of the recent RT entries in your SYSLOG, after running
rt-ldapimport. This should provide some insight into where your
ExternalAuth is failing.

Sincerely,

Aaron Lush
Network Administrator
South Central Community School Corporation
(219) 767-2266 ext. 

On Wed, Apr 20, 2016 at 10:18 AM, t s  wrote:

>
> Debug mode was successful.  What's my next step?
>
>
>
> --
> *From:* Lush, Aaron 
> *Sent:* Wednesday, April 20, 2016 8:45 AM
> *To:* Travis Slusher
> *Cc:* rt-users@lists.bestpractical.com
> *Subject:* Re: [rt-users] LDAP Configuration
>
> Set your log to "debug" and then run rt-ldapimport. Please post what your
> syslog says concerning RT.
>
> Sincerely,
>
> Aaron Lush
> Network Administrator
> South Central Community School Corporation
> (219) 767-2266 ext. 
>
> On Wed, Apr 20, 2016 at 7:28 AM, Travis Slusher 
> wrote:
>
>> Having lots of trouble getting Request Tracker (4.2) hooked up with
>> ExternalAuth for LDAP.  I have nginx (1.8.0) working with LDAP so it
>> successfully authenticates to the login page using Active Directory, but it
>> is not passing the username and password to the login page, so the user
>> ends up having to login twice.
>>
>>
>> Please take a look, this is a huge headache!
>>
>>
>> Here is my nginx config and my RT_SiteConfig:
>>
>>
>> nginx config:
>>
>>
>> # For more information on configuration, see:
>> #   * Official English Documentation: http://nginx.org/en/docs/
>> #   * Official Russian Documentation: http://nginx.org/ru/docs/
>>
>> user nginx;
>> worker_processes auto;
>> error_log /var/log/nginx/error.log;
>> pid /run/nginx.pid;
>>
>> events {
>> worker_connections 1024;
>> }
>>
>>
>> http {
>> log_format  main  '$remote_addr - $remote_user [$time_local]
>> "$request" '
>>   '$status $body_bytes_sent "$http_referer" '
>>   '"$http_user_agent" "$http_x_forwarded_for"';
>>
>>   auth_ldap_cache_enabled on;
>>   auth_ldap_cache_expiration_time 1;
>>   auth_ldap_cache_size 1000;
>>
>>   ldap_server acmeLDAP {
>>
>> url
>> "ldap://ldapserver:389/OU=Corp,OU=Users,OU=acme,DC=corp,DC=acme,DC=net?sAMAccountName?sub?(objectClass=person)";
>> binddn "acme\\appaccount";
>> binddn_passwd "password";
>> group_attribute member;
>> group_attribute_is_dn on;
>> satisfy any;
>> require valid_user;
>> }
>>
>>
>>
>>
>>
>>
>> access_log  /var/log/nginx/access.log  main;
>>
>> sendfileon;
>> tcp_nopush  on;
>> tcp_nodelay on;
>> keepalive_timeout   65;
>> types_hash_max_size 2048;
>>
>> include /etc/nginx/mime.types;
>> default_typeapplication/octet-stream;
>>
>> # Load modular configuration files from the /etc/nginx/conf.d
>> directory.
>> # See http://nginx.org/en/docs/ngx_core_module.html#include
>> # for more information.
>> include /etc/nginx/conf.d/*.conf;
>>
>> server {
>> listen   80 default_server;
>> listen   [::]:80 default_server;
>> server_name  _;
>> root /usr/share/nginx/html;
>>
>> # Load configuration files for the default server block.
>> include /etc/nginx/default.d/*.conf;
>>
>> location / {
>> }
>>
>>  location  ^~ /phpmyadmin/ {
>>   alias /usr/share/phpmyadmin/;
>>
>>   location ~ \.php$ {
>>include fastcgi_params;
>>fastcgi_param SCRIPT_FILENAME $request_filename;
>>fastcgi_pass  localhost:9000;
>>   }
>>   index index.php;
>>  }
>>
>> error_page 404 /404.html;
>> location = /40x.html {
>> }
>>
>> error_page 500 502 503 504 /50x.html;
>> location = /50x.html {
>> }
>> error_page 403 = @login;
>> location @login {
>>   rewrite ^.* https://secure.example.com/login;
>> }
>> }
>>
>>
>>
>> server {
>> listen 80;
>> auth_ldap "Please enter your ldap user";
>> auth_ldap_servers acmeLDAP;
>>
>> server_name rt.servername.acme.com;
>> access_log  /var/log/nginx/access.log;
>> error_log /var/log/nginx/rt debug;
>>
>>
>> location / {
>>
>>   alias /opt/rt4/share/html/;
>>
>>   fastcgi_param  QUERY_STRING   $query_string;
>>   fastcgi_param  REQUEST_METHOD $request_method;
>>   fastcgi_param  CONTENT_TYPE   $content_type;
>>   fastcgi_param  CONTENT_LENGTH $content_length;
>>
>>   fastcgi_param  SCRIPT_NAME'';
>>   fastcgi_param  PATH_INFO  $uri;
>>   fastcgi_param  REQUEST_URI$request_uri;
>>   fastcgi_param  DOCUMENT_URI   $document_uri;
>>   fastcgi_param  DOCUMENT_ROOT  $document_root;
>>   fastcgi_param  SERVER_PROTOCOL$server_protocol;
>>
>>   fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
>>   fastcgi_param  SERVER_SOFTWAREnginx/$nginx_version;
>>
>>   

Re: [rt-users] LDAP Configuration

[t s]

Debug mode was successful.  What's my next step?




From: Lush, Aaron 
Sent: Wednesday, April 20, 2016 8:45 AM
To: Travis Slusher
Cc: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] LDAP Configuration

Set your log to "debug" and then run rt-ldapimport. Please post what your 
syslog says concerning RT.

Sincerely,

Aaron Lush
Network Administrator
South Central Community School Corporation
(219) 767-2266 ext. 

On Wed, Apr 20, 2016 at 7:28 AM, Travis Slusher 
> wrote:

Having lots of trouble getting Request Tracker (4.2) hooked up with 
ExternalAuth for LDAP.  I have nginx (1.8.0) working with LDAP so it 
successfully authenticates to the login page using Active Directory, but it is 
not passing the username and password to the login page, so the user ends up 
having to login twice.


Please take a look, this is a huge headache!


Here is my nginx config and my RT_SiteConfig:


nginx config:


# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

events {
worker_connections 1024;
}


http {
log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
  '$status $body_bytes_sent "$http_referer" '
  '"$http_user_agent" "$http_x_forwarded_for"';

  auth_ldap_cache_enabled on;
  auth_ldap_cache_expiration_time 1;
  auth_ldap_cache_size 1000;

  ldap_server acmeLDAP {

url 
"ldap://ldapserver:389/OU=Corp,OU=Users,OU=acme,DC=corp,DC=acme,DC=net?sAMAccountName?sub?(objectClass=person)";
binddn "acme\\appaccount";
binddn_passwd "password";
group_attribute member;
group_attribute_is_dn on;
satisfy any;
require valid_user;
}





access_log  /var/log/nginx/access.log  main;

sendfileon;
tcp_nopush  on;
tcp_nodelay on;
keepalive_timeout   65;
types_hash_max_size 2048;

include /etc/nginx/mime.types;
default_typeapplication/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

server {
listen   80 default_server;
listen   [::]:80 default_server;
server_name  _;
root /usr/share/nginx/html;

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

location / {
}

 location  ^~ /phpmyadmin/ {
  alias /usr/share/phpmyadmin/;

  location ~ \.php$ {
   include fastcgi_params;
   fastcgi_param SCRIPT_FILENAME $request_filename;
   fastcgi_pass  localhost:9000;
  }
  index index.php;
 }

error_page 404 /404.html;
location = /40x.html {
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
error_page 403 = @login;
location @login {
  rewrite ^.* https://secure.example.com/login;
}
}



server {
listen 80;
auth_ldap "Please enter your ldap user";
auth_ldap_servers acmeLDAP;

server_name rt.servername.acme.com;
access_log  /var/log/nginx/access.log;
error_log /var/log/nginx/rt debug;

location / {

  alias /opt/rt4/share/html/;

  fastcgi_param  QUERY_STRING   $query_string;
  fastcgi_param  REQUEST_METHOD $request_method;
  fastcgi_param  CONTENT_TYPE   $content_type;
  fastcgi_param  CONTENT_LENGTH $content_length;

  fastcgi_param  SCRIPT_NAME'';
  fastcgi_param  PATH_INFO  $uri;
  fastcgi_param  REQUEST_URI$request_uri;
  fastcgi_param  DOCUMENT_URI   $document_uri;
  fastcgi_param  DOCUMENT_ROOT  $document_root;
  fastcgi_param  SERVER_PROTOCOL$server_protocol;

  fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
  fastcgi_param  SERVER_SOFTWAREnginx/$nginx_version;

  fastcgi_param  REMOTE_ADDR$remote_addr;
  fastcgi_param  REMOTE_PORT$remote_port;
  fastcgi_param  SERVER_ADDR$server_addr;
  fastcgi_param  SERVER_PORT$server_port;
  fastcgi_param  SERVER_NAME$server_name;

  fastcgi_pass 127.0.0.1:8090;




}

location = /auth {
   proxy_pass http://servername/phpmyadmin/phpTest.php;
   proxy_pass_request_body off;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Origin-URI $request_uri;
   proxy_set_header Content-Length '0';
   }





}



RT_SiteConfig.pm:


# Any configuration directives you include  here will 

[rt-users] Custom Field Grouping for Assets

[Krueger Stefan]

Hello,

we are evaluating RT 4.4 and would like to use the new asset tracking.

My question is: Is it possible to have a custom grouping setting for each 
catalog or is the example in the tutorial valid for every catalog?

Set(%CustomFieldGroupings,
'RT::Asset' => {
'Asset Details' => ['Serial Number', 'Manufacturer', 'Type', 
'Tracking Number'],
'Dates' => ['Support Expiration', 'Issue Date'],
},
);

Thanks for the feedback
Stefan
-
RT 4.4 and RTIR Training Sessions https://bestpractical.com/training
* Washington DC - May 23 & 24, 2016

[rt-users] Escaping '<' and '>' in comments/replies and canned responses.

[Barton Chittenden]

I've run into several issues in RT with the use of greater than '>' and
less than '<' symbols in RT.

One issue that I run into with some regularity is pasting the default mysql
prompt into a ticket. For example, if I paste the following into a reply:

mysql> select CURRENT_DATE;
+--+
| CURRENT_DATE |
+--+
| 2016-04-20   |
+--+
1 row in set (0.00 sec)

The first line is hidden, as if it were text quoted from a previous comment
or reply.

By and large, I simply try to avoid using un-paired '<' and '>' characters
in replies, but I just ran into the following issue in a canned response:

The following text in the canned response editor:

"<>" by <>, <>,
Barcode: <> 

Renders as

"<>" by <>, <>, Barcode: <>

When I view it in Display.

I tried using '\<' and '\>' to escape the greater than and less than
symbols; that didn't work... using html entities did work,, but ... meh.

Are there any rules for escaping '<' and '>', and, more generally, is there
any documentation about how RT renders comments/replies and articles?

Thanks,

--Barton
-
RT 4.4 and RTIR Training Sessions https://bestpractical.com/training
* Washington DC - May 23 & 24, 2016

Re: [rt-users] LDAP Configuration

[Lush, Aaron]

Set your log to "debug" and then run rt-ldapimport. Please post what your
syslog says concerning RT.

Sincerely,

Aaron Lush
Network Administrator
South Central Community School Corporation
(219) 767-2266 ext. 

On Wed, Apr 20, 2016 at 7:28 AM, Travis Slusher  wrote:

> Having lots of trouble getting Request Tracker (4.2) hooked up with
> ExternalAuth for LDAP.  I have nginx (1.8.0) working with LDAP so it
> successfully authenticates to the login page using Active Directory, but it
> is not passing the username and password to the login page, so the user
> ends up having to login twice.
>
>
> Please take a look, this is a huge headache!
>
>
> Here is my nginx config and my RT_SiteConfig:
>
>
> nginx config:
>
>
> # For more information on configuration, see:
> #   * Official English Documentation: http://nginx.org/en/docs/
> #   * Official Russian Documentation: http://nginx.org/ru/docs/
>
> user nginx;
> worker_processes auto;
> error_log /var/log/nginx/error.log;
> pid /run/nginx.pid;
>
> events {
> worker_connections 1024;
> }
>
>
> http {
> log_format  main  '$remote_addr - $remote_user [$time_local]
> "$request" '
>   '$status $body_bytes_sent "$http_referer" '
>   '"$http_user_agent" "$http_x_forwarded_for"';
>
>   auth_ldap_cache_enabled on;
>   auth_ldap_cache_expiration_time 1;
>   auth_ldap_cache_size 1000;
>
>   ldap_server acmeLDAP {
>
> url
> "ldap://ldapserver:389/OU=Corp,OU=Users,OU=acme,DC=corp,DC=acme,DC=net?sAMAccountName?sub?(objectClass=person)";
> binddn "acme\\appaccount";
> binddn_passwd "password";
> group_attribute member;
> group_attribute_is_dn on;
> satisfy any;
> require valid_user;
> }
>
>
>
>
>
>
> access_log  /var/log/nginx/access.log  main;
>
> sendfileon;
> tcp_nopush  on;
> tcp_nodelay on;
> keepalive_timeout   65;
> types_hash_max_size 2048;
>
> include /etc/nginx/mime.types;
> default_typeapplication/octet-stream;
>
> # Load modular configuration files from the /etc/nginx/conf.d
> directory.
> # See http://nginx.org/en/docs/ngx_core_module.html#include
> # for more information.
> include /etc/nginx/conf.d/*.conf;
>
> server {
> listen   80 default_server;
> listen   [::]:80 default_server;
> server_name  _;
> root /usr/share/nginx/html;
>
> # Load configuration files for the default server block.
> include /etc/nginx/default.d/*.conf;
>
> location / {
> }
>
>  location  ^~ /phpmyadmin/ {
>   alias /usr/share/phpmyadmin/;
>
>   location ~ \.php$ {
>include fastcgi_params;
>fastcgi_param SCRIPT_FILENAME $request_filename;
>fastcgi_pass  localhost:9000;
>   }
>   index index.php;
>  }
>
> error_page 404 /404.html;
> location = /40x.html {
> }
>
> error_page 500 502 503 504 /50x.html;
> location = /50x.html {
> }
> error_page 403 = @login;
> location @login {
>   rewrite ^.* https://secure.example.com/login;
> }
> }
>
>
>
> server {
> listen 80;
> auth_ldap "Please enter your ldap user";
> auth_ldap_servers acmeLDAP;
>
> server_name rt.servername.acme.com;
> access_log  /var/log/nginx/access.log;
> error_log /var/log/nginx/rt debug;
>
>
> location / {
>
>   alias /opt/rt4/share/html/;
>
>   fastcgi_param  QUERY_STRING   $query_string;
>   fastcgi_param  REQUEST_METHOD $request_method;
>   fastcgi_param  CONTENT_TYPE   $content_type;
>   fastcgi_param  CONTENT_LENGTH $content_length;
>
>   fastcgi_param  SCRIPT_NAME'';
>   fastcgi_param  PATH_INFO  $uri;
>   fastcgi_param  REQUEST_URI$request_uri;
>   fastcgi_param  DOCUMENT_URI   $document_uri;
>   fastcgi_param  DOCUMENT_ROOT  $document_root;
>   fastcgi_param  SERVER_PROTOCOL$server_protocol;
>
>   fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
>   fastcgi_param  SERVER_SOFTWAREnginx/$nginx_version;
>
>   fastcgi_param  REMOTE_ADDR$remote_addr;
>   fastcgi_param  REMOTE_PORT$remote_port;
>   fastcgi_param  SERVER_ADDR$server_addr;
>   fastcgi_param  SERVER_PORT$server_port;
>   fastcgi_param  SERVER_NAME$server_name;
>
>   fastcgi_pass 127.0.0.1:8090;
>
>
>
>
> }
>
> location = /auth {
>proxy_pass http://servername/phpmyadmin/phpTest.php;
>proxy_pass_request_body off;
>proxy_set_header Host $host;
>proxy_set_header X-Real-IP $remote_addr;
>proxy_set_header X-Origin-URI $request_uri;
>proxy_set_header Content-Length '0';
>}
>
>
>
>
>
>
> }
>
>
>
> RT_SiteConfig.pm:
>
>
> # Any configuration directives you include  here will override
> # RT's default configuration file, RT_Config.pm
> #
> # 

[rt-users] LDAP Configuration

[Travis Slusher]

Having lots of trouble getting Request Tracker (4.2) hooked up with 
ExternalAuth for LDAP.  I have nginx (1.8.0) working with LDAP so it 
successfully authenticates to the login page using Active Directory, but it is 
not passing the username and password to the login page, so the user ends up 
having to login twice.


Please take a look, this is a huge headache!


Here is my nginx config and my RT_SiteConfig:


nginx config:


# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

events {
worker_connections 1024;
}


http {
log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
  '$status $body_bytes_sent "$http_referer" '
  '"$http_user_agent" "$http_x_forwarded_for"';

  auth_ldap_cache_enabled on;
  auth_ldap_cache_expiration_time 1;
  auth_ldap_cache_size 1000;

  ldap_server acmeLDAP {

url 
"ldap://ldapserver:389/OU=Corp,OU=Users,OU=acme,DC=corp,DC=acme,DC=net?sAMAccountName?sub?(objectClass=person)";
binddn "acme\\appaccount";
binddn_passwd "password";
group_attribute member;
group_attribute_is_dn on;
satisfy any;
require valid_user;
}





access_log  /var/log/nginx/access.log  main;

sendfileon;
tcp_nopush  on;
tcp_nodelay on;
keepalive_timeout   65;
types_hash_max_size 2048;

include /etc/nginx/mime.types;
default_typeapplication/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

server {
listen   80 default_server;
listen   [::]:80 default_server;
server_name  _;
root /usr/share/nginx/html;

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

location / {
}

 location  ^~ /phpmyadmin/ {
  alias /usr/share/phpmyadmin/;

  location ~ \.php$ {
   include fastcgi_params;
   fastcgi_param SCRIPT_FILENAME $request_filename;
   fastcgi_pass  localhost:9000;
  }
  index index.php;
 }

error_page 404 /404.html;
location = /40x.html {
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
error_page 403 = @login;
location @login {
  rewrite ^.* https://secure.example.com/login;
}
}



server {
listen 80;
auth_ldap "Please enter your ldap user";
auth_ldap_servers acmeLDAP;

server_name rt.servername.acme.com;
access_log  /var/log/nginx/access.log;
error_log /var/log/nginx/rt debug;

location / {

  alias /opt/rt4/share/html/;

  fastcgi_param  QUERY_STRING   $query_string;
  fastcgi_param  REQUEST_METHOD $request_method;
  fastcgi_param  CONTENT_TYPE   $content_type;
  fastcgi_param  CONTENT_LENGTH $content_length;

  fastcgi_param  SCRIPT_NAME'';
  fastcgi_param  PATH_INFO  $uri;
  fastcgi_param  REQUEST_URI$request_uri;
  fastcgi_param  DOCUMENT_URI   $document_uri;
  fastcgi_param  DOCUMENT_ROOT  $document_root;
  fastcgi_param  SERVER_PROTOCOL$server_protocol;

  fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
  fastcgi_param  SERVER_SOFTWAREnginx/$nginx_version;

  fastcgi_param  REMOTE_ADDR$remote_addr;
  fastcgi_param  REMOTE_PORT$remote_port;
  fastcgi_param  SERVER_ADDR$server_addr;
  fastcgi_param  SERVER_PORT$server_port;
  fastcgi_param  SERVER_NAME$server_name;

  fastcgi_pass 127.0.0.1:8090;




}

location = /auth {
   proxy_pass http://servername/phpmyadmin/phpTest.php;
   proxy_pass_request_body off;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Origin-URI $request_uri;
   proxy_set_header Content-Length '0';
   }





}



RT_SiteConfig.pm:


# Any configuration directives you include  here will override
# RT's default configuration file, RT_Config.pm
#
# To include a directive here, just copy the equivalent statement
# from RT_Config.pm and change the value. We've included a single
# sample value below.
#
# This file is actually a perl module, so you can include valid
# perl code, as well.
#
# The converse is also true, if this file isn't valid perl, you're
# going to run into trouble. To check your SiteConfig file, use
# this command:
#
#   perl -c /path/to/your/etc/RT_SiteConfig.pm
#
# You must restart your webserver after making changes to this file.

# You must install Plugins on your own, this is only an example
# of the 

[rt-users] Possible Ownergroup + session issue

[Woody - Wild Thing Safaris]

HI Devs,

This unfortunately is a bit of a poor bug report as i couldn't find any 
info in any logs to send, so apologies from the start!


I changed a search from having

( Owner = 'fred' OR Owner = 'anna' )

to

( OwnerGroup = 'Bookings' OR OwnerGroup = 'Payments' )

this caused the dashboard to hang, and server fault, but with nothing in 
either apache logs or rt_log


once the broken dashboard had been visited, all other pages failed with 
serverfault until i delete cookies, and log in again, then all is ok 
until i visit either the broken search, or the dashboard.


On removing the two "OwnerGroup" lines, all is well again, though i had 
also cleared the session db table during my attempts to find the issue.


sorry again for not having much more to go on. I'm happy to try some 
more testing if you think it's worth looking into.


Woody.

--

---

Richard Wood (Woody)
Managing Director
Wild Thing Safaris Ltd.

UK: 2B Habbo St, Greenwich, London
Dar es Salaam: 5 Ethan St, Mbezi beach
Arusha: 3 Ebeneezer Rd, Njiro
PO BOX 34514 DSM
Office: +255 (0) 222 617 166
Office Mobile: +255 (0) 773 503 502
Direct: +255 742 373 327
Skype: woody1tz
http://wildthingsafaris.com

-
RT 4.4 and RTIR Training Sessions https://bestpractical.com/training
* Washington DC - May 23 & 24, 2016