[rt-users] Auto create externally authenticated users and put them into specific groups

[Chris Robison]

Is there a way to put automatically created externally authenticated users
and into specific groups as they are being created?

Thanks,
Chris Robison

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain — November 28 & 29, 2011

[rt-users] Autocreate unprivileged users

[Yan Seiner]

I have 4.0.2 set up to autocreate privileged users authenticated through
LDAP.

I'm pretty sure I had 3.8.10 set up to autocreate unprivileged users who
did not authenticate through LDAP.  I can't figure out how to do this in
4.0.2.

In other words, the functionality I need is:

A user tries to log on, RT authenticates him through LDAP, and the user is
created as privileged.  This works.

An unknown user sends email in to the system, either in reply to an
existing ticket or to one of the queues we have set up for external
interaction.  The system should accept the email and autocreate the user
as unprivileged.  This gets rejected with

"RT could not load a valid user, and RT's configuration does not allow for
the creation of a new user for this email [email follows]"

How do I do this?  I can't find a setting for this.


-- 
Pain is temporary. It may last a minute, or an hour, or a day, or a year,
but eventually it will subside and something else will take its place. If
I quit, however, it lasts forever.


RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011

Re: [rt-users] External Auth (LDAP) and Mail Attribute

[Thomas Misilo]

>Also - to be clear, you're concentrating on the part of the code that checks 
>to see if a user exists.  You're not looking at the later queries that 
>*actually* sync the data.

>-kevin

Okay, I have looked through and checked everything but I cannot any errors in 
rt.log

I see this line: [Tue Nov 15 20:19:22 2011] [debug]: Authentication successful. 
Now updating user information and attempting login. 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:179)
 but it doesn't talk about any of my mappings.

Thanks,

Tom

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011

Re: [rt-users] External Auth (LDAP) and Mail Attribute

[Kevin Falcone]

On Tue, Nov 15, 2011 at 12:34:26PM -0500, Kevin Falcone wrote:
> On Tue, Nov 15, 2011 at 12:21:52PM -0500, Thomas  Misilo wrote:
> > -Original Message-
> > From: rt-users-boun...@lists.bestpractical.com 
> > [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kevin Falcone
> > Sent: Tuesday, November 15, 2011 12:05 PM
> > To: rt-users@lists.bestpractical.com
> > Subject: Re: [rt-users] External Auth (LDAP) and Mail Attribute
> > 
> > On Tue, Nov 15, 2011 at 11:55:41AM -0500, Thomas  Misilo wrote:
> > > 
> > > Okay I think I see what my problem is. 
> > > 
> > > In the log is see "== Attrs: displayName,mail,cn,cn,cn" and when I try 
> > > and select the attributes like that from the AD it doesn't find them. 
> > > They are separated by ; I believe with windows AD.
> > 
> > That's a debugging convention, not the literal command sent.
> > The filter is right above it in the logs.
> > 
> > The usual next step is to run ldapsearch manually with the filter and see 
> > what you get back
> > 
> > -kevin
> > 
> > Okay I ran;
> > 
> > ldapsearch -h server-x -b "dc=server,dc=tld" -D "CN=user,OU=Group User 
> > Accounts,OU=Groups ,DC=server,DC=tld" -W  "(&(cn=userIwant))" displayName 
> > mail cn
> > 
> > and it displays correctly the following:
> > 
> > cn: userIwant
> > displayName: Name
> > mail: useriw...@server.tld
> > 
> > 
> > I have tried changing line 304 in LDAP.pm to join with spaces, but that 
> > doesn't work.
> 
> Line 304 is a debug line.
> 
> It has absolutely no bearing on the operation of the search and
> return.
> 
> The actual search is run a few lines later.

Also - to be clear, you're concentrating on the part of the code that
checks to see if a user exists.  You're not looking at the later
queries that *actually* sync the data.

-kevin


pgpG8xJjfQBV1.pgp
Description: PGP signature

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain — November 28 & 29, 2011

Re: [rt-users] External Auth (LDAP) and Mail Attribute

[Kevin Falcone]

On Tue, Nov 15, 2011 at 12:21:52PM -0500, Thomas  Misilo wrote:
> -Original Message-
> From: rt-users-boun...@lists.bestpractical.com 
> [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kevin Falcone
> Sent: Tuesday, November 15, 2011 12:05 PM
> To: rt-users@lists.bestpractical.com
> Subject: Re: [rt-users] External Auth (LDAP) and Mail Attribute
> 
> On Tue, Nov 15, 2011 at 11:55:41AM -0500, Thomas  Misilo wrote:
> > 
> > Okay I think I see what my problem is. 
> > 
> > In the log is see "== Attrs: displayName,mail,cn,cn,cn" and when I try and 
> > select the attributes like that from the AD it doesn't find them. They are 
> > separated by ; I believe with windows AD.
> 
> That's a debugging convention, not the literal command sent.
> The filter is right above it in the logs.
> 
> The usual next step is to run ldapsearch manually with the filter and see 
> what you get back
> 
> -kevin
> 
> Okay I ran;
> 
> ldapsearch -h server-x -b "dc=server,dc=tld" -D "CN=user,OU=Group User 
> Accounts,OU=Groups ,DC=server,DC=tld" -W  "(&(cn=userIwant))" displayName 
> mail cn
> 
> and it displays correctly the following:
> 
> cn: userIwant
> displayName: Name
> mail: useriw...@server.tld
> 
> 
> I have tried changing line 304 in LDAP.pm to join with spaces, but that 
> doesn't work.

Line 304 is a debug line.

It has absolutely no bearing on the operation of the search and
return.

The actual search is run a few lines later.

-kevin


pgpivMwmi1isD.pgp
Description: PGP signature

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain — November 28 & 29, 2011

Re: [rt-users] External Auth (LDAP) and Mail Attribute

[Thomas Misilo]

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kevin Falcone
Sent: Tuesday, November 15, 2011 12:05 PM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] External Auth (LDAP) and Mail Attribute

On Tue, Nov 15, 2011 at 11:55:41AM -0500, Thomas  Misilo wrote:
> 
> Okay I think I see what my problem is. 
> 
> In the log is see "== Attrs: displayName,mail,cn,cn,cn" and when I try and 
> select the attributes like that from the AD it doesn't find them. They are 
> separated by ; I believe with windows AD.

That's a debugging convention, not the literal command sent.
The filter is right above it in the logs.

The usual next step is to run ldapsearch manually with the filter and see what 
you get back

-kevin

Okay I ran;

ldapsearch -h server-x -b "dc=server,dc=tld" -D "CN=user,OU=Group User 
Accounts,OU=Groups ,DC=server,DC=tld" -W  "(&(cn=userIwant))" displayName mail 
cn

and it displays correctly the following:

cn: userIwant
displayName: Name
mail: useriw...@server.tld


I have tried changing line 304 in LDAP.pm to join with spaces, but that doesn't 
work.

Tom

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011

Re: [rt-users] Images in emails

[Kevin Falcone]

On Tue, Nov 15, 2011 at 11:58:09AM -0500, Christopher Lasater wrote:
> Is there a simple way to filter out known images?  Everyone in my company has 
> the same signature with 5 or 6 images in it.  It would be nice if I can tell 
> RT to not attach images with those specific names.

You really want to put something before RT, like mimedefang or some
similar piece of software.


pgpItSfmo28JZ.pgp
Description: PGP signature

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain — November 28 & 29, 2011

Re: [rt-users] External Auth (LDAP) and Mail Attribute

[Kevin Falcone]

On Tue, Nov 15, 2011 at 11:55:41AM -0500, Thomas  Misilo wrote:
> 
> Okay I think I see what my problem is. 
> 
> In the log is see "== Attrs: displayName,mail,cn,cn,cn" and when I try and 
> select the attributes like that from the AD it doesn't find them. They are 
> separated by ; I believe with windows AD.

That's a debugging convention, not the literal command sent.
The filter is right above it in the logs.

The usual next step is to run ldapsearch manually with the filter and
see what you get back

-kevin


pgpgtNMl3HfaH.pgp
Description: PGP signature

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain — November 28 & 29, 2011

Re: [rt-users] LDAP authentication problem

[mjames]

I turned on logging on the Domain Controller and tried to auto-create a user by 
email. There weren't any indications on the DC of an LDAP inquiry, so I'm 
wondering if I'm missing a perl module. Whereas command-line ldapsearch 
completes successfully and I see logging on the DC.

I don't see anything indicative in /var/log/messages other than the errors I 
included below. Thanks for any suggestions.

Mike

From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of 
mja...@guesswho.com
Sent: Monday, November 14, 2011 4:28 PM
To: rt-users@lists.bestpractical.com
Subject: [rt-users] LDAP authentication problem

Hi, I know there are tons of questions on the list about getting LDAP 
authentication to work. And I have done it before at other employers, so I'm 
even more frustrated...

Here's what I've got:
RT 4.0.2 on CentOS 5.7
RT-Authen-ExternalAuth-0.09.tar.gz
Active Directory on Server 2008 R2

I set up the /opt/rt4/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm 
file with the LDAP parameters that I thought would work. Also, I can do a 
successful ldapsearch from the command line against the AD server with the same 
credentials.

Here's an ldapsearch run from the CLI on my RT server. This returns a 
successful result from the domain controller.
[root@host ~]# ldapsearch -h dc-01.mydomain.com -x -b "dc=mydomain,dc=com" -D 
"cn=mike james,cn=users,dc=mydomain,dc=com" -w 'mypasswd' 
"mail=anyu...@mydomain.com"

Here's the LDAP portion of my config file. I got the d_filter from a google 
search. It was mentioned in a couple of places as being the correct string for 
disabled users.
# AN EXAMPLE LDAP SERVICE
'My_LDAP'   =>  {   ## GENERIC SECTION
'type'  
=>  'ldap',
'server'
=>  'dc-01.mydomain.com',
'user'  
=>  'cn=mike james,cn=users,dc=mydomain,dc=com',
'pass'  
  =>  'mypasswd',
'base'  
=>  'dc=mydomain,dc=com',
'filter'
=>  '(objectClass=*)',
'd_filter'  
=>  '(userAccountControl:1.2.840.113556.1.4.803:=2))',
'tls'   
=>  0,
'ssl_version'   
=>  3,
'net_ldap_args' 
=> [version =>  3   ],
'attr_match_list'   
=> ['Name',

'EmailAddress'

],
# The mapping of RT 
attributes on to LDAP attributes
'attr_map'  
=>  {   'Name' => 'sAMAccountName',

'EmailAddress' => 'mail',

'RealName' => 'cn'

}

All requests for new tickets are being rejected, and it's making me crazy. Any 
ideas?

Nov 14 15:07:46 x-tracker-01 RT: Use of uninitialized value in join or string 
at /usr/lib/perl5/site_perl/5.8.8/Log/Dispatch.pm line 23. 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:458)
Nov 14 15:07:46 x-tracker-01 RT: RT::Authen::ExternalAuth::CanonicalizeUserInfo 
returning Comments: Autocreated on ticket submission, Disabled: 0, 
EmailAddress: mja...@mydomain.com, Name: 
mja...@mydomain.com, Password: , Privileged: 0, 
RealName:  
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536)
Nov 14 15:07:46 x-tracker-01 RT: User creation failed in mailgateway: Could not 
set user info (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244)
Nov 14 15:07:46 x-tracker-01 RT: Couldn't load user 
'mja...@mydomain.com'.giving up 
(/opt/rt4/sbin/../lib/RT/Interface/Email.pm:1016)
Nov 14 15:07:46 x-tracker-01 RT: User  'mja...@mydomain.com' could not be 
loaded in the mail gateway (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244)
Nov 14 15:07:46 x-tracker-01 RT: RT could no

Re: [rt-users] Images in emails

[Christopher Lasater]

Is there a simple way to filter out known images?  Everyone in my company has 
the same signature with 5 or 6 images in it.  It would be nice if I can tell RT 
to not attach images with those specific names.

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011

Re: [rt-users] External Auth (LDAP) and Mail Attribute

[Thomas Misilo]

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Thomas Misilo
Sent: Tuesday, November 15, 2011 11:51 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] External Auth (LDAP) and Mail Attribute

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kevin Falcone
Sent: Tuesday, November 15, 2011 11:36 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] External Auth (LDAP) and Mail Attribute

On Tue, Nov 15, 2011 at 10:24:50AM -0500, Thomas  Misilo wrote:
>Is there any special trick other than having:
> 
>   # The mapping of RT attributes on to LDAP attributes
> 
> 'attr_map'  =>  {   'Name' => 
> 'cn',
> 
> 
> 'EmailAddress' => 'mail',
> 
> 
> 'RealName' => 'displayName',
> 
>'ExternalAuthId' => 'cn',
> 
>'Gecos' => 'cn'
> 
> }
> 
> 
> 
>In your config to get the email? As it pulls Gecos correctly, but nothing 
> else, Including
>ExternalAuthId.

As long as those are the right attributes, and you have rights to read the ldap 
recpard, it should be fine.

The debug logs list what data is pulled from LDAP so you can confirm.


I turned on debug via:

Set($LogToSyslog, "debug");
Set($LogToScreen, "debug");
Set($LogToFile, 1);

And I am getting more data in the apache log, but I do not see anything that 
lists the specific attributes it is getting.

I can browse and read the attributes using ldp in windows.

Thanks for any help,

Tom


Okay I think I see what my problem is. 

In the log is see "== Attrs: displayName,mail,cn,cn,cn" and when I try and 
select the attributes like that from the AD it doesn't find them. They are 
separated by ; I believe with windows AD.




RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011

Re: [rt-users] External Auth (LDAP) and Mail Attribute

[Thomas Misilo]

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kevin Falcone
Sent: Tuesday, November 15, 2011 11:36 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] External Auth (LDAP) and Mail Attribute

On Tue, Nov 15, 2011 at 10:24:50AM -0500, Thomas  Misilo wrote:
>Is there any special trick other than having:
> 
>   # The mapping of RT attributes on to LDAP attributes
> 
> 'attr_map'  =>  {   'Name' => 
> 'cn',
> 
> 
> 'EmailAddress' => 'mail',
> 
> 
> 'RealName' => 'displayName',
> 
>'ExternalAuthId' => 'cn',
> 
>'Gecos' => 'cn'
> 
> }
> 
> 
> 
>In your config to get the email? As it pulls Gecos correctly, but nothing 
> else, Including
>ExternalAuthId.

As long as those are the right attributes, and you have rights to read the ldap 
recpard, it should be fine.

The debug logs list what data is pulled from LDAP so you can confirm.


I turned on debug via:

Set($LogToSyslog, "debug");
Set($LogToScreen, "debug");
Set($LogToFile, 1);

And I am getting more data in the apache log, but I do not see anything that 
lists the specific attributes it is getting.

I can browse and read the attributes using ldp in windows.

Thanks for any help,

Tom

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011

Re: [rt-users] External Auth (LDAP) and Mail Attribute

[Kevin Falcone]

On Tue, Nov 15, 2011 at 10:24:50AM -0500, Thomas  Misilo wrote:
>Is there any special trick other than having:
> 
>   # The mapping of RT attributes on to LDAP attributes
> 
> 'attr_map'  =>  {   'Name' => 
> 'cn',
> 
> 
> 'EmailAddress' => 'mail',
> 
> 'RealName' => 
> 'displayName',
> 
>'ExternalAuthId' => 'cn',
> 
>'Gecos' => 'cn'
> 
> }
> 
> 
> 
>In your config to get the email? As it pulls Gecos correctly, but nothing 
> else, Including
>ExternalAuthId.

As long as those are the right attributes, and you have rights to read
the ldap recpard, it should be fine.

The debug logs list what data is pulled from LDAP so you can confirm.

-kevin


pgpAQPoF6yhAO.pgp
Description: PGP signature

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain — November 28 & 29, 2011

Re: [rt-users] turning off automated e-mails

[Giuseppe Sollazzo]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi Tom,
there's a much simpler way of dealing with it: I guess you want to
have a look at Scrips and Templates.

You can disable some of them. For example, Autoreply is the one
triggered when a ticket is created, Correspond is the one triggered
for any other reply except for a ticket resolution, Resolved is the
resolution.

Possibly, you want to leave just Autoreply and Resolved as active.

Giuseppe

On 15/11/11 15:24, Tom Hansen wrote:
>
> I am new to RT but I have done extensive searching on this and
> have not found what I am looking for. So, apologies if this is an
> FAQ that I have somehow missed.
>
> Basically, I want to set up RT4 so that it will only send e-mails
> upon explicit request. No e-mails on ticket creation, no e-mails
> on status change, no e-mails on adding comments/replies.
>
> I would just like, on every reply/comment, to have an "e-mail
> this" option so that an admin can very simply choose at the time
> of entering a reply or comment, to actually send as an e-mail.
> The DEFAULT would always be to NOT send any e-mails to anyone, and
> even if you choose to update a requestor on a particular reply or
> comment, I don't want that action to "turn on the faucet" for that
> user- I want the default to always be NO E-MAIL.
>
> Why is this? Because I know that my user base would be irritated
> by such e-mails. I know I am when I get automated replies like
> "Your ticket #7546564 has been received. Our next available tech
> will respond." It's like calling an 800 number and getting the
> infamous "your call is very important to us. Please hold and your
> call will be answered in the order it was received."
>
> I ultimately would like the user to receive usually just one
> e-mail when the ticket is closed, consisting of a personal message
> from one of us that also gets recorded in RT. That's it. And even
> that should be optional. Even if the problem had to be bounced
> between two techs, escalated, placed on hold for a day pending
> response from the vendor, before finally being resolved by a third
> tech, and the manager. I just don't want the user going on that
> roller-coaster ride with us unless they want to, and then we would
> only want to manually send out those pieces of information that we
> explicitly choose to share, at the time that we want to share it.
>
> I don't want RT sending out ANY e-mails automatically, EVER.
>
> But I still want the capability to manually choose to send any
> reply/comment from RT to a user if need be. But only on explicit
> manual request from the admin entering the information into RT.
>
> This sounds like such a simple, obvious scenario, yet I find
> support for it nowhere. Must I spend a week learning the internals
> of RT and write my own extension, to just set it so that it will
> only send e-mails manually?
>
>
> For now I have implemented a quick fix to allow me to use RT: I
> inserted an "exit" statement into the top of the Perl code routine
> that sends e-mails -- it was the top recommendation on the wiki --
> and then I went in and, via a custom callback I got from the Wiki,
> suppressed the listing of those numerous "e-mail sent" entries
> that pollute the ticket history. But this solution means that I'm
> forever copying and pasting to and from e-mails to users. Which
> is fine, it's doable. But why does it need to be so hard to just
> turn off automatic e-mailing from RT?
>


- -- 


Giuseppe Sollazzo
Senior Systems Analyst
Computing Services
Information Services
St. George's, University Of London
Cranmer Terrace
London SW17 0RE

Email: gsoll...@sgul.ac.uk
Direct Dial: +44 20 8725 5160
Fax: +44 20 8725 3583

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJOwokzAAoJEAqigArPBfJXjWQH/27Vv8LtD96768Xd4zslR+i4
yqZV/zPSykPq2UOPKYQr6DkgrRPt4lqEfP+aeJ7djAJI8Q98tpSlB0srN6Y5CibI
LpbwsXmvxCTD/qsG57w5A3Yt5mIQnNMJNboS9K3j06T6vbB+Zr1oWQo3Xs1I/xSq
WmBf6Q3h95bLD7IWMpGPjA3nWgv9RjZzNROYznKppl/nVUscmAqkqy3ZrPWtxBZK
9XDaQ9jxCumaAB55GCf4LG+wmqLnR7jLD15WNM9aIVOYZcp/UQdWV86DE8LcFLFx
2zDYkfTAki/UihtEW26sz056tZ1SG4CAsnlUxHciDks/TyA0MaDVXQYqRArCYJA=
=tHem
-END PGP SIGNATURE-


RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011

[rt-users] turning off automated e-mails

[Tom Hansen]

I am new to RT but I have done extensive searching on this and have not 
found what I am looking for.  So, apologies if this is an FAQ that I 
have somehow missed.


Basically, I want to set up RT4 so that it will only send e-mails upon 
explicit request.  No e-mails on ticket creation, no e-mails on status 
change, no e-mails on adding comments/replies.


I would just like, on every reply/comment, to have an "e-mail this" 
option so that an admin can very simply choose at the time of entering a 
reply or comment, to actually send as an e-mail.  The DEFAULT would 
always be to NOT send any e-mails to anyone, and even if you choose to 
update a requestor on a particular reply or comment, I don't want that 
action to "turn on the faucet" for that user- I want the default to 
always be NO E-MAIL.


Why is this?  Because I know that my user base would be irritated by 
such e-mails.  I know I am when I get automated replies like "Your 
ticket #7546564 has been received.  Our next available tech will 
respond."  It's like calling an 800 number and getting the infamous 
"your call is very important to us.  Please hold and your call will be 
answered in the order it was received."


I ultimately would like the user to receive usually just one e-mail when 
the ticket is closed, consisting of a personal message from one of us 
that also gets recorded in RT.  That's it.  And even that should be 
optional.  Even if the problem had to be bounced between two techs, 
escalated, placed on hold for a day pending response from the vendor, 
before finally being resolved by a third tech, and the manager.  I just 
don't want the user going on that roller-coaster ride with us unless 
they want to, and then we would only want to manually send out those 
pieces of information that we explicitly choose to share, at the time 
that we want to share it.


I don't want RT sending out ANY e-mails automatically, EVER.

But I still want the capability to manually choose to send any 
reply/comment from RT to a user if need be.  But only on explicit manual 
request from the admin entering the information into RT.


This sounds like such a simple, obvious scenario, yet I find support for 
it nowhere.  Must I spend a week learning the internals of RT and write 
my own extension, to just set it so that it will only send e-mails manually?



For now I have implemented a quick fix to allow me to use RT: I inserted 
an "exit" statement into the top of the Perl code routine that sends 
e-mails -- it was the top recommendation on the wiki -- and then I went 
in and, via a custom callback I got from the Wiki, suppressed the 
listing of those numerous "e-mail sent" entries that pollute the ticket 
history.  But this solution means that I'm forever copying and pasting 
to and from e-mails to users.  Which is fine, it's doable.  But why does 
it need to be so hard to just turn off automatic e-mailing from RT?


--
Tom Hansen
Senior Information Processing Consultant
UWM School of Freshwater Sciences
Great Lakes WATER Institute
t...@uwm.edu
www.freshwater.uwm.edu


RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011

[rt-users] External Auth (LDAP) and Mail Attribute

[Thomas Misilo]

Is there any special trick other than having:

   # The mapping of RT attributes on to LDAP attributes
 'attr_map'  =>  {   'Name' => 'cn',
 'EmailAddress' => 
'mail',
 'RealName' => 
'displayName',
'ExternalAuthId' => 'cn',
'Gecos' => 'cn'
 }

In your config to get the email? As it pulls Gecos correctly, but nothing else, 
Including ExternalAuthId.

Thanks for any ideas.

Tom


RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain — November 28 & 29, 2011

Re: [rt-users] RT4 and CAS

[Kevin Falcone]

On Tue, Nov 15, 2011 at 09:28:52AM -0500, Thomas  Misilo wrote:
>I was wondering if anyone has any experience with using RT with CAS 
> Authentication or if it is
>even possible?

Many people have configured mod_auth_cas and used the core
WebExternalAuth settings that you read about in RT_Config.pm

-kevin


pgpQPni6ZDZ1y.pgp
Description: PGP signature

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain — November 28 & 29, 2011

[rt-users] RT4 and CAS

[Thomas Misilo]

Hello,

I was wondering if anyone has any experience with using RT with CAS 
Authentication or if it is even possible?

Thanks,

Tom


RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain — November 28 & 29, 2011

Re: [rt-users] Sorting custom fields

[Giuseppe Sollazzo]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Thanks Ruslan,
I'll see if this doesn't overcomplicate things.

Giuseppe

On 14/11/11 18:09, Ruslan Zakirov wrote:
> ustomFields ocf ON ocf.CustomField = cf.id LEFT JOIN Queues q ON
> ocf.ObjectId = q.id WHERE cf.LookupType = 'RT::Queue-RT::Ticket'
> AND (q.Name IS NULL OR q.Name = 'Blocks') ORDER BY cf.LookupType
> ASC, ocf.SortOrder ASC;


- -- 


Giuseppe Sollazzo
Senior Systems Analyst
Computing Services
Information Services
St. George's, University Of London
Cranmer Terrace
London SW17 0RE

Email: gsoll...@sgul.ac.uk
Direct Dial: +44 20 8725 5160
Fax: +44 20 8725 3583

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJOwjtPAAoJEAqigArPBfJXgSQH/iJfiBVMxUvofXN6aJsO2GJi
qgJ9yE57ylSYaOulctEDkYbXzR0t1RudFZnDhCdDM9aVvl0qIB6BDp4v5kSaueNd
4p1vR//oYQKkR6K/wxXYoeqbsTouy2lU414O9fZ2PWrm9D0aNpfrErLJ5ysRtp0+
W5J3L/nAPWMghB+xWSm5EH43ldPbJJeH/grdLFhcgelBo5uwTeK9relxlrLcnj9e
/z9Nl7K7uGiw2bGkz4+ELk84V3Wr+e/TGziPBsfzn/3jSyvK1IETtCzg4s4PfEe4
SErGXIxCF+VQ6BfdZYslwKkDMA5XJ1MeVm0tLFZyV/y8F33uRR43C5ZhB7lt+YA=
=3vhB
-END PGP SIGNATURE-


RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011

Re: [rt-users] Sorting custom fields

[Giuseppe Sollazzo]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi Kennet,
yep, that makes sense. My question, very badly worded, is whether it's
possible to re-sort the fields once you've already added them to a
queue. But never mind, I'll do it with swapping.

Best,
Giuseppe

On 14/11/11 17:50, Kenneth Crocker wrote:
> Giuseppe,
>
> As far as I know, you can only modify the sequence under "Ticket
> Custom Fields" when Configuring a Queue. So that all tickets in
> the same Queue see the Cf's in the same sequence. That's about the
> extent of my knowledge.
>
> Kenn LBNL
>
> On Mon, Nov 14, 2011 at 9:31 AM, Giuseppe Sollazzo
> mailto:gsoll...@sgul.ac.uk>> wrote:
>
>
> On 14/11/11 17:24, Kenneth Crocker wrote:
>> Giuseppe,
>
>
>
>> Are you talking about hoe the VALUES appear or the way the
> Fields
>
>> themselves appear on a ticket page?
>
>
>
> Hi Kenneth, the order of the fields themselves. I know you can give
> a sort order for the values within the interface, so I was
> expecting something similar to be available for Fields order. The
> only way to do it seems to be swapping them around. Any other
> possibility?
>
> Thanks, Giuseppe
>
>
>
>> Kenn LBNL
>
>
>
>> On Thu, Nov 10, 2011 at 6:49 AM, Giuseppe Sollazzo
>
>> mailto:gsoll...@sgul.ac.uk>
>  > wrote:
>
>
>
>
>
>> Hi there, maybe this is stupid but is there a quick way of
>
>> re-sorting custom fields?
>
>
>
>> Thanks, Giuseppe
>
>
>
>
> 
>
> RT Training Sessions
> (http://bestpractical.com/services/training.html) * Barcelona,
> Spain November 28 & 29, 2011
>
>
>
>
>>  RT Training Sessions
>
>> (http://bestpractical.com/services/training.html) *
> Barcelona,
>
>> Spain ? November 28 & 29, 2011
>
>
>

>  RT Training Sessions
> (http://bestpractical.com/services/training.html) * Barcelona,
> Spain ? November 28 & 29, 2011


- -- 


Giuseppe Sollazzo
Senior Systems Analyst
Computing Services
Information Services
St. George's, University Of London
Cranmer Terrace
London SW17 0RE

Email: gsoll...@sgul.ac.uk
Direct Dial: +44 20 8725 5160
Fax: +44 20 8725 3583

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJOwjswAAoJEAqigArPBfJXL7cIAJYrNW8U18XBQC73d2v+2bdZ
4unD1NftReWNZ1QFzDfulwPbJsA3w1BQAwiQHMgGasZKCa/1ueYG29e3dthQHWRd
cGZx/yw4qRj0x+fWUpp8wndoeiHoG9M2ylMHeo+B6jypmnJ5EUsm9Yr2bHnSJcdm
UpmhaCUvugQn2CeVi8HtHBDSCYUFa68+owavnXvuxfbuDQyc3yJrScvxBN3a7Wer
Q/w5YDEEIaT0flmVFNwdNRkBQ/sMyhgEIB015j0w4CxNKUpfmy9Ghu9A2f969MEc
HYGRQIllVpQD3c1y82pJmfZ2bZr3+EdMpPec8Cwg19hlfxWOpFURNfLFxSmTspg=
=r/xn
-END PGP SIGNATURE-


RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain — November 28 & 29, 2011

Re: [rt-users] RT::Authen::ExternalAuth with PHPass (phpbb3);

[Adrian Stel]

Hi,


Can't use string ("user password") as a HASH ref while "strict refs"
in use at /usr/local/share/perl/5.10.1/Authen/Passphrase/PHPass.pm
line 278.

Problem is with type of user password.

Still need to know where I should search.




Best
Adrian


2011/11/15 Adrian Stel :
> Hi,
>
> any idea where I should look, file name ? function ?
>
>
>
>
> Best
> Adrian
>
> 2011/11/14 Zordrak :
>> Adrian Stel wrote:
>>> Hi,
>>>
>>>
>>> thanks :)
>>>
>>> phpass has many method I use hash_base64, RTSiteConfig.pm:
>>>
>>> 'p_enc_pkg'                 =>  'Authen::Passphrase::PHPass',
>>> 'p_enc_sub'                 =>  'hash_base64',
>>>
>>>
>>> and when i put user/pass I get:
>>>
>>> RT Site:
>>> http://150.254.148.60/NoAuth/Login.html
>>>
>>> Can't use string ("*") as a HASH ref while "strict refs" in use at
>>> /usr/local/share/perl/5.10.1/Authen/Passphrase/PHPass.pm line 278.
>>>
>>> But when I reload page I will be login to RT.
>>>
>>> Any idea why we get this error.
>>
>>
>> My guess would be that PHPass.pm expects the password to be sent to it
>> as a hashref instead of a string. IF this is the case then you will need
>> to modify the code in ExternalAuth so that when the subroutine is
>> called, the string is first converted into a hashref and then sent as a
>> parameter.
>> --
>> Zordrak
>> zord...@tpa.me.uk
>>
>



-- 
Pozdrawiam
Adrian Stelmaszyk

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011

Re: [rt-users] RT::Authen::ExternalAuth with PHPass (phpbb3);

[Adrian Stel]

Hi,

any idea where I should look, file name ? function ?




Best
Adrian

2011/11/14 Zordrak :
> Adrian Stel wrote:
>> Hi,
>>
>>
>> thanks :)
>>
>> phpass has many method I use hash_base64, RTSiteConfig.pm:
>>
>> 'p_enc_pkg'                 =>  'Authen::Passphrase::PHPass',
>> 'p_enc_sub'                 =>  'hash_base64',
>>
>>
>> and when i put user/pass I get:
>>
>> RT Site:
>> http://150.254.148.60/NoAuth/Login.html
>>
>> Can't use string ("*") as a HASH ref while "strict refs" in use at
>> /usr/local/share/perl/5.10.1/Authen/Passphrase/PHPass.pm line 278.
>>
>> But when I reload page I will be login to RT.
>>
>> Any idea why we get this error.
>
>
> My guess would be that PHPass.pm expects the password to be sent to it
> as a hashref instead of a string. IF this is the case then you will need
> to modify the code in ExternalAuth so that when the subroutine is
> called, the string is first converted into a hashref and then sent as a
> parameter.
> --
> Zordrak
> zord...@tpa.me.uk
>

RT Training Sessions (http://bestpractical.com/services/training.html)
*  Barcelona, Spain  November 28 & 29, 2011