Re: [rt-users] RT::User::ExternalAuthId Unimplemented in RT::Record

2017-02-02 Thread Alex Vandiver 
On Thu, 2 Feb 2017 19:59:47 +
Daniel Burchfield  wrote: 
> I am trying to get RT to pull in users from my local active directory
> and use AD for auth. Meaning when I change a user's password in AD it
> should reflect the change in RT. I'm running RT 4.4.1. Currently,
> when I run the import  I get the following error:
>
> Set($LDAPMapping, {
> Name=> 'sAMAccountName',
> EmailAddress=> 'mail',
> Organization=> 'department',
> RealName=> 'cn',
> NickName=> 'givenName',
> ExternalAuthId  => 'sAMAccountName',

This is the culprit line -- this column was removed in RT 4.4.  Remove
this line from your configuration, and it should resolve the issue.
 - Alex

[rt-users] RT::User::ExternalAuthId Unimplemented in RT::Record

2017-02-02 Thread Daniel Burchfield 
Hello,

I am trying to get RT to pull in users from my local active directory and use 
AD for auth. Meaning when I change a user's password in AD it should reflect 
the change in RT. I'm running RT 4.4.1. Currently, when I run the import  I get 
the following error:

[root@Servername myuser]# /opt/rt4/sbin/rt-ldapimport --import --debug
[51270] [Thu Feb  2 19:56:59 2017] [warning]: RT::Authen::ExternalAuth has been 
cored since RT 4.4, please check the upgrade document for more details 
(/opt/rt4/sbin/../lib/RT.pm:748)
[51270] [Thu Feb  2 19:57:00 2017] [warning]: RT::Authen::ExternalAuth has been 
cored since RT 4.4, please check the upgrade document for more details 
(/opt/rt4/sbin/../lib/RT.pm:748)
Starting import
[51270] [Thu Feb  2 19:57:00 2017] [critical]: RT::User::ExternalAuthId 
Unimplemented in RT::Record. (/opt/rt4/sbin/../lib/RT/Record.pm line 958)  
(/opt/rt4/sbin/../lib/RT.pm:390)
RT::User::ExternalAuthId Unimplemented in RT::Record. 
(/opt/rt4/sbin/../lib/RT/Record.pm line 958)

Here is my RT_SiteConfig.pm:

Plugin('RT::Extension::LDAPImport');
Plugin('RT::Authen::ExternalAuth');

# Uncomment for debug
#Set($LogToSyslog, 'debug');

Set( $CommentAddress, 'ithelpd...@mydomain.com' );
Set( $CorrespondAddress, 'ithelpd...@mydomain.com' );

Set( $DatabaseHost, 'localhost' );
Set( $DatabaseName, 'rt4' );
Set( $DatabasePassword, 'password' );
Set( $DatabasePort, '' );
Set( $DatabaseType, 'mysql' );
Set( $DatabaseUser, 'srv_rtir' );

Set( $Organization, '' );
Set( $OwnerEmail, 'ithelpd...@mydomain.com' );
Set( $SendmailPath, '/usr/sbin/sendmail' );
Set( $WebDomain, 'tracker.mydomain.local' );
Set( $WebPort, '8080' );
Set( $rtname, 'Mydomain-Tracker' );

# to fix that annoying error that the sites dont match
Set(@ReferrerWhitelist, qw(tracker.mydomain.local:8080));

# LDAP Authentication
Set( @Plugins, qw(RT::Extension::LDAPImport));
Set( @Plugins, qw(RT::Authen::ExternalAuth));

# LDAP user import
Set($LDAPHost,'mydomain.local');
Set($LDAPUser, 'mydomain\LDAPUser');
Set($LDAPPassword, 'password');
Set($LDAPBase, 'CN=Users,DC=mydomain,DC=local');
Set($LDAPFilter, '(&(objectCategory=person))');

Set($LDAPMapping, {

Name=> 'sAMAccountName',

EmailAddress=> 'mail',

Organization=> 'department',

RealName=> 'cn',

NickName=> 'givenName',

ExternalAuthId  => 'sAMAccountName',

Gecos   => 'sAMAccountName',

WorkPhone   => 'telephoneNumber',

MobilePhone => 'mobile',

Address1=> 'streetAddress',

City=> 'l',

State   => 'st',

Zip => 'postalCode',

Country => 'co'
});

Set($LDAPCreatePrivileged, 1);
Set($LDAPUpdateUsers, 1);

## LDAP GROUP IMPORT AND MAPPINGS

Set($LDAPGroupMapping, {Name=> 'cn',

Member_Attr => 'member',

Member_Attr_Value   => 'dn'});



#OU/basedn location of groups

Set($LDAPGroupBase, 'ou=users,dc=mydomain,dc=local');



# LDAP GROUP FILTERING

Set($LDAPGroupFilter, '(|(cn=Domain Users)(cn=Technical 
Operations)(cn=Management))');


## LDAP Authentication

# Use the below LDAP source for both authentication, as well as user

# information

Set( $ExternalAuthPriority, ["My_LDAP"] );

Set( $ExternalInfoPriority, ["My_LDAP"] );



# Make users created from LDAP Privileged

Set( $UserAutocreateDefaultsOnLogin, { Privileged => 1 } );



# Users should still be autocreated by RT as internal users if they

# fail to exist in an external service; this is so requestors (who

# are not in LDAP) can still be created when they email in.

Set($AutoCreateNonExternalUsers, 1);

  # Minimal LDAP configuration; see RT::Authen::ExternalAuth::LDAP for

# further details and examples

Set($ExternalSettings, {

'My_LDAP'   =>  {

'type' =>  'ldap',

'server'   =>  'internalIpAddress',

# By not passing 'user' and 'pass' we are using an anonymous

# bind, which some servers to not allow

'base' =>  'ou=Users,dc=mydomain,dc=local',

'filter'   =>  '(objectClass=inetOrgPerson)',

# Users are allowed to log in via email address or account

# name

'attr_match_list'  => [

'Name',

'EmailAddress',

],

# Import the following properties of the user from LDAP upon

# login

'attr_map' => {

'Name' => 'sAMAccountName',

'EmailAddress' => 'mail',

'RealName' => 'cn',

'WorkPhone'=> 'telephoneNumber',

'Address1' => 'streetAddress',

'City' => 'l',
'State'=> 'st',

'Zip'  =>

[rt-users] rt-mailgate in lab environment stopped working

2017-02-02 Thread Cena, Stephen (ext. 300) 
I've been beating my head against this for days now and can't figure this out. 
I original had (as much as possible) a clone of our production environment in a 
lab. I reached a point where I was forced to re-IP the lab environment which 
went well. Now, rt-mailgate simply doesn't work. Outbound mail does work 
(postfix). If I use the /etc/aliases file for commands like I usually to, 
fetchmail attempts to contact an SMTP server for local delivery. If I actually 
embed the rt-mailgate command inside fetchmailrc I now get "http request 
failed: 500 can't connect to SERVER:80. Web server logs may have more info". I 
can't find anything.

I've put in a new mail server to see if that was the issue, but I simply cannot 
get the lab server to pick up mail anymore. As far as I can tell, DNS is 
functioning properly. What am I missing?

Stephen Cena
Senior Systems Administrator
Quality Vision International, Inc.
Phone: (585) 544-0450 x300
To notify helpdesk: http://helpdesk.ogp.qvii.com or email: 
hd-gene...@qvii.com
To report email issues: postmas...@qvii.com