[rt-users] Help with Active Directory Auth on 4.2.2
Hi,
I need some help from you whom have already Request Tracker with Active
Directory!
After struggle for some days trying to authenticate Active Directory users with
the External Auth module I bring you my Apache Log and configuration of the
Plugin. May someone help me with advices??? I would love to see my Request
Tracker linked to the Active Directory of the company.
My Operational Systems are:
Request Tracker 4.2.2 - Ubuntu 13.10
Active Directory - Windows 2008 Server
Well after trying to figure out how the Plugin Works I wanted to make sure my
Active Directory was acessible and the Bind account was working. So I check
with the command:
ldapsearch -x -h pdcsti.stitelecom.local -p 389 -D
cn=rt-ldap,cn=Users,dc=stitelecom,dc=local -w secret -s sub -b
'cn=Users,dc=stitelecom,dc=local' ((objectClass=*))
When I do it the output is a loto f Users, Groups and other objects from the
AD. So I suppose the AD is ready right??
Follow the RT part...
+In the /var/log/apache2/error.log++
[4638] [Thu Feb 6 14:41:01 2014] [info]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: ,
EmailAddress: r...@stitelecom.com.br, ExternalAuthId: rtop, Gecos: rtop, Name:
rtop, Privileged: , RealName:
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:685)
[4638] [Thu Feb 6 14:41:01 2014] [info]: Autocreated external user rtop ( 118
)
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:281)
[4638] [Thu Feb 6 14:41:01 2014] [info]: My_LDAP AUTH FAILED rtop (can't bind:
LDAP_INVALID_CREDENTIALS 49 )
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:227)
[4638] [Thu Feb 6 14:41:01 2014] [error]: FAILED LOGIN for rtop from
10.10.1.137 (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:814)
++ In the RT_Siteconfig.pm: +++
Plugin( RT::Authen::ExternalAuth );
Set($ExternalAuthPriority, [ 'My_LDAP' ] );
Set($ExternalInfoPriority, [ 'My_LDAP' ] );
Set($AutoCreateNonExternalUsers,0);
Set($ExternalSettings, {
'My_LDAP' = {
'type' = 'ldap',
'server'= 'pdcsti.stitelecom.local',
'user' =
'cn=rt-ldap,cn=Users,dc=stitelecom,dc=local',
'pass' = 'secret',
'base' = 'dc=stitelecom,dc=local',
'filter'= '(objectclass=*)',
'group' =
'cn=RTUsers,ou=RT4,ou=STI,dc=stitelecom,dc=local',
'group_attr'= 'uniqueMember',
'tls' = 0,
'ssl_version' = 3,
'net_ldap_args' = [version = 3 ],
'attr_match_list' = [
'Name',
'EmailAddress',
],
'attr_map' = {
'Name' = 'sAMAccountName',
'EmailAddress' = 'mail',
'ExternalAuthId' = 'sAMAccountName',
},
},
} );
1;
THANK YOU IN ADVANCE!
[Diego2013]
inline: image002.jpg
[rt-users] RES: Looking for info on apache2 configuration rt-4.2.2
If you following the Marc's guide for Ubuntu 13.10 on Ubuntu 12.10 as he states in the comments you can follow the edits he did for the Debian 7.2. Give a look http://binarynature.blogspot.com.br/2013/10/install-request-tracker-4-on-ubuntu-server.html Rgds, Diego Andrade. De: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] Em nome de john boris Enviada em: quinta-feira, 6 de fevereiro de 2014 15:23 Para: rt-users@lists.bestpractical.com Assunto: [rt-users] Looking for info on apache2 configuration rt-4.2.2 I am at the next step of installing rt-4.2.2 on Ubuntu 12.10. (I had a working 3.6 RT install on a Fedora Server which is on life support at the moment and have to make this move) The install went fine except for some issues with PERL modules I resolved but now I am at the web configuration spot. I am new to the configuration of the apache2 server with its multiple file configuration. Although it explains a lot in the web-deployment.pod it lacks telling you which configuration file to use. I am looking for a HOW-TO for this or someone who has done this that can tell me which file the directives go. This server will only host an RT instance and nothing else.The web server is working but only for the It Works! page. TIA. -- John J. Boris, Sr. Online Services www.onlinesvc.comhttp://www.onlinesvc.com
[rt-users] RES: RT4.2.1 + Fetchmail + Office365 - MDA returned nonzero status 75
Thank you. I have found that I was setting https:// address to the MDA I switch to http:// and it worked well! -Mensagem original- De: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] Em nome de Kevin Falcone Enviada em: quarta-feira, 15 de janeiro de 2014 14:05 Para: rt-users@lists.bestpractical.com Assunto: Re: [rt-users] RT4.2.1 + Fetchmail + Office365 - MDA returned nonzero status 75 On Fri, Jan 10, 2014 at 07:53:57PM +, Diego Andrade wrote: I recently changed of company and was asked to set a request system. Off course I'm setting up RT4. Problem is that in this new job they use Office365 as the Mail Server. So I tryied something new to me that is the use of the Fetchmail to retrieve from the server and then deliver to RT using the mail Gateway. The problem is the MDA is returning code 75. I was looking in the history of the mailing list and other doccuments and this code is refered for several problems. None of them seems to relate with my config. May you please give a look at mail fetchmail config and LOG to tell me any ideia of what could be wrong? Thank you in advance! You've shown fetchmail logs, but this message: Jan 10 17:11:39 SRV-RT fetchmail[29469]: MDA returned nonzero status 75 Is coming back from RT. Go read the RT logs, most likely your apache logs. On a 4.2 install, RT will tell you what logs you have enabled on the System Configuration page. -kevin
[rt-users] RES: Using Fetchmail to pipe mail into RT.
I have recently set a similar scenario and its working well... I use Ubuntu with Postfix for relay mail to Office365 and Fetchmail for retrieving the mail. The tip I can give you is, to be able to open tickets by mail without users registered in RT you shall give Create Ticket and Respond to Ticket for everyone group in the RT interface. Question: at --url https://localhost/ --is that supposed to be the FQDN or leave it as localhost? I used the FQDN and its working well. Even in my first stage test enviroment I used it by seting the hostname in the /etc/hosts file. I can fetch email's from an external email server (Gmail) with success using fetchmail. However, nothing is appearing in the queue's on the RT site. The queue's name is the same name in the ./fetchmailrc config which is 'general'. The tip I can give you is, to be able to open tickets by mail without users registered in RT you shall give Create Ticket and Respond to Ticket for everyone group in the RT interface. I struggled for days with the problem that I set apache to redirect HTTP request to HTTPS... so the Mailgateway didnt work. When I reconfigured apache to use HTTP too it worked well. What you should do is to set verbose in the fetchmailrc and post the log here... with the fetchmail configuration also... would be easier to help you. De: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] Em nome de Joshua Riden Enviada em: segunda-feira, 13 de janeiro de 2014 18:34 Para: rt-users@lists.bestpractical.com Assunto: [rt-users] Using Fetchmail to pipe mail into RT. Hi, I am installing Request Tracker 4.2 on CentOS 6.5 with Perl, Apache, and MySQL. I am using Fetchmail as the MDA, and Postfix as the MTA. Google apps is being used as our main email system. So far I have resolved all dependencies and initialized the database and got the website going. I can log on as root and navigate the RT site just fine from another workstation. I had to follow the official documentation and do some wiki reading and intensive googling to get me where I am at now. I need some clear cut instructions on how to successfully pipe emails into RT. Is the /etc/aliases list required? Or can I just use ./fetchmailrc by itself? /etc/default/fetchmail is not created by default. How can I manually pipe emails into my RT instance? What syntax would I use for that? I googled around and could not find anything about that. Here is what my fetchmailrc configuration file looks like.. set daemon 30; poll pop.gmail.comhttp://pop.gmail.com proto pop3 username jri...@cmhshare.orgmailto:jri...@cmhshare.org password mypassword mda /usr/bin/perl /opt/rt4/bin/rt-mailgate --url https://localhost/ \ --queue general --action correspond keep ssl Question: at --url https://localhost/ --is that supposed to be the FQDN or leave it as localhost? I can fetch email's from an external email server (Gmail) with success using fetchmail. However, nothing is appearing in the queue's on the RT site. The queue's name is the same name in the ./fetchmailrc config which is 'general'. I have viewed all the official documentation on the Best Practical site as well as the wiki and still no luck. I have been battling to get the email part working for 4 days now. If you need any extra information I will be happy to provide it. Thanks in advance and I look forward to your assistance. -- Joshua Riden Operations Support Technician Information Services Comprehensive Life Resources Email: jri...@cmhshare.orgmailto:jri...@cmhshare.org Desk: x5844 Mobile: (253) 355-9877
[rt-users] RT4.2.1 + Fetchmail + Office365 - MDA returned nonzero status 75
[29469]: IMAP A0003 SELECT INBOX
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP * 2 EXISTS
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP * 0 RECENT
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP * FLAGS (\Seen \Answered
\Flagged \Deleted \Draft $MDNSent)
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP * OK [PERMANENTFLAGS (\Seen
\Answered \Flagged \Deleted \Draft $MDNSent)] Permanent flags
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP * OK [UNSEEN 1] Is the first
unseen message
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP * OK [UIDVALIDITY 438244]
UIDVALIDITY value
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP * OK [UIDNEXT 6] The next unique
identifier value
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP A0003 OK [READ-WRITE] SELECT
completed.
Jan 10 17:11:36 SRV-RT fetchmail[29469]: 2 messages waiting after first poll
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP A0004 EXPUNGE
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP * 2 EXISTS
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP A0004 OK EXPUNGE completed.
Jan 10 17:11:36 SRV-RT fetchmail[29469]: 2 messages waiting after expunge
Jan 10 17:11:36 SRV-RT fetchmail[29469]: IMAP A0005 SEARCH UNSEEN
Jan 10 17:11:37 SRV-RT fetchmail[29469]: IMAP * SEARCH 1 2
Jan 10 17:11:37 SRV-RT fetchmail[29469]: 1 is unseen
Jan 10 17:11:37 SRV-RT fetchmail[29469]: 2 is unseen
Jan 10 17:11:37 SRV-RT fetchmail[29469]: IMAP A0005 OK SEARCH completed.
Jan 10 17:11:37 SRV-RT fetchmail[29469]: 1 is first unseen
Jan 10 17:11:37 SRV-RT fetchmail[29469]: 2 messages for
r...@stitelecom.com.brmailto:r...@stitelecom.com.br at pod51028.outlook.com.
Jan 10 17:11:37 SRV-RT fetchmail[29469]: IMAP A0006 FETCH 1:2 RFC822.SIZE
Jan 10 17:11:37 SRV-RT fetchmail[29469]: IMAP * 1 FETCH (RFC822.SIZE 13678)
Jan 10 17:11:37 SRV-RT fetchmail[29469]: IMAP * 2 FETCH (RFC822.SIZE 14699)
Jan 10 17:11:37 SRV-RT fetchmail[29469]: IMAP A0006 OK FETCH completed.
Jan 10 17:11:37 SRV-RT fetchmail[29469]: IMAP A0007 FETCH 1 RFC822.HEADER
Jan 10 17:11:37 SRV-RT fetchmail[29469]: IMAP * 1 FETCH (RFC822.HEADER {1326}
Jan 10 17:11:37 SRV-RT fetchmail[29469]: reading message
r...@stitelecom.com.br@pod51028.outlook.com:1mailto:r...@stitelecom.com.br@pod51028.outlook.com:1
of 2 (1326 header octets)About to rewrite From: Diego Andrade
diego.andr...@stitelecom.com.brmailto:diego.andr...@stitelecom.com.br...#012...rewritten
version is From: Diego Andrade
diego.andr...@stitelecom.com.brmailto:diego.andr...@stitelecom.com.br.
Jan 10 17:11:37 SRV-RT fetchmail[29469]: About to rewrite To: RT
r...@stitelecom.onmicrosoft.commailto:r...@stitelecom.onmicrosoft.com...#012...rewritten
version is To: RT
r...@stitelecom.onmicrosoft.commailto:r...@stitelecom.onmicrosoft.com.
Jan 10 17:11:37 SRV-RT fetchmail[29469]: about to deliver with:
/opt/rt4/bin/rt-mailgate --url https://rt.stitelecom.local --queue General
--action correspond --verbose
Jan 10 17:11:37 SRV-RT fetchmail[29469]: IMAP )
Jan 10 17:11:38 SRV-RT fetchmail[29469]: IMAP A0007 OK FETCH completed.
Jan 10 17:11:38 SRV-RT fetchmail[29469]: IMAP A0008 FETCH 1 BODY.PEEK[TEXT]
Jan 10 17:11:38 SRV-RT fetchmail[29469]: IMAP * 1 FETCH (BODY[TEXT] {17211}
Jan 10 17:11:38 SRV-RT fetchmail[29469]: (17211 body octets) (log message
incomplete)
Jan 10 17:11:38 SRV-RT fetchmail[29469]: IMAP )
Jan 10 17:11:38 SRV-RT fetchmail[29469]: IMAP A0008 OK FETCH completed.
Jan 10 17:11:38 SRV-RT fetchmail[29469]: message
r...@stitelecom.com.br@pod51028.outlook.com:1mailto:r...@stitelecom.com.br@pod51028.outlook.com:1
was not the expected length (18537 actual != 13678 expected)
Jan 10 17:11:39 SRV-RT fetchmail[29469]: MDA returned nonzero status 75
Jan 10 17:11:39 SRV-RT fetchmail[29469]: not flushed
Jan 10 17:11:39 SRV-RT fetchmail[29469]: IMAP A0009 FETCH 2 RFC822.HEADER
Jan 10 17:11:39 SRV-RT fetchmail[29469]: IMAP * 2 FETCH (RFC822.HEADER {1337}
Jan 10 17:11:39 SRV-RT fetchmail[29469]: reading message
r...@stitelecom.com.br@pod51028.outlook.com:2mailto:r...@stitelecom.com.br@pod51028.outlook.com:2
of 2 (1337 header octets)About to rewrite From: Diego Andrade
diego.andr...@stitelecom.com.brmailto:diego.andr...@stitelecom.com.br...#012...rewritten
version is From: Diego Andrade
diego.andr...@stitelecom.com.brmailto:diego.andr...@stitelecom.com.br.
Jan 10 17:11:39 SRV-RT fetchmail[29469]: About to rewrite To: RT
r...@stitelecom.onmicrosoft.commailto:r...@stitelecom.onmicrosoft.com...#012...rewritten
version is To: RT
r...@stitelecom.onmicrosoft.commailto:r...@stitelecom.onmicrosoft.com.
Jan 10 17:11:39 SRV-RT fetchmail[29469]: about to deliver with:
/opt/rt4/bin/rt-mailgate --url https://rt.stitelecom.local --queue General
--action correspond --verbose
Jan 10 17:11:39 SRV-RT fetchmail[29469]: IMAP )
Jan 10 17:11:39 SRV-RT fetchmail[29469]: IMAP A0009 OK FETCH completed.
Jan 10 17:11:39 SRV-RT fetchmail[29469]: IMAP A0010 FETCH 2 BODY.PEEK[TEXT]
Jan 10 17:11:39 SRV-RT fetchmail[29469]: IMAP * 2 FETCH (BODY[TEXT] {17856}
Jan 10 17:11:39 SRV-RT fetchmail[29469]: (17856 body
