Re: [rt-users] [rt-announce] RT 4.2.5 released (was: RT 4.2.4 released)
I have tried the upgrade from 4.2.3 to 4.2.5. Still the same problem: The RT at a glance page starts up with an empty body. I see the menus and the bar with the title and the new ticket button. Nothing else below that. I have narrowed down the problem to /share/html/Elements/MyRT. If I replace the file after the upgrade with the file from 4.2.3, clear the mason cache and restart the server it all is back to normal. Thus, I would say the problem lies somewhere in these changes: $ diff rt-4.2.{3,5}/share/html/Elements/MyRT 69c69 $Portlets ||= $session{'my_rt_portlets'}; --- $Portlets ||= $user-Preferences('HomepageSettings'); 71,74c71,72 my ($default_portlets) = RT::System-new($session{'CurrentUser'})-Attributes-Named('HomepageSettings'); $Portlets = $session{'my_rt_portlets'} = $user-Preferences( HomepageSettings = $default_portlets? $default_portlets-Content: {}, ); --- my ($defaults) = RT::System-new($session{'CurrentUser'})-Attributes-Named('HomepageSettings'); $Portlets = $defaults ? $defaults-Content : {}; -Gerald On 23.05.14 07:02, Gerald Vogt wrote: Does anyone have an idea what caused this and how to fix it? -Gerald On 15.05.14 07:10, Gerald Vogt wrote: On 14.05.2014 22:03, Alex Vandiver wrote: On 05/14/2014 02:36 AM, Gerald Vogt wrote: I have upgraded from 4.2.3 to 4.2.4 and after the upgrade users only see an empty rt at a glace page after log in. Have you customized your homepage from the global default? Did all I have changed the global RT at a glance, if that's what you mean by home page. users have this problem? Was there anything in the error logs when I can't tell about other users but I saw it with my account and the root account. users logged in? apache error logs look normal. If I check the rt at a glance settings in the Logged in menu I can see that everything has been cleared out. It was O.K. in 4.2.3. By this, I presume you mean /Prefs/MyRT.html ? Did it offer the Exactly. expected list under Available? Yes. Everything is in the Available list and I am able to reconfigure the page or even do a Reset to default and it gets populated with the normal entries. After I save the RT at a glance page is back to normal again.. Can you navigate to Admin → Tools → System Configuration and show the value of HomepageSettings found under Global attributes? HomepageSettings { 'body' = [ { 'name' = 'My Tickets', 'type' = 'system' }, { 'name' = 'Unowned Tickets', 'type' = 'system' }, { 'name' = 'Tickets I have created', 'type' = 'system' }, { 'name' = 'QuickCreate', 'type' = 'component' } ], 'sidebar' = [ { 'name' = 'MyReminders', 'type' = 'component' }, { 'name' = 'Quicksearch', 'type' = 'component' }, { 'name' = 'RefreshHomepage', 'type' = 'component' } ] } -Gerald -- RT Training - Boston, September 9-10 http://bestpractical.com/training
[rt-users] rt-crontool oddity
Hi! I have set up a cron job to notify a group of users of unassigned tickets like this: /usr/local/rt4/bin/rt-crontool --search RT::Search::FromSQL --search-arg 'Queue = Server and Owner = Nobody and ( Status = new or Status = open or Status = stalled )' --action RT::Action::NotifyGroup --action-arg Server Owners --transaction first --template Unassigned Ticket Reminder The template is: Subject:Ticket {$Ticket-Subject} is still unassigned {$Transaction-CreatedAsString}: Request {$Ticket-id} is still unassigned. Transaction: {$Transaction-Description} Queue: {$Ticket-QueueObj-Name} Subject: {$Transaction-Subject || $Ticket-Subject || (No subject given)} Owner: {$Ticket-OwnerObj-Name} Requestors: {$Ticket-RequestorAddresses} Status: {$Ticket-Status} Ticket URL: {RT-Config-Get('WebURL')}Ticket/Display.html?id={$Ticket-id} {$Transaction-Content()} This works fine as long as it is only a single ticket matching. If multiple tickets are unassigned, e.g. 4 unassigned tickets, I get four e-mails but it's always for the same ticket with variation of the subject. One Mail is correct: Subject: [RT #1234] Ticket Test 1 is still unassigned Thu May 22 07:15:34 2014: Request 1234 is still unassigned. ... The others look like this: Subject: [RT #1235][RT #1234] Ticket Test 1 is still unassigned Thu May 22 07:15:34 2014: Request 1234 is still unassigned. ... and this: Subject: [RT #1236][RT #1235][RT #1234] Ticket Test 1 is still unassigned Thu May 22 07:15:34 2014: Request 1234 is still unassigned. ... So it's always the same e-mail body for the first ticket and the subject gets added RT tags. How do I get this working properly? Thanks, Gerald -- RT Training - Boston, September 9-10 http://bestpractical.com/training
Re: [rt-users] rt-crontool oddity
On 23.05.14 16:36, Alex Vandiver wrote: On 05/23/2014 03:21 AM, Gerald Vogt wrote: If multiple tickets are unassigned, e.g. 4 unassigned tickets, I get four e-mails but it's always for the same ticket with variation of the subject. This is bug #29454 on issues.bestpractical.com, and is fixed in the 4.2/cron-template-caching branch. - Alex I have applied the changes of 4.2/cron-template-caching to my 4.2.3 installation and all e-mails sent are looking good. Thanks. -Gerald -- RT Training - Boston, September 9-10 http://bestpractical.com/training
Re: [rt-users] [rt-announce] RT 4.2.4 released
Does anyone have an idea what caused this and how to fix it? -Gerald On 15.05.14 07:10, Gerald Vogt wrote: On 14.05.2014 22:03, Alex Vandiver wrote: On 05/14/2014 02:36 AM, Gerald Vogt wrote: I have upgraded from 4.2.3 to 4.2.4 and after the upgrade users only see an empty rt at a glace page after log in. Have you customized your homepage from the global default? Did all I have changed the global RT at a glance, if that's what you mean by home page. users have this problem? Was there anything in the error logs when I can't tell about other users but I saw it with my account and the root account. users logged in? apache error logs look normal. If I check the rt at a glance settings in the Logged in menu I can see that everything has been cleared out. It was O.K. in 4.2.3. By this, I presume you mean /Prefs/MyRT.html ? Did it offer the Exactly. expected list under Available? Yes. Everything is in the Available list and I am able to reconfigure the page or even do a Reset to default and it gets populated with the normal entries. After I save the RT at a glance page is back to normal again.. Can you navigate to Admin → Tools → System Configuration and show the value of HomepageSettings found under Global attributes? HomepageSettings { 'body' = [ { 'name' = 'My Tickets', 'type' = 'system' }, { 'name' = 'Unowned Tickets', 'type' = 'system' }, { 'name' = 'Tickets I have created', 'type' = 'system' }, { 'name' = 'QuickCreate', 'type' = 'component' } ], 'sidebar' = [ { 'name' = 'MyReminders', 'type' = 'component' }, { 'name' = 'Quicksearch', 'type' = 'component' }, { 'name' = 'RefreshHomepage', 'type' = 'component' } ] } -Gerald -- RT Training - Boston, September 9-10 http://bestpractical.com/training
Re: [rt-users] [rt-announce] RT 4.2.4 released
I have upgraded from 4.2.3 to 4.2.4 and after the upgrade users only see an empty rt at a glace page after log in. If I check the rt at a glance settings in the Logged in menu I can see that everything has been cleared out. It was O.K. in 4.2.3. So basically, the 4.2.4 upgrade seem to have cleared out the rt at a glance configuration for users leaving an empty page after log in... The database upgrade didn't show any errors. I have tried the upgrade twice and it happens each time. So now I am back with 4.2.3. -Gerald -- RT Training - Dallas May 20-21 http://bestpractical.com/training
Re: [rt-users] [rt-announce] RT 4.2.4 released
On 14.05.2014 22:03, Alex Vandiver wrote: On 05/14/2014 02:36 AM, Gerald Vogt wrote: I have upgraded from 4.2.3 to 4.2.4 and after the upgrade users only see an empty rt at a glace page after log in. Have you customized your homepage from the global default? Did all I have changed the global RT at a glance, if that's what you mean by home page. users have this problem? Was there anything in the error logs when I can't tell about other users but I saw it with my account and the root account. users logged in? apache error logs look normal. If I check the rt at a glance settings in the Logged in menu I can see that everything has been cleared out. It was O.K. in 4.2.3. By this, I presume you mean /Prefs/MyRT.html ? Did it offer the Exactly. expected list under Available? Yes. Everything is in the Available list and I am able to reconfigure the page or even do a Reset to default and it gets populated with the normal entries. After I save the RT at a glance page is back to normal again.. Can you navigate to Admin → Tools → System Configuration and show the value of HomepageSettings found under Global attributes? HomepageSettings { 'body' = [ { 'name' = 'My Tickets', 'type' = 'system' }, { 'name' = 'Unowned Tickets', 'type' = 'system' }, { 'name' = 'Tickets I have created', 'type' = 'system' }, { 'name' = 'QuickCreate', 'type' = 'component' } ], 'sidebar' = [ { 'name' = 'MyReminders', 'type' = 'component' }, { 'name' = 'Quicksearch', 'type' = 'component' }, { 'name' = 'RefreshHomepage', 'type' = 'component' } ] } -Gerald -- RT Training - Dallas May 20-21 http://bestpractical.com/training
Re: [rt-users] RT Cron Ticket Creation
On 16.04.2014 11:48, tcamish wrote: /opt/rt3/bin/rt create -t ticket \ set subject='Ticket Subject Here' \ set priority=10 \ set queue='Queue Name Here' \ set CF-'Priority'='Priority Level Here' \ set text='Ticket Body Text Here.' \ set CF-'Custom Field 1'='Value 1 \ set CF-'Custom Field 2'='Value 2 ... Does anyone have any ideas as to why this wont work? You mix ' and in the last two lines... -Gerald -- RT Training - Dallas May 20-21 http://bestpractical.com/training
Re: [rt-users] Some external users not being AutoCreate'd
On 10.02.2014 09:29, Mathew Snyder wrote: A user who sends in an email for the first time should generate an unprivileged account which sets the username as the email address. It doesn't exist so it should be created. The user has been created with e-mail address u...@example.com mapping to user name user. Now the user sends e-mail from e-mail address user.exam...@gmail.com which you map to the same user user with LDAP. That's not supported. That would mean the same LDAP user has two e-mail addresses. You match users in LDAP using either of these attributes: 'attr_match_list' = [ 'Name', 'EmailAddress', 'RealName', ], If you don't have the gmail address in LDAP then it's probably the real name which matches. With your configuration you can only have one RT account for each real name. Thus if there is another Mathew Snyder with a different e-mail address it gets rejected because again. You don't want RealName in attr_match_list unless you are sure that each real name will only match to a single person with a single e-mail address. -Gerald On Feb 9, 2014 9:09 PM, Gerald Vogt v...@spamcop.net mailto:v...@spamcop.net wrote: On 10.02.2014 06:46, Mathew Snyder wrote: ... [15816] [Fri Feb 7 05:29:01 2014] [debug]: Going to create user with address 'user.exam...@gmail.com mailto:user.exam...@gmail.com mailto:user.exam...@gmail.com mailto:user.exam...@gmail.com' (/opt/rt4/sbin/../lib/RT/Interface/Email/Auth/MailFrom.pm:100) ... [15816] [Fri Feb 7 05:29:01 2014] [info]: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments: Autocreated on ticket submission, Disabled: , EmailAddress: u...@example.com mailto:u...@example.com mailto:u...@example.com mailto:u...@example.com, Name: user, Password: , Privileged: , RealName: User Example (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:685) If these logs are correct then the user has two or more email addresses in LDAP and u...@example.com mailto:u...@example.com is already in the RT database. The user sends from the second address user.exam...@gmail.com mailto:user.exam...@gmail.com. This is not supported (yet). Users with multiple email addresses in LDAP are not supported (even though some docs say otherwise). We have just discussed this recently. See this thread: http://lists.bestpractical.com/pipermail/rt-users/2014-January/082549.html The user must use the email address in the RT database. Mails from any other email address in LDAP is rejected because the user already exists in the RT database. You may try to manually create a second RT user with the second email address and then use the MergeUser extension to merge the accounts. -Gerald
Re: [rt-users] Some external users not being AutoCreate'd
On 10.02.2014 22:12, Mathew Snyder wrote: I asked the person that is doing most of the grunt work to look into this. Rather than comment out the RealName setting under attr_match_list he commented it out under attr_map. This seems to have ad the same If you do that RT won't set the real name from LDAP into the RT database. You won't see the real name unless the user sets it in preferences. The attr_map synchronizes data from LDAP into the RT database... effect as it no longer creates a second account with the same real name as another that is in LDAP. I'm not entirely sure why RT should care about a person's actual name. It doesn't. You have configured it this way. You made RT care about the real name. The username is really all that is relevant. This seems to be a failure on the designers part, as far as I'm concerned. It's in the documentation. You have to match the users in LDAP to the RT database somehow. You have to configure that. Not everyone wants to use the username. Some people use the email address. You have to configure it. You get what you configure. Gerald
Re: [rt-users] Some external users not being AutoCreate'd
On 10.02.2014 06:46, Mathew Snyder wrote: ... [15816] [Fri Feb 7 05:29:01 2014] [debug]: Going to create user with address 'user.exam...@gmail.com mailto:user.exam...@gmail.com' (/opt/rt4/sbin/../lib/RT/Interface/Email/Auth/MailFrom.pm:100) ... [15816] [Fri Feb 7 05:29:01 2014] [info]: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments: Autocreated on ticket submission, Disabled: , EmailAddress: u...@example.com mailto:u...@example.com, Name: user, Password: , Privileged: , RealName: User Example (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:685) If these logs are correct then the user has two or more email addresses in LDAP and u...@example.com is already in the RT database. The user sends from the second address user.exam...@gmail.com. This is not supported (yet). Users with multiple email addresses in LDAP are not supported (even though some docs say otherwise). We have just discussed this recently. See this thread: http://lists.bestpractical.com/pipermail/rt-users/2014-January/082549.html The user must use the email address in the RT database. Mails from any other email address in LDAP is rejected because the user already exists in the RT database. You may try to manually create a second RT user with the second email address and then use the MergeUser extension to merge the accounts. -Gerald
Re: [rt-users] RT 4.2.1 - ExternalAuth against LDAP server and users with multiple mail addresses
Hi Kevin, On 29.01.14 20:08, Kevin Falcone wrote: On Fri, Jan 24, 2014 at 07:54:06AM +0100, Gerald Vogt wrote: On 22.01.2014 11:57, Albert Shih wrote: Because event manually through the web interface I can create a ticket with « requestor » is the second email-address. I got a error. That's the same problem. Considering there is no positive feedback on my question and seeing the source code I am pretty sure this doesn't work and actually never did even though the docs in the ExternalAuth SiteConfig says it would work since 0.10. Looks like the developer who merged the docs didn't also merge the code needed. You can see more in the ticket I filed. https://rt.cpan.org/Public/Bug/Display.html?id=92381 The multiple-emails branch could use more testing, but is not up to date with current master. Are you sure the current source code of the extension is actually capable of doing this? I can see in the sourcecode of RT/Interface/Email/Auth/MailFrom.pm that tries to find the user for the sender e-mail address using LoadByEmail. LoadByEmail only checks the email address in the local database. If it doesn't find it there it tries to create a new user with that email address. To me it looks as if this extension will never work properly unless it modifies the LoadByEmail function to do a LDAP lookup if not found in the local database. And I don't see any indication anywhere in the multiple-emails branch of the extension to do anything like that. So I kind of doubt it's just some more testing to get this working... Gerald
Re: [rt-users] RT 4.2.1 - ExternalAuth against LDAP server and users with multiple mail addresses
On 22.01.2014 11:57, Albert Shih wrote: Because event manually through the web interface I can create a ticket with « requestor » is the second email-address. I got a error. That's the same problem. Considering there is no positive feedback on my question and seeing the source code I am pretty sure this doesn't work and actually never did even though the docs in the ExternalAuth SiteConfig says it would work since 0.10. I guess this is DIY... O.K. Just I have just noticed a new ticket on cpan: https://rt.cpan.org/Ticket/Display.html?id=92381 So basically, it's not yet supported. I am now trying to figure out what has been implemented on the multiple-emails branch to see if I can get it working... Gerald
Re: [rt-users] RT 4.2.1 - ExternalAuth against LDAP server and users with multiple mail addresses
Anyone knows whether this should work? Did see any answers till now... Is it possible for a user to use more than one sender e-mail address for the same account if all e-mail addresses are in the LDAP directory? I have found this in the RT_SiteConfig.pm file which comes with the ExternalAuth module: However, if a user with an existing RT account with EmailAddress set to the Cmail address, sent mail from Calias, it would still match. The user's EmailAddress in RT would remain the primary Cmail address. This feature is useful for LDAP configurations where users have a primary institutional email address, but might also use aliases from subdomains or other email services. This prevents RT from creating multiple accounts for the same person. It doesn't clearly say whether e-mails sent from the alias email address would be accepted or not. Thanks! Gerald On 18.01.2014 14:27, Gerald Vogt wrote: Hi! We use the ExternalAuth module to authenticate users against a LDAP directory. Some users have multiple e-mail addresses, i.e. multiple values for the LDAP mail attribute (e.g. g...@example.com and v...@example.com) Users can send e-mails to the RT server from the e-mail address which made it into the RT MySQL database without problems. (let's say v...@example.com works) However, if they send from a different e-mail address (i.e. g...@example.com) it fails with error Could not load a valid user. Documentations mentions it should work if the users has e-mail addresses from different attributes. But it doesn't say anything if there are multiple values for the same attribute. Browsing through the source code it looks to me as if RT first only checks against it internal database to find out whether a user with the sender address already exists, then tries to create a new user for the address only to find that the user name matching in LDAP to this e-mail address already exists in the internal database. Is this not possible or am I missing something here? Thanks! Logs show this: Jan 17 13:57:56 rt4 RT: [5002] The RTAddressRegexp option is not set in the config. Not setting this option results in additional SQL queries to check whether each address belongs to RT or not. It is especially important to set this option if RT recieves emails on addresses that are not in the database or config. (/usr/local/rt4/sbin/../lib/RT/Config.pm:485) Jan 17 13:57:57 rt4 RT: [5007] Encode::Guess guessed encoding: ascii (/usr/local/rt4/sbin/../lib/RT/I18N.pm:595) Jan 17 13:57:57 rt4 RT: [5007] Encode::Guess guessed encoding: ascii (/usr/local/rt4/sbin/../lib/RT/I18N.pm:595) Jan 17 13:57:57 rt4 RT: [5007] Converting 'ascii' to 'utf-8' for text/plain - test (/usr/local/rt4/sbin/../lib/RT/I18N.pm:295) Jan 17 13:57:57 rt4 RT: [5007] Going to create user with address 'g...@example.com' (/usr/local/rt4/sbin/../lib/RT/Interface/Email/Auth/MailFrom.pm:100) Jan 17 13:57:57 rt4 RT: [5007] RT::Authen::ExternalAuth::CanonicalizeUserInfo called by RT::Authen::ExternalAuth /usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 702 with: Comments: Autocreated on ticket submission, Disabled: , EmailAddress: g...@example.com, Name: g...@example.com, Password: , Privileged: , RealName: (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:599) Jan 17 13:57:57 rt4 RT: [5007] Attempting to get user info using this external service: LDAP (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:607) Jan 17 13:57:57 rt4 RT: [5007] Attempting to use this canonicalization key: Name (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:621) Jan 17 13:57:57 rt4 RT: [5007] LDAP Search === Base: ou=people,o=ldap,o=root == Filter: ((objectclass=*)(uid=g...@example.com)) == Attrs: l,gecos,st,mail,gecos,co,streetAddress,postalCode,telephoneNumber,uid,physicalDeliveryOfficeName,uid (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357) Jan 17 13:57:57 rt4 RT: [5007] Attempting to use this canonicalization key: EmailAddress (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:621) Jan 17 13:57:57 rt4 RT: [5007] LDAP Search === Base: ou=people,o=ldap,o=root == Filter: ((objectclass=*)(mail=g...@example.com)) == Attrs: l,gecos,st,mail,gecos,co,streetAddress,postalCode,telephoneNumber,uid,physicalDeliveryOfficeName,uid (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357) Jan 17 13:57:57 rt4 RT: [5007] RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Address1: , City: , Comments: Autocreated on ticket submission, Country: , Disabled: , EmailAddress: v...@example.com, ExternalAuthId: vogt, Gecos: Gerald Vogt, Name: vogt, Organization: , Password: , Privileged: , RealName: Gerald Vogt, State: , WorkPhone: , Zip: Jan 17 13:57:57 rt4 RT: [5007] Use of uninitialized
Re: [rt-users] RT 4.2.1 - ExternalAuth against LDAP server and users with multiple mail addresses
On 21.01.14 20:29, Kevin Falcone wrote: It doesn't clearly say whether e-mails sent from the alias email address would be accepted or not. I'm glad you found the example config. The key is the first sentence you quote. RT will look up against alias and treat it as though they sent from their primary email address. Then why doesn't this happen when it has two or more values set for the mail attribute? When RT receives an e-mail I don't see any access to the LDAP server at first. It searches the sender address in the internal database. Doesn't find it. Then wants to create a new user. And only then it checks against the LDAP database and finds that the user with that uid (which maps to the Name column in the RT database) exists and refuses to create this user. Why doesn't this work and does this reject e-mails from that sender address? Thanks! Gerald
Re: [rt-users] RT 4.2.1 - ExternalAuth against LDAP server and users with multiple mail addresses
On 21.01.2014, at 21:33, Kevin Falcone falc...@bestpractical.com wrote: On Tue, Jan 21, 2014 at 08:49:49PM +0100, Gerald Vogt wrote: When RT receives an e-mail I don't see any access to the LDAP server at first. It searches the sender address in the internal database. Doesn't find it. Then wants to create a new user. And only then it checks against the LDAP database and finds that the user with that uid (which maps to the Name column in the RT database) exists and refuses to create this user. Why doesn't this work and does this reject e-mails from that sender address? You haven't provided your configuration or debug logs for the condition so any answers would be pure guesses. That was in my first email and fully quoted in my second. -Gerald
Re: [rt-users] RT 4.2.1 - ExternalAuth against LDAP server and users with multiple mail addresses
I have tested the ExternalAuth module with the suggested configuration of two different attributes for EmailAddress as suggested in the configuration file: 'attr_map' = { 'Name' = 'uid', 'EmailAddress' = [ 'mail', 'mailAlternateAddress' ], This won't work at all: the call of postfix to rt-mailgateway fails: (temporary failure. Command output: RT server error. The RT server which handled your email did not behave as expected. It said: Can't call method as_string on an undefined value at /usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm line 357. Stack: [/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357] [/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:655] [/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:702] [/usr/local/rt4/sbin/../lib/RT/User.pm:143] [/usr/local/rt4/sbin/../lib/RT/Interface/Email.pm:838] [/usr/local/rt4/sbin/../lib/RT/Interface/Email/Auth/MailFrom.pm:178] [/usr/local/rt4/sbin/../lib/RT/Interface/Email.pm:1531] [/usr/local/rt4/sbin/../lib/RT/Interface/Email.pm:1345] [/usr/local/rt4/share/html/REST/1.0/NoAuth/mail-gateway:61]) This is because it passes the EmailAddress key as array to the function and tries to built the LDAP filter from that which results in a string like this: ((objectclass=*)(ARRAY(0xacc5d0)=g...@example.com)) And with that the following call to Net::LDAP::Filter-new will fail. I don't see how this should work with version 0.17 of ExternalAuth and RT4.2.2. Thanks! Gerald On 21.01.2014 22:43, Gerald Vogt wrote: On 21.01.2014, at 21:33, Kevin Falcone falc...@bestpractical.com wrote: On Tue, Jan 21, 2014 at 08:49:49PM +0100, Gerald Vogt wrote: When RT receives an e-mail I don't see any access to the LDAP server at first. It searches the sender address in the internal database. Doesn't find it. Then wants to create a new user. And only then it checks against the LDAP database and finds that the user with that uid (which maps to the Name column in the RT database) exists and refuses to create this user. Why doesn't this work and does this reject e-mails from that sender address? You haven't provided your configuration or debug logs for the condition so any answers would be pure guesses. That was in my first email and fully quoted in my second. -Gerald
[rt-users] RT 4.2.1 - ExternalAuth against LDAP server and users with multiple mail addresses
Hi! We use the ExternalAuth module to authenticate users against a LDAP directory. Some users have multiple e-mail addresses, i.e. multiple values for the LDAP mail attribute (e.g. g...@example.com and v...@example.com) Users can send e-mails to the RT server from the e-mail address which made it into the RT MySQL database without problems. (let's say v...@example.com works) However, if they send from a different e-mail address (i.e. g...@example.com) it fails with error Could not load a valid user. Documentations mentions it should work if the users has e-mail addresses from different attributes. But it doesn't say anything if there are multiple values for the same attribute. Browsing through the source code it looks to me as if RT first only checks against it internal database to find out whether a user with the sender address already exists, then tries to create a new user for the address only to find that the user name matching in LDAP to this e-mail address already exists in the internal database. Is this not possible or am I missing something here? Thanks! Logs show this: Jan 17 13:57:56 rt4 RT: [5002] The RTAddressRegexp option is not set in the config. Not setting this option results in additional SQL queries to check whether each address belongs to RT or not. It is especially important to set this option if RT recieves emails on addresses that are not in the database or config. (/usr/local/rt4/sbin/../lib/RT/Config.pm:485) Jan 17 13:57:57 rt4 RT: [5007] Encode::Guess guessed encoding: ascii (/usr/local/rt4/sbin/../lib/RT/I18N.pm:595) Jan 17 13:57:57 rt4 RT: [5007] Encode::Guess guessed encoding: ascii (/usr/local/rt4/sbin/../lib/RT/I18N.pm:595) Jan 17 13:57:57 rt4 RT: [5007] Converting 'ascii' to 'utf-8' for text/plain - test (/usr/local/rt4/sbin/../lib/RT/I18N.pm:295) Jan 17 13:57:57 rt4 RT: [5007] Going to create user with address 'g...@example.com' (/usr/local/rt4/sbin/../lib/RT/Interface/Email/Auth/MailFrom.pm:100) Jan 17 13:57:57 rt4 RT: [5007] RT::Authen::ExternalAuth::CanonicalizeUserInfo called by RT::Authen::ExternalAuth /usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 702 with: Comments: Autocreated on ticket submission, Disabled: , EmailAddress: g...@example.com, Name: g...@example.com, Password: , Privileged: , RealName: (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:599) Jan 17 13:57:57 rt4 RT: [5007] Attempting to get user info using this external service: LDAP (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:607) Jan 17 13:57:57 rt4 RT: [5007] Attempting to use this canonicalization key: Name (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:621) Jan 17 13:57:57 rt4 RT: [5007] LDAP Search === Base: ou=people,o=ldap,o=root == Filter: ((objectclass=*)(uid=g...@example.com)) == Attrs: l,gecos,st,mail,gecos,co,streetAddress,postalCode,telephoneNumber,uid,physicalDeliveryOfficeName,uid (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357) Jan 17 13:57:57 rt4 RT: [5007] Attempting to use this canonicalization key: EmailAddress (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:621) Jan 17 13:57:57 rt4 RT: [5007] LDAP Search === Base: ou=people,o=ldap,o=root == Filter: ((objectclass=*)(mail=g...@example.com)) == Attrs: l,gecos,st,mail,gecos,co,streetAddress,postalCode,telephoneNumber,uid,physicalDeliveryOfficeName,uid (/usr/local/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357) Jan 17 13:57:57 rt4 RT: [5007] RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Address1: , City: , Comments: Autocreated on ticket submission, Country: , Disabled: , EmailAddress: v...@example.com, ExternalAuthId: vogt, Gecos: Gerald Vogt, Name: vogt, Organization: , Password: , Privileged: , RealName: Gerald Vogt, State: , WorkPhone: , Zip: Jan 17 13:57:57 rt4 RT: [5007] Use of uninitialized value $Username in concatenation (.) or string at /usr/local/rt4/sbin/../lib/RT/Interface/Email.pm line 849. Jan 17 13:57:57 rt4 RT: [5007] create new user. username = , emailaddress = g...@example.com (/usr/local/rt4/sbin/../lib/RT/Interface/Email.pm:849) Jan 17 13:57:57 rt4 RT: [5007] Use of uninitialized value in concatenation (.) or string at /usr/local/rt4/sbin/../lib/RT/Interface/Email.pm line 859. Jan 17 13:57:57 rt4 RT: [5007] loadbyemail got (/usr/local/rt4/sbin/../lib/RT/Interface/Email.pm:859) Jan 17 13:57:57 rt4 RT: [5007] User could not be created: User creation failed in mailgateway: Name in use Jan 17 13:57:57 rt4 RT: [5007] Couldn't load user 'g...@example.com'.giving up Jan 17 13:57:57 rt4 RT: [5007] User could not be loaded: User 'g...@example.com' could not be loaded in the mail gateway Jan 17 13:57:57 rt4 RT: [5007] Could not load a valid user: RT could not load a valid user, and RT's configuration does not allow#012for the creation of a new user