Re: [rt-users] AD integration for external auth

2015-07-07 Thread John D Groenveld 
On Tue, Jul 7, 2015 at 4:50 PM, Yan Seiner y...@seiner.com wrote:
  I'm kicking this back to the list only.  I've been going round and round
 with this and I have some more information, but still not a solution.

 ldapsearch works:

Excellent and vital first crawl.

Next to stand up and walk:
Can you interrogate your LDAP with Net::LDAP?
URL:https://metacpan.org/pod/distribution/perl-ldap/lib/Net/LDAP.pod

ISTR having to pass some options when I last ran with RT's LDAP/AD
integration.

Happy hacking,
John
groenv...@acm.org

Re: [rt-users] Cron jobs generate output since 4.2.10

2015-03-11 Thread John D Groenveld 
In message 1426078619214-59741.p...@n7.nabble.com, fleon writes:
Hello, since upgrading RT to 4.2.10 i am getting mails regarding cron jobs:

URL:http://lists.bestpractical.com/pipermail/rt-users/2015-February/085473.html

John
groenv...@acm.org

Re: [rt-users] 4.2.0 diffs for Oracle 10gR2

2013-10-07 Thread John D Groenveld 
In message 20131007150925.ge1...@jibsheet.com, Kevin Falcone writes:
Are these diffs because you encountered errors or because it's cleaner
oracle syntax?

They error, not warn in 10G.

John
groenv...@acm.org


-- 
RT Training in New York, October 8th and 9th: http://bestpractical.com/training

[rt-users] 4.2.0 diffs for Oracle 10gR2

2013-10-05 Thread John D Groenveld 
Below are some small diffs.

BTW my SQL is rusty but why are you converting scrips.template
to a string when its a reference to templates.id?
John
groenv...@acm.org

--- etc/upgrade/4.1.1/schema.Oracle Sat Oct  5 15:05:15 2013
***
*** 11,17 
  LastUpdatedBy   NUMBER(11,0) DEFAULT 0 NOT NULL,
  LastUpdated DATE
  );
! ALTER TABLE Scrips ADD COLUMN Disabled int2 NOT NULL DEFAULT 0;

  INSERT INTO ObjectScrips(
  id, Scrip, Stage, ObjectId,
--- 11,17 
  LastUpdatedBy   NUMBER(11,0) DEFAULT 0 NOT NULL,
  LastUpdated DATE
  );
! ALTER TABLE Scrips ADD ( Disabled NUMBER(11,0) DEFAULT 0 NOT NULL );

  INSERT INTO ObjectScrips(
  id, Scrip, Stage, ObjectId,


--- etc/upgrade/4.1.5/schema.Oracle Sat Oct  5 15:49:16 2013
***
*** 1,5 
  # Template column
  ALTER TABLE Scrips RENAME COLUMN Template TO TemplateOld;
! ALTER TABLE Scrips ADD COLUMN Template VARCHAR2(200) NOT NULL;
! UPDATE TABLE Scrips SET Template = CAST(TemplateOld AS varchar2);
  ALTER TABLE Scrips DROP COLUMN TemplateOld;
--- 1,6 
  # Template column
  ALTER TABLE Scrips RENAME COLUMN Template TO TemplateOld;
! ALTER TABLE Scrips ADD ( Template VARCHAR2(200) );
! UPDATE Scrips SET Template = CAST(TemplateOld AS varchar2(200));
! ALTER TABLE Scrips MODIFY ( Template VARCHAR2(200) NOT NULL );
  ALTER TABLE Scrips DROP COLUMN TemplateOld;


--- etc/upgrade/4.1.22/schema.OracleSat Oct  5 15:34:26 2013
***
*** 1 
! ALTER TABLE Users ADD COLUMN SMIMECertificate CLOB;
--- 1 
! ALTER TABLE Users ADD ( SMIMECertificate CLOB );



-- 
RT Training in New York, October 8th and 9th: http://bestpractical.com/training

[rt-users] RT 4.2 warnings on upgrade from 4.0.16

2013-10-05 Thread John D Groenveld 
Below is my screenlog from upgrade-database.

The Oracle CREATE INDEX's are possibly worth the effort to DROP and
then CREATE, but the failed calls to RT's API are worrisome.

John
groenv...@acm.org

# 4.0.16

Going to apply following upgrades:
* 4.1.0
* 4.1.1
* 4.1.4
* 4.1.5
* 4.1.6
* 4.1.7
* 4.1.8
* 4.1.9
* 4.1.10
* 4.1.11
* 4.1.12
* 4.1.13
* 4.1.14
* 4.1.15
* 4.1.16
* 4.1.17
* 4.1.18
* 4.1.19
* 4.1.20
* 4.1.21
* 4.1.22
* 4.1.23

Enter RT version if you want to stop upgrade at some point,
  or leave it blank if you want apply above upgrades: 

IT'S VERY IMPORTANT TO BACK UP BEFORE THIS STEP

Proceed [y/N]:y
Processing 4.1.0
Now inserting data.
Processing 4.1.1
Now populating database schema.
Now inserting data.
Processing 4.1.4
Now populating database schema.
Now inserting data.
[4562] [Sat Oct  5 19:59:21 2013] [error]: Can't load role group AdminCc: 
Couldn't find row (./etc/upgrade/4.1.4/content:18)
[4562] [Sat Oct  5 19:59:21 2013] [error]: Can't load role group Cc: Couldn't 
find row (./etc/upgrade/4.1.4/content:18)
[4562] [Sat Oct  5 19:59:21 2013] [error]: Can't load role group Owner: 
Couldn't find row (./etc/upgrade/4.1.4/content:18)
[4562] [Sat Oct  5 19:59:21 2013] [error]: Can't load role group Requestor: 
Couldn't find row (./etc/upgrade/4.1.4/content:18)
Processing 4.1.5
Now populating database schema.
Now inserting data.
Processing 4.1.6
Now inserting data.
Processing 4.1.7
Now populating database schema.
Processing 4.1.8
Now populating database schema.
Processing 4.1.9
Now inserting data.
Processing 4.1.10
Now populating database schema.
Processing 4.1.11
Now populating database schema.
Processing 4.1.12
Now inserting data.
[4562] [Sat Oct  5 19:59:51 2013] [warning]: Use of uninitialized value in 
concatenation (.) or string at /tmp/rt-4.2.0/sbin/../lib/RT/Handle.pm line 
1052,  line 7. (/tmp/rt-4.2.0/sbin/../lib/RT/Handle.pm:1052)
[4562] [Sat Oct  5 19:59:51 2013] [warning]: Use of uninitialized value in 
concatenation (.) or string at /tmp/rt-4.2.0/sbin/../lib/RT/Handle.pm line 
1052,  line 7. (/tmp/rt-4.2.0/sbin/../lib/RT/Handle.pm:1052)
[4562] [Sat Oct  5 19:59:51 2013] [error]: Unable to load Group: GroupDomain = 
SystemInternal, GroupId = , Queue =  
(/tmp/rt-4.2.0/sbin/../lib/RT/Handle.pm:1052)
Processing 4.1.13
Now populating database schema.
Processing 4.1.14
Now populating database schema.
Processing 4.1.15
Now inserting data.
Processing 4.1.16
Now inserting data.
Processing 4.1.17
Now inserting data.
Processing 4.1.18
Now inserting data.
Processing 4.1.19
Now populating database schema.
Processing 4.1.20
Now inserting data.
Processing 4.1.21
Now inserting data.
Processing 4.1.22
Now populating database schema.
Now inserting data.
[4562] [Sat Oct  5 20:00:53 2013] [info]: Going to delete all SMIMEKeyNotAfter 
attributes (./etc/upgrade/4.1.22/content:61)
Processing 4.1.23
Now inserting database indexes.
[4562] [Sat Oct  5 20:00:54 2013] [warning]: Failed to create index (Domain, 
Type, Instance) on Groups (sql: CREATE INDEX groups1 ON Groups(LOWER(Domain), 
LOWER(Type), Instance)): ORA-00955: name is already used by an existing object 
(DBD ERROR: error possibly near * indicator at char 13 in 'CREATE INDEX 
*groups1 ON Groups(LOWER(Domain), LOWER(Type), Instance)') 
(etc/upgrade/4.1.23/indexes:20)
[4562] [Sat Oct  5 20:00:54 2013] [warning]: Failed to create index (Domain, 
Name, Instance) on Groups (sql: CREATE INDEX groups1 ON Groups(LOWER(Domain), 
LOWER(Name), Instance)): ORA-00955: name is already used by an existing object 
(DBD ERROR: error possibly near * indicator at char 13 in 'CREATE INDEX 
*groups1 ON Groups(LOWER(Domain), LOWER(Name), Instance)') 
(etc/upgrade/4.1.23/indexes:28)
[4562] [Sat Oct  5 20:00:54 2013] [warning]: Failed to create index (Instance) 
on Groups (sql: CREATE INDEX groups1 ON Groups(Instance)): ORA-00955: name is 
already used by an existing object (DBD ERROR: error possibly near * 
indicator at char 13 in 'CREATE INDEX *groups1 ON Groups(Instance)') 
(etc/upgrade/4.1.23/indexes:35)
[4562] [Sat Oct  5 20:00:54 2013] [warning]: Failed to create unique index 
(Name) on Queues (sql: CREATE UNIQUE INDEX queues1 ON Queues(LOWER(Name))): 
ORA-00955: name is already used by an existing object (DBD ERROR: error 
possibly near * indicator at char 20 in 'CREATE UNIQUE INDEX *queues1 ON 
Queues(LOWER(Name))') (etc/upgrade/4.1.23/indexes:124)
[4562] [Sat Oct  5 20:00:54 2013] [warning]: Failed to create unique index 
(Name) on Users (sql: CREATE UNIQUE INDEX users1 ON Users(LOWER(Name))): 
ORA-01408: such column list already indexed (DBD ERROR: error possibly near * 
indicator at char 36 in 'CREATE UNIQUE INDEX users1 ON Users(*LOWER(Name))') 
(etc/upgrade/4.1.23/indexes:124)
[4562] [Sat Oct  5 20:00:54 2013] [warning]: Failed to create index (MemberId, 
ImmediateParentId) on CachedGroupMembers (sql: CREATE INDEX cachedgroupmembers1 
ON CachedGroupMembers(MemberId, ImmediateParentId)): ORA-01408: such column 
list already indexed (DBD ERROR: error possibly

Re: [rt-users] 4.0.1RC2 upgrade errors from 3.8.7

2011-06-17 Thread John D Groenveld 
In message 20110617023209.gx3...@bestpractical.com, Jesse Vincent writes:
Looking through project history, I can't find a time when we had a
sequence named ACL_SEQ for the Postgres port of RT. What can you tell us
about the lineage of this database?

IIRC I started RT at 3.4.
Just now ran ora2pg to migrate.
Thank you for the heads-up, I wasn't aware that there were different
object names for each database port.

John
groenv...@acm.org

Re: [rt-users] 4.0.1RC2 upgrade errors from 3.8.7

2011-06-17 Thread John D Groenveld 
In message 201106171302.p5hd2hpn004...@elvis.arl.psu.edu, John D Groenveld wr
ites:
Thank you for the heads-up, I wasn't aware that there were different
object names for each database port.

Success.

Create the sequences from ora2pg's TYPE SEQUENCE.
Rename them.
Load the schema from rt-3.8.7/etc/schema.Pg, minus the sequences.
Load the data from ora2pg's TYPE COPY.
Run /opt/rt4/sbin/rt-setup-database --prompt-for-dba-password --action upgrade

Looking forward to the move to RT4; thanks Kevin, Jesse, et al!
John
groenv...@acm.org


2011 Training: http://bestpractical.com/services/training.html

Re: [rt-users] 4.0.1RC2 upgrade errors from 3.8.7

2011-06-16 Thread John D Groenveld 
In message 20110617011915.gl...@jibsheet.com, Kevin Falcone writes:
Can you show \d on acl and acl_id_seq

When did the sequence for ACL.ID rename from ACL_SEQ to
ACL_ID_SEQ?

John
groenv...@acm.org

***
rt4= \d acl
Table public.acl
Column |Type | Modifiers  
---+-+
 id| bigint  | not null
 principaltype | character varying(25)   | not null
 principalid   | bigint  | not null
 rightname | character varying(25)   | not null
 objecttype| character varying(25)   | not null
 objectid  | bigint  | default 0
 creator   | integer | not null default 0
 created   | timestamp without time zone | 
 lastupdatedby | integer | not null default 0
 lastupdated   | timestamp without time zone | 
Indexes:
acl_pkey PRIMARY KEY, btree (id)
acl1 btree (rightname, objecttype, objectid, principaltype, principalid)

rt4= \d acl_id_seq
Did not find any relation named acl_id_seq.

rt4= \d acl_seq
   Sequence public.acl_seq
Column |  Type   |Value
---+-+-
 sequence_name | name| acl_seq
 last_value| bigint  | 466
 start_value   | bigint  | 466
 increment_by  | bigint  | 1
 max_value | bigint  | 9223372036854775807
 min_value | bigint  | 1
 cache_value   | bigint  | 20
 log_cnt   | bigint  | 1
 is_cycled | boolean | f
 is_called | boolean | f

Re: [rt-users] RT 3.6 requires two or three logins with firefox and IE

2007-12-13 Thread John D Groenveld 
In message [EMAIL PROTECTED], Kenneth Crocker writes:
   I would like to hear from ANYONE who has RT 3.6.4 on ORACLE 9+ and have
 
managed to get session control to work properly with FireFox or IE using 
either the DB sessions table OR SPECIFICALLY straight to data file. We 

Apache timed out for me when I tried to enable Apache::Session::Oracle
in /opt/rt3/share/html/Elements/SetupSessionCookie.

John
[EMAIL PROTECTED]
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

SAVE THOUSANDS OF DOLLARS ON RT SUPPORT:

If you sign up for a new RT support contract before December 31, we'll take
up to 20 percent off the price. This sale won't last long, so get in touch 
today. 
Email us at [EMAIL PROTECTED] or call us at +1 617 812 0745.


Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com

Re: [rt-users] RT 3.6 requires two or three logins with firefox and IE

2007-12-12 Thread John D Groenveld 
In message [EMAIL PROTECTED], John D Groenveld 
writes:
My WAG is that Firefox and IE are doing parallel requests
and triggering an Apache::Session::Lock::File deadlock which is
somehow forcing the session to be invalidated.

Most RT users probably use MySQL and Postgres and RT defaults
to using those databases for session management so won't stumble
across this bug.

I copied my data from Oracle to Postgres.

Then I disabled Apache::Session::Postgres in 
/opt/rt3/share/html/Elements/SetupSessionCookie

As expected, I got the deadlock error and was forced to reauthenticate.

Need to do more debugging to see whether there are indeed
parallel requests.

John
[EMAIL PROTECTED]

___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

SAVE THOUSANDS OF DOLLARS ON RT SUPPORT:

If you sign up for a new RT support contract before December 31, we'll take
up to 20 percent off the price. This sale won't last long, so get in touch 
today. 
Email us at [EMAIL PROTECTED] or call us at +1 617 812 0745.


Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com

Re: [rt-users] RT 3.6 requires two or three logins with firefox and IE

2007-12-10 Thread John D Groenveld 
In message [EMAIL PROTECTED], John D Groenveld 
writes:
I have perl-5.8.8, apache 2.6, mp 2.0.3 and RT 3.6.5
under Solaris 10 and Oracle 10.

With firefox2 and IE, I am prompted to authenticate two or three
times before I can navigate RT pages without prompting.

However, with lynx and opera I only need to authenticate once.

I have turned on logging and don't see anything interesting.

I see RT's cookie in firefox's cookie manager.

Any thoughts on how I can debug further?

I installed fresh on a development box and I saw the exception
below on the mainpage with Firefox where the RefreshHomepage
element should be.

On my production box, my perl has Apache::Session 1.81_01

On my devel box, my perl has 1.84 which includes error
handling.

After re-logging in two or three times, the exception goes away.

With Opera I can't produce this exception.

I also cannot produce the exception when I run the devel Apache httpd
with -X.

My WAG is that Firefox and IE are doing parallel requests
and triggering an Apache::Session::Lock::File deadlock which is
somehow forcing the session to be invalidated.

Most RT users probably use MySQL and Postgres and RT defaults
to using those databases for session management so won't stumble
across this bug.

John
[EMAIL PROTECTED]

Trace begun at /opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/HTML/Mason/Exceptions.pm 
line 129
HTML::Mason::Exceptions::rethrow_exception('Cannot lock: Deadlock situation 
detected/avoided at 
/opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/Apache/Session/Lock/File.pm line 81, 
GEN63 line 3.^J') called at 
/opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/Apache/Session/Lock/File.pm line 81
Apache::Session::Lock::File::acquire_write_lock('Apache::Session::Lock::File=HASH(0x3a18380)',
 'Apache::Session::File=HASH(0x39f4cb0)') called at 
/opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/Apache/Session.pm line 588
Apache::Session::acquire_write_lock('Apache::Session::File=HASH(0x39f4cb0)') 
called at /opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/Apache/Session.pm line 516
Apache::Session::save('Apache::Session::File=HASH(0x39f4cb0)') called at 
/opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/Apache/Session/File.pm line 40
Apache::Session::File::DESTROY('Apache::Session::File=HASH(0x39f4cb0)') called 
at /opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/HTML/Mason/Request.pm line 1252
eval {...} at /opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/HTML/Mason/Request.pm 
line 1252
HTML::Mason::Request::comp(undef, undef, undef, 'pass', 'RTrocks', 'user', 
'john') called at /opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/HTML/Mason/Request.pm 
line 466
eval {...} at /opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/HTML/Mason/Request.pm 
line 466
eval {...} at /opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/HTML/Mason/Request.pm 
line 418
HTML::Mason::Request::exec('HTML::Mason::Request::ApacheHandler=HASH(0x3abb8a0)')
 called at /opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/HTML/Mason/ApacheHandler.pm 
line 168
HTML::Mason::Request::ApacheHandler::exec('HTML::Mason::Request::ApacheHandler=HASH(0x3abb8a0)')
 called at /opt/rt3/perl-5.8.8/lib/site_perl/5.8.8/HTML/Mason/ApacheHandler.pm 
line 826
HTML::Mason::ApacheHandler::handle_request('HTML::Mason::ApacheHandler=HASH(0x15ca300)',
 'Apache2::RequestRec=SCALAR(0x37f27d0)') called at /opt/rt3/bin/webmux.pl line 
125
eval {...} at /opt/rt3/bin/webmux.pl line 125
RT::Mason::handler('Apache2::RequestRec=SCALAR(0x37f27d0)') called at -e line 0
eval {...} at -e line 0

___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

SAVE THOUSANDS OF DOLLARS ON RT SUPPORT:

If you sign up for a new RT support contract before December 31, we'll take
up to 20 percent off the price. This sale won't last long, so get in touch 
today. 
Email us at [EMAIL PROTECTED] or call us at +1 617 812 0745.


Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com

[rt-users] RT 3.6 requires two or three logins with firefox and IE

2007-12-06 Thread John D Groenveld 
Bizarre problem I could not spot with Google which leads me to
believe I'm doing something very wrong.

I have perl-5.8.8, apache 2.6, mp 2.0.3 and RT 3.6.5
under Solaris 10 and Oracle 10.

With firefox2 and IE, I am prompted to authenticate two or three
times before I can navigate RT pages without prompting.

However, with lynx and opera I only need to authenticate once.

I have turned on logging and don't see anything interesting.

I see RT's cookie in firefox's cookie manager.

Any thoughts on how I can debug further?

John
[EMAIL PROTECTED]
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

SAVE THOUSANDS OF DOLLARS ON RT SUPPORT:

If you sign up for a new RT support contract before December 31, we'll take
up to 20 percent off the price. This sale won't last long, so get in touch 
today. 
Email us at [EMAIL PROTECTED] or call us at +1 617 812 0745.


Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com

Re: [rt-users] RT 3.6 requires two or three logins with firefox and IE

2007-12-06 Thread John D Groenveld 
In message [EMAIL PROTECTED], Jesse Vincent writes:
It's almost certainly the case that you have multiple valid DNS domain
names for your RT server. And RT's cookies are tied to a specific
domain.

Something like this:
   http://rt/
   http://rt.mycompany.com/
   http://rt3.mycompany.com/
   http://www.rt.mycompany.com/ 

If you start at one and RT canonicalizes it to another, you might be
fored to reauth.

The test host only has one valid DNS name.


Currently testing from the coffee shop and I'm tunneling via ssh.

/opt/rt3/etc/RT_SiteConfig.pm has this
Set( $rtname, 'test.example.com');
Set( $Organization, 'RT Rocks');
Set( $WebBaseURL, 'http://test.example.com:8082');

Oddly, sometimes I can connect localhost:8082 with Firefox without
being prompted multiple times and sometimes it takes three times.

Opera nor lynx ever have this problem.

Weird.
John
[EMAIL PROTECTED]
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

SAVE THOUSANDS OF DOLLARS ON RT SUPPORT:

If you sign up for a new RT support contract before December 31, we'll take
up to 20 percent off the price. This sale won't last long, so get in touch 
today. 
Email us at [EMAIL PROTECTED] or call us at +1 617 812 0745.


Community help: http://wiki.bestpractical.com
Commercial support: [EMAIL PROTECTED]


Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
Buy a copy at http://rtbook.bestpractical.com