Re: [rt-users] possible RT 4.0.4 attachment bug
OK, this seems to be a relevant portion of the log file. Sorry about the delay in replying. -Mike [Thu Dec 15 19:38:48 2011] [warning]: DBD::mysql::st execute failed: Got a packet bigger than 'max_allowed_packet' bytes at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm line 587. (/usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm:587) [Thu Dec 15 19:39:43 2011] [warning]: DBD::mysql::st execute failed: Got a packet bigger than 'max_allowed_packet' bytes at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm line 587. (/usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm:587) [Thu Dec 15 20:38:53 2011] [warning]: DBD::mysql::st execute failed: Got a packet bigger than 'max_allowed_packet' bytes at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm line 587. (/usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm:587) [Thu Dec 15 20:39:49 2011] [warning]: DBD::mysql::st execute failed: Got a packet bigger than 'max_allowed_packet' bytes at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm line 587. (/usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm:587) [Thu Dec 15 21:38:49 2011] [warning]: DBD::mysql::st execute failed: Got a packet bigger than 'max_allowed_packet' bytes at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm line 587. (/usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm:587) [Thu Dec 15 21:39:29 2011] [warning]: DBD::mysql::st execute failed: Got a packet bigger than 'max_allowed_packet' bytes at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm line 587. (/usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm:587) [Thu Dec 15 22:38:49 2011] [warning]: DBD::mysql::st execute failed: Got a packet bigger than 'max_allowed_packet' bytes at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm line 587. (/usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm:587) [Thu Dec 15 22:38:56 2011] [warning]: RT::Handle=HASH(0x2b474a6b16f0) couldn't execute the query 'INSERT INTO Attachments (Subject, ContentType, Filename, Headers, MessageId, Creator, Parent, Created, ContentEncoding, Content, TransactionId) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm line 600 DBIx::SearchBuilder::Handle::SimpleQuery('RT::Handle=HASH(0x2b474a6b16f0)', 'INSERT INTO Attachments (Subject, ContentType, Filename, Head...', '', 'application/x-zip-compressed', 'antiques_bkup_20111215_1408.zip', 'Content-Description: antiques_bkup_20111215_1408.zip\x{a}content-...', '', 193, 582, ...) called at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm line 350 DBIx::SearchBuilder::Handle::Insert('RT::Handle=HASH(0x2b474a6b16f0)', 'Attachments', 'Subject', '', 'ContentType', 'application/x-zip-compressed', 'Filename', 'antiques_bkup_20111215_1408.zip', 'Headers', ...) called at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle/mysql.pm line 36 DBIx::SearchBuilder::Handle::mysql::Insert('RT::Handle=HASH(0x2b474a6b16f0)', 'Attachments', 'Subject', '', 'ContentType', 'application/x-zip-compressed', 'Filename', 'antiques_bkup_20111215_1408.zip', 'Headers', ...) called at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Record.pm line 1292 DBIx::SearchBuilder::Record::Create('RT::Attachment=HASH(0x2b475ef06b80)', 'Subject', '', 'Filename', 'antiques_bkup_20111215_1408.zip', 'ContentType', 'application/x-zip-compressed', 'Headers', 'Content-Description: antiques_bkup_20111215_1408.zip\x{a}content-...', ...) called at /opt/rt4/sbin/../lib/RT/Record.pm line 304 RT::Record::Create('RT::Attachment=HASH(0x2b475ef06b80)', 'TransactionId', 908, 'ContentType', 'application/x-zip-compressed', 'ContentEncoding', 'none', 'Parent', 582, ...) called at /opt/rt4/sbin/../lib/RT/Attachment.pm line 193 RT::Attachment::Create('RT::Attachment=HASH(0x2b475ef06b80)', 'TransactionId', 908, 'Parent', 582, 'Attachment', 'MIME::Entity=HASH(0x2b472a166690)') called at /opt/rt4/sbin/../lib/RT/Attachment.pm line 172 RT::Attachment::Create('RT::Attachment=HASH(0x2b475ef37e40)', 'TransactionId', 908, 'Attachment', 'MIME::Entity=HASH(0x2b472a1586c0)') called at /opt/rt4/sbin/../lib/RT/Transaction.pm line 543 RT::Transaction::_Attach('RT::Transaction=HASH(0x2b475eea18e0)', 'MIME::Entity=HASH(0x2b472a1586c0)') called at /opt/rt4/sbin/../lib/RT/Transaction.pm line 160 RT::Transaction::Create('RT::Transaction=HASH(0x2b475eea18e0)', 'ObjectId', 63, 'ObjectType', 'RT::Ticket', 'TimeTaken', 0, 'Type', 'Create', ...) called at /opt/rt4/sbin/../lib/RT/Record.pm line 1447 RT::Record::_NewTransaction('RT::Ticket=HASH(0x2b472a1ca1f0)', 'Type', 'Create', 'TimeTaken', 0, 'MIMEObj', 'MIME::Entity=HASH(0x2b472a1586c0)', 'CommitScrips', 1, ...) called at /opt/rt4/sbin/../lib/RT/Ticket.pm line 676 RT::Ticket::Create('RT::Ticket=HASH(0x2b472a1ca1f0)',
Re: [rt-users] possible RT 4.0.4 attachment bug
The user had tried to submit a mysqldump that was 20GB as an attachment :) Larger than my max_allowed_packet as you can guess. But I didn't expect RT to increment the id when ticket creation failed. I thought I'd found a bug. The instance is working fine, btw. No ill effects. Thanks for the explanation. Mike -Original Message- From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Thomas Sibley Sent: Friday, January 06, 2012 12:51 PM To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] possible RT 4.0.4 attachment bug On 01/06/2012 12:35 PM, mja...@guesswho.com wrote: OK, this seems to be a relevant portion of the log file. Sorry about the delay in replying. -Mike [Thu Dec 15 19:38:48 2011] [warning]: DBD::mysql::st execute failed: Got a packet bigger than 'max_allowed_packet' bytes at /usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm line 587. (/usr/lib/perl5/site_perl/5.8.8/DBIx/SearchBuilder/Handle.pm:587) This error will cause the Attachment creation to fail, which cascades up to the Transaction creation and Ticket creation. All of it is done inside a database-level transaction which is rolled back on failure. The end result is the id sequence is incremented, but no such ticket exists. Such gaps don't cause any problem though. What is your max_allowed_packet? I'll bet it's tiny and should be increased. Thomas RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012 RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] possible RT 4.0.4 attachment bug
Thanks. I knew that mysql had done the id increment - I was sloppy in my language. Sorry about that. And now I know more about how database integrity works. Have a good weekend. -Original Message- From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Alex Vandiver Sent: Friday, January 06, 2012 4:21 PM To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] possible RT 4.0.4 attachment bug On Fri, 2012-01-06 at 16:11 -0500, mja...@guesswho.com wrote: The user had tried to submit a mysqldump that was 20GB as an attachment I'm surprised your mail server didn't fall over from that. But I didn't expect RT to increment the id when ticket creation failed. For reference, RT isn't the one incrementing the id -- the database is. This is a side effect of transaction isolation and database integrity. _Not_ doing so would be a bug. - Alex RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012 RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] possible RT 4.0.4 attachment bug
See screenshot that I captured from webmin for the Tickets table - there are missing tickets in the range between 53 and 184. I have not run shredder or manipulated the database in any way. All I can add is that a user submitted a mysql database dump as an attachment that exceeded the allowed size limit. Mike From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of mja...@guesswho.com Sent: Friday, December 16, 2011 8:24 AM To: rt-users@lists.bestpractical.com Subject: [rt-users] possible RT 4.0.4 attachment bug This may be a bug in the way attachments are handled in 4.0.4. We recently spun up a new instance of RT 4.0.2, then upgraded to 4.0.4. Running on Centos 5.7 using MySQL. Yesterday we were at ticket #53. A user sent an email last night with an attachment containing sql statements (a database backup). His ticket id is #63. There aren't any intervening tickets. When I use the quick search for example, and try to load a ticket between 53-63, I get an error: RT Error Could not load ticket 57 (for example) The only thing I can think of is that some of the statements in the attachment were acted on. Is this possible? Mike attachment: ScreenShot006.png RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
[rt-users] possible RT 4.0.4 attachment bug
This may be a bug in the way attachments are handled in 4.0.4. We recently spun up a new instance of RT 4.0.2, then upgraded to 4.0.4. Running on Centos 5.7 using MySQL. Yesterday we were at ticket #53. A user sent an email last night with an attachment containing sql statements (a database backup). His ticket id is #63. There aren't any intervening tickets. When I use the quick search for example, and try to load a ticket between 53-63, I get an error: RT Error Could not load ticket 57 (for example) The only thing I can think of is that some of the statements in the attachment were acted on. Is this possible? Mike RT Training Sessions (http://bestpractical.com/services/training.html) * Boston March 5 6, 2012
Re: [rt-users] Permissions question
I figured out what I was doing wrong. Thanks, Kenn. From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kenneth Crocker Sent: Friday, November 25, 2011 5:25 PM To: RT User List Subject: Re: [rt-users] Permissions question Mike, I'm not sure what you mean by logged in as a GROUP member. You log in as a User and you are either in a group or you are not. The thing about saved searches is this; all groups have rights associated with them, giving members certain rights that pertain to any searches saved under that group. If you are a member of that group, you will have those rights. You should look at what groups you are a member of (go to Tools-Config-Users-memberships) and then look at what rights are given to members of those groups. That'll do for a start. hope this helps. Kenn On Fri, Nov 25, 2011 at 12:19 PM, mja...@guesswho.commailto:mja...@guesswho.com wrote: The next question about permissions. I've given my NetOps user group global rights to CreateSavedSearch, LoadSavedSearch, ShowSavedSearches, and EditSavedSearches. Still, when I log on to RT (4.0.4) as a group member and go to Tickets - New Search and select NetOps's Saved Searches in the Privacy dropdown, none of the saved searches show in the Load dropdown. I must be partway there, because under Logged in as mjames - Settings - Saved Searches, I can see the NetOps saved search. I can't load it or run it from there, however. What am I missing? Mike From: rt-users-boun...@lists.bestpractical.commailto:rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.commailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of mja...@guesswho.commailto:mja...@guesswho.com Sent: Friday, November 25, 2011 10:29 AM To: rt-users@lists.bestpractical.commailto:rt-users@lists.bestpractical.com Subject: Re: [rt-users] Permissions question Thanks, Kenn. That worked. From: rt-users-boun...@lists.bestpractical.commailto:rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com]mailto:[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kenneth Crocker Sent: Wednesday, November 23, 2011 4:28 PM To: RT User List Subject: Re: [rt-users] Permissions question Mike, The correct navigation would be Tools-Config-Global-Group Rights where you then pick a system group, role, or add a User-defined Group. Kenn On Wed, Nov 23, 2011 at 1:17 PM, mja...@guesswho.commailto:mja...@guesswho.com wrote: RT 4.0.4 How do I give a group rights to create/delete/view Saved Searches? As root, I went to Tools..Configuration..Groups and selected my group. I tried different combinations of Group and User Rights, but still the group members can't see/create/delete Saved Searches. Also, when logged in as a group member, I don't see the About Me item under Logged in as Mike. Still wrapping my head around rights in v4.0.x Mike RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain - November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain - November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] Permissions question
Thanks, Kenn. That worked. From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kenneth Crocker Sent: Wednesday, November 23, 2011 4:28 PM To: RT User List Subject: Re: [rt-users] Permissions question Mike, The correct navigation would be Tools-Config-Global-Group Rights where you then pick a system group, role, or add a User-defined Group. Kenn On Wed, Nov 23, 2011 at 1:17 PM, mja...@guesswho.commailto:mja...@guesswho.com wrote: RT 4.0.4 How do I give a group rights to create/delete/view Saved Searches? As root, I went to Tools..Configuration..Groups and selected my group. I tried different combinations of Group and User Rights, but still the group members can't see/create/delete Saved Searches. Also, when logged in as a group member, I don't see the About Me item under Logged in as Mike. Still wrapping my head around rights in v4.0.x Mike RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain - November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] Permissions question
The next question about permissions. I've given my NetOps user group global rights to CreateSavedSearch, LoadSavedSearch, ShowSavedSearches, and EditSavedSearches. Still, when I log on to RT (4.0.4) as a group member and go to Tickets - New Search and select NetOps's Saved Searches in the Privacy dropdown, none of the saved searches show in the Load dropdown. I must be partway there, because under Logged in as mjames - Settings - Saved Searches, I can see the NetOps saved search. I can't load it or run it from there, however. What am I missing? Mike From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of mja...@guesswho.com Sent: Friday, November 25, 2011 10:29 AM To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] Permissions question Thanks, Kenn. That worked. From: rt-users-boun...@lists.bestpractical.commailto:rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com]mailto:[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kenneth Crocker Sent: Wednesday, November 23, 2011 4:28 PM To: RT User List Subject: Re: [rt-users] Permissions question Mike, The correct navigation would be Tools-Config-Global-Group Rights where you then pick a system group, role, or add a User-defined Group. Kenn On Wed, Nov 23, 2011 at 1:17 PM, mja...@guesswho.commailto:mja...@guesswho.com wrote: RT 4.0.4 How do I give a group rights to create/delete/view Saved Searches? As root, I went to Tools..Configuration..Groups and selected my group. I tried different combinations of Group and User Rights, but still the group members can't see/create/delete Saved Searches. Also, when logged in as a group member, I don't see the About Me item under Logged in as Mike. Still wrapping my head around rights in v4.0.x Mike RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain - November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] LDAP ExternalAuth broken after upgrade from 4.0.2 to 4.0.4
I just upgraded from 4.0.2 to 4.0.4 without issue. Simple questions - did you remember to upgrade the database as well? Also, perhaps you should run make testdeps and make sure all your dependencies are still fulfilled. After the upgrade, I had a different problem where the permissions on the mason_data folder had changed and that caused a permissions failure. Just nitpicking, since your config worked previously, but you shouldn't need a trailing comma in these 2 settings. Set($ExternalAuthPriority, ['DIVMS_LDAP',]); Set($ExternalInfoPriority, ['DIVMS_LDAP',]); Mike -Original Message- From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Karl Boyken Sent: Wednesday, November 23, 2011 12:47 PM To: rt-users@lists.bestpractical.com Subject: [rt-users] LDAP ExternalAuth broken after upgrade from 4.0.2 to 4.0.4 We run RT on RedHat Enterprise Server 6.1, with Perl 5.14.2. We set up RT::ExternalAuth to authenticate against our OpenLDAP server, and it works fine with RT 4.0.2. But after upgrading to RT 4.0.4, LDAP authentication breaks. I'd appreciate any helpful ideas. Here's the relevant log entry--it's an LDAP bind() error: Nov 23 11:27:28 serv07 RT: RT::Authen::ExternalAuth::LDAP::_GetBoundLdapObj Can't bind: LDAP_OPERATIONS_ERROR 1 (/path_to_our_RT/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:467) This is the relevant section of our RT_SiteConfig.pm file (where values beginning with our have been changed for posting): # To enable RT::Authen::ExternalAuth Set(@Plugins, qw(RT::Authen::ExternalAuth)); # RT::Authen::ExternalAuth settings # For information on configuring RT::Authen::ExternalAuth, see # $RT_HOME/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm Set($ExternalAuthPriority, ['DIVMS_LDAP',]); Set($ExternalInfoPriority, ['DIVMS_LDAP',]); Set($ExternalServiceUsesSSLorTLS, 1); Set($AutoCreateNonExternalUsers, 1); Set($ExternalSettings, { 'DIVMS_LDAP' = { 'type' = 'ldap', 'server' = 'our_server', 'user' = 'our_cn', 'pass' = 'our_password', 'base' = 'our_base', 'filter' = '(objectClass=*)', 'd_filter' = '(objectClass=FooBarBaz)', 'tls' = 1, 'ssl_version' = 1, 'net_ldap_args' = [ port = 389, version = 3 ], 'group' = '', 'group_attr' = '', 'attr_match_list' = [ 'Name', 'EmailAddress', ], 'attr_map' = { 'Name' = 'uid', 'EmailAddress' = 'mail', 'RealName' = 'gecos', 'ExternalAuthId' = 'uid', 'Gecos' = 'uid', } } } ); -- Karl Boyken, system administrator karl-boy...@uiowa.edu 303A MLH, Dept. of Comp. Sci. http://www.cs.uiowa.edu/~boyken/ The U. of Iowa, Iowa City, IA 52242 319-335-2730 (voice) 319-335-3668 (fax) RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
[rt-users] Permissions question
RT 4.0.4 How do I give a group rights to create/delete/view Saved Searches? As root, I went to Tools..Configuration..Groups and selected my group. I tried different combinations of Group and User Rights, but still the group members can't see/create/delete Saved Searches. Also, when logged in as a group member, I don't see the About Me item under Logged in as Mike. Still wrapping my head around rights in v4.0.x Mike RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
[rt-users] Final fetchmailrc configuration
A brief summary of what I did to get RT mail working with Exchange 2007 without opening up plaintext passwords in Exchange. - Mike CentOS 5.7 (Final) RT 4.0.2 fetchmail release 6.3.21+NTLM+SSL+HESIOD+NLS Exchange 2007 Install openssl and openssl-devel Download latest fetchmail package Unpack and cd to fetchmail-6.3.21 ./configure --enable-NTLM --with-ssl make make install add these to /etc/aliases: # Request Tracker aliases kiss: |/opt/smrsh/rt-mailgate --queue general --action correspond --url http://server.domain.com/ kiss-comment: |/opt/smrsh/rt-mailgate --queue general --action comment --url http://server.domain.com/http://%3cserver%3e.%3cdomain%3e.com/ this fetchmailrc worked for me: [rt_user@x-tracker-01 ~]$ cat .fetchmailrc # Configuration created Fri Nov 18 16:22:13 2011 by fetchmailconf 1.57 set postmaster postmaster set bouncemail set no spambounce set softbounce set properties set daemon 20 poll mail.domain.com with proto IMAP and options no dns user 'rt_requests' there with password 'keepmefromlookingsilly' is 'kiss' here options stripcr ssl mda '/opt/rt4/bin/rt-mailgate --url http://server.domain.com. --queue General --action correspond' RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] fetchmailrc
Knowledge that I'd like to document for the list. By trial and error, on Centos 5 I've found that you should use single quotes if your password contains special characters such as '$'. Double-quotes didn't work. I also found (thx, Google) that in Exchange 2007 plaintext password authentication is disabled by default, but it can be turned on (assuming that POP3 is enabled on Exchange server in the 1st place) http://msexchangetips.blogspot.com/2007/11/exchange-2007-pop3-err-command-is-not.html and many others. Also, I think you can use secure POP3 (port 995) but it seems I would need a version of fetchmail with SSL compiled in. The stock version that comes with Centos 5.7 doesn't. Nor does it have NTLM compiled in. NTLM can be used with IMAP (secure port 993) if I understand correctly. [root@tracker ~]# fetchmail -V fetchmail: WARNING: Running as root is discouraged. This is fetchmail release 6.3.21+HESIOD+NLS. Our Exchange server does have OWA (outlook web access), and I've found two tools that can access mailboxes via OWA - DavMail and FetchExc. Mike From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of ronen_am...@dell.com Sent: Thursday, November 17, 2011 3:38 AM To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] fetchmailrc This is what we use (pulling emails from a gmail account, hence the 995 port) : ~rt/.fetchmailrc: set postmaster ronen set daemon 600 pool pop.gmail.com with proto pop3 user 'x...@gmail.com' there with password 'XXX' is user5 here options ssl crontab for user rt: 5,15,25,35,45,55 * * * * /usr/bin/fetchmail -d 0 -P 995 -ssl -smtpname x...@gmail.commailto:x...@gmail.com -u x...@gmail.commailto:x...@gmail.com pop.gmail.com -f fetchmail.test 21 /dev/null fetchmail.test: poll pop.gmail.comproto pop3: username x...@gmail.commailto:x...@gmail.com password mda /opt/rt4/bin/rt-mailgate --url http://cm-help --queue CM --action correspond Ronen From: rt-users-boun...@lists.bestpractical.commailto:rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com]mailto:[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of 20/20 Lab Sent: Wednesday, November 16, 2011 23:45 To: rt-users@lists.bestpractical.commailto:rt-users@lists.bestpractical.com Subject: Re: [rt-users] fetchmailrc Shouldnt you have s around your user name? the only difference I have in mine is user username pass password to user here tho our mailserver auths with full domain. On 11/16/2011 12:49 PM, mja...@guesswho.commailto:mja...@guesswho.com wrote: Using fetchmail for 1st time to collect mail from an Exchange server. Exchange 2010 RT 4.0.1 Centos 5.7 fetchmail release 6.3.21+HESIOD+NLS. Here's my /opt/rt4/etc/fetchmailrc: poll mail.domain.com proto pop3: user trackrequests there with password 'cleverly removed' is kiss here mda /opt/rt4/bin/rt-mailgate --url http://xtracker.domain.com. --queue General --action correspond When I invoke fetchmail -f /opt/rt4/etc/fetchmailrc, it appends @mail.domain.com to the username, whereas the correct user is trackreque...@domain.commailto:trackreque...@domain.com. If I specify user trackreque...@domain.commailto:trackreque...@domain.com in the fetchmailrc file, then fetchmail turns it into trackreque...@domain.com@mail.domain.commailto:trackreque...@domain.com@mail.domain.com. For example: [root@xtracker ~]# fetchmail -f /opt/rt4/etc/fetchmailrc fetchmail: WARNING: Running as root is discouraged. fetchmail: Authorization failure on trackreque...@domain.com@mail.domain.commailto:trackreque...@domain.com@mail.domain.com fetchmail: Query status=3 (AUTHFAIL) I've googled for an answer, but haven't stumbled across it yet. Thanks for any help, Mike RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain - November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
[rt-users] fetchmailrc
Using fetchmail for 1st time to collect mail from an Exchange server. Exchange 2010 RT 4.0.1 Centos 5.7 fetchmail release 6.3.21+HESIOD+NLS. Here's my /opt/rt4/etc/fetchmailrc: poll mail.domain.com proto pop3: user trackrequests there with password 'cleverly removed' is kiss here mda /opt/rt4/bin/rt-mailgate --url http://xtracker.domain.com. --queue General --action correspond When I invoke fetchmail -f /opt/rt4/etc/fetchmailrc, it appends @mail.domain.com to the username, whereas the correct user is trackreque...@domain.commailto:trackreque...@domain.com. If I specify user trackreque...@domain.commailto:trackreque...@domain.com in the fetchmailrc file, then fetchmail turns it into trackreque...@domain.com@mail.domain.commailto:trackreque...@domain.com@mail.domain.com. For example: [root@xtracker ~]# fetchmail -f /opt/rt4/etc/fetchmailrc fetchmail: WARNING: Running as root is discouraged. fetchmail: Authorization failure on trackreque...@domain.com@mail.domain.com fetchmail: Query status=3 (AUTHFAIL) I've googled for an answer, but haven't stumbled across it yet. Thanks for any help, Mike RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] fetchmailrc
Thanks for the quick reply, now to figure out why I get the AUTHFAIL. -Original Message- From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Rob MacGregor Sent: Wednesday, November 16, 2011 4:00 PM To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] fetchmailrc On Wed, Nov 16, 2011 at 20:49, mja...@guesswho.com wrote: When I invoke fetchmail –f /opt/rt4/etc/fetchmailrc, it appends “@mail.domain.com” to the username, whereas the correct user is trackreque...@domain.com. ---SNIP--- [root@xtracker ~]# fetchmail -f /opt/rt4/etc/fetchmailrc fetchmail: WARNING: Running as root is discouraged. fetchmail: Authorization failure on trackreque...@domain.com@mail.domain.com That's just the logging, it doesn't actually pass the @mail.example.com as part of the username. It is there so you can differentiate problems logging in to multiple accounts on different mail servers. -- Please keep list traffic on the list. Rob MacGregor Whoever fights monsters should see to it that in the process he doesn't become a monster. Friedrich Nietzsche RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011 RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011
Re: [rt-users] LDAP authentication problem
I turned on logging on the Domain Controller and tried to auto-create a user by email. There weren't any indications on the DC of an LDAP inquiry, so I'm wondering if I'm missing a perl module. Whereas command-line ldapsearch completes successfully and I see logging on the DC. I don't see anything indicative in /var/log/messages other than the errors I included below. Thanks for any suggestions. Mike From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of mja...@guesswho.com Sent: Monday, November 14, 2011 4:28 PM To: rt-users@lists.bestpractical.com Subject: [rt-users] LDAP authentication problem Hi, I know there are tons of questions on the list about getting LDAP authentication to work. And I have done it before at other employers, so I'm even more frustrated... Here's what I've got: RT 4.0.2 on CentOS 5.7 RT-Authen-ExternalAuth-0.09.tar.gz Active Directory on Server 2008 R2 I set up the /opt/rt4/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm file with the LDAP parameters that I thought would work. Also, I can do a successful ldapsearch from the command line against the AD server with the same credentials. Here's an ldapsearch run from the CLI on my RT server. This returns a successful result from the domain controller. [root@host ~]# ldapsearch -h dc-01.mydomain.com -x -b dc=mydomain,dc=com -D cn=mike james,cn=users,dc=mydomain,dc=com -w 'mypasswd' mail=anyu...@mydomain.commailto:mail=anyu...@mydomain.com Here's the LDAP portion of my config file. I got the d_filter from a google search. It was mentioned in a couple of places as being the correct string for disabled users. # AN EXAMPLE LDAP SERVICE 'My_LDAP' = { ## GENERIC SECTION 'type' = 'ldap', 'server' = 'dc-01.mydomain.com', 'user' = 'cn=mike james,cn=users,dc=mydomain,dc=com', 'pass' = 'mypasswd', 'base' = 'dc=mydomain,dc=com', 'filter' = '(objectClass=*)', 'd_filter' = '(userAccountControl:1.2.840.113556.1.4.803:=2))', 'tls' = 0, 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], 'attr_match_list' = ['Name', 'EmailAddress' ], # The mapping of RT attributes on to LDAP attributes 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'RealName' = 'cn' } All requests for new tickets are being rejected, and it's making me crazy. Any ideas? Nov 14 15:07:46 x-tracker-01 RT: Use of uninitialized value in join or string at /usr/lib/perl5/site_perl/5.8.8/Log/Dispatch.pm line 23. (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:458) Nov 14 15:07:46 x-tracker-01 RT: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments: Autocreated on ticket submission, Disabled: 0, EmailAddress: mja...@mydomain.commailto:mja...@mydomain.com, Name: mja...@mydomain.commailto:mja...@mydomain.com, Password: , Privileged: 0, RealName: (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536) Nov 14 15:07:46 x-tracker-01 RT: User creation failed in mailgateway: Could not set user info (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244) Nov 14 15:07:46 x-tracker-01 RT: Couldn't load user 'mja...@mydomain.com'.giving up (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:1016) Nov 14 15:07:46 x-tracker-01 RT: User 'mja...@mydomain.com' could not be loaded in the mail gateway (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244) Nov 14 15:07:46 x-tracker-01 RT: RT could not load a valid user, and
[rt-users] LDAP authentication problem
Hi, I know there are tons of questions on the list about getting LDAP authentication to work. And I have done it before at other employers, so I'm even more frustrated... Here's what I've got: RT 4.0.2 on CentOS 5.7 RT-Authen-ExternalAuth-0.09.tar.gz Active Directory on Server 2008 R2 I set up the /opt/rt4/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm file with the LDAP parameters that I thought would work. Also, I can do a successful ldapsearch from the command line against the AD server with the same credentials. Here's an ldapsearch run from the CLI on my RT server. This returns a successful result from the domain controller. [root@host ~]# ldapsearch -h dc-01.mydomain.com -x -b dc=mydomain,dc=com -D cn=mike james,cn=users,dc=mydomain,dc=com -w 'mypasswd' mail=anyu...@mydomain.commailto:mail=anyu...@mydomain.com Here's the LDAP portion of my config file. I got the d_filter from a google search. It was mentioned in a couple of places as being the correct string for disabled users. # AN EXAMPLE LDAP SERVICE 'My_LDAP' = { ## GENERIC SECTION 'type' = 'ldap', 'server' = 'dc-01.mydomain.com', 'user' = 'cn=mike james,cn=users,dc=mydomain,dc=com', 'pass' = 'mypasswd', 'base' = 'dc=mydomain,dc=com', 'filter' = '(objectClass=*)', 'd_filter' = '(userAccountControl:1.2.840.113556.1.4.803:=2))', 'tls' = 0, 'ssl_version' = 3, 'net_ldap_args' = [version = 3 ], 'attr_match_list' = ['Name', 'EmailAddress' ], # The mapping of RT attributes on to LDAP attributes 'attr_map' = { 'Name' = 'sAMAccountName', 'EmailAddress' = 'mail', 'RealName' = 'cn' } All requests for new tickets are being rejected, and it's making me crazy. Any ideas? Nov 14 15:07:46 x-tracker-01 RT: Use of uninitialized value in join or string at /usr/lib/perl5/site_perl/5.8.8/Log/Dispatch.pm line 23. (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:458) Nov 14 15:07:46 x-tracker-01 RT: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments: Autocreated on ticket submission, Disabled: 0, EmailAddress: mja...@mydomain.com, Name: mja...@mydomain.com, Password: , Privileged: 0, RealName: (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536) Nov 14 15:07:46 x-tracker-01 RT: User creation failed in mailgateway: Could not set user info (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244) Nov 14 15:07:46 x-tracker-01 RT: Couldn't load user 'mja...@mydomain.com'.giving up (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:1016) Nov 14 15:07:46 x-tracker-01 RT: User 'mja...@mydomain.com' could not be loaded in the mail gateway (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244) Nov 14 15:07:46 x-tracker-01 RT: RT could not load a valid user, and RT's configuration does not allow for the creation of a new user for this email (mja...@mydomain.com). You might need to grant 'Everyone' the right 'CreateTicket' for the queue general. (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244) Nov 14 15:07:46 x-tracker-01 RT: RT could not load a valid user, and RT's configuration does not allow for the creation of a new user for your email. (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244) Nov 14 15:07:46 x-tracker-01 RT: Could not record email: Could not load a valid user (/opt/rt4/share/html/REST/1.0/NoAuth/mail-gateway:75) Thanks, Mike RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 29, 2011