[rt-users] Name in Use

Mike Johnson mike.johnson at nosm.ca
Thu May 12 11:22:29 EDT 2011 

It sounds like your matching setup in your LDAP settings is matching to
"Paul Smith" for both users... try matching to email address.

HTH
MIke.

On Thu, May 12, 2011 at 11:11 AM, Giuseppe Sollazzo <gsollazz at sgul.ac.uk>wrote:

> Hi,
> I've noticed this behaviour that I'm not sure how to explain.
>
> I'm experimenting with our externally facing queue. There seems to be a
> problem about people with same name creating tickets as external users.
>
> I've got this relevant bits of configuration:
>
> Set( @Plugins, qw(RT::Authen::ExternalAuth));
> Set($ExternalAuthPriority,  [
>                                 'My_LDAP'
>                             ]
> );
> Set($ExternalInfoPriority,  [
>                                 'My_LDAP'
>                             ]
> );
> Set($AutoCreateNonExternalUsers,    1);
>
>
> Moreover, "Everyone" can create tickets on the queue. What happened:
> 1 - I sent an e-mail from username at ldap from "Paul Smith" -> ticket and
> users were created ok
> 2 - I sent an e-mail from another at different.domain.com from "Paul Smith"
> -> failed as "Name in use".
> 3 - If I send an e-mail from other name/surname, it works providing it's
> not in ldap
>
> More precisely,
>
> [Thu May 12 14:31:27 2011] [debug]: Going to create user with address '
> another at different.domain.com'
> (/opt/rt4/sbin/../lib/RT/Interface/Email/Auth/MailFrom.pm:97)
> [Thu May 12 14:31:27 2011] [debug]:
> RT::Authen::ExternalAuth::CanonicalizeUserInfo called by
> RT::Authen::ExternalAuth
> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
> 553 with: Comments: Autocreated on ticket submission, Disabled: 0,
> EmailAddress: peppe at orkus.it, Name: another at different.domain.com,
> Password: , Privileged: 0, RealName: Paul Smith
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:450)
> [Thu May 12 14:31:27 2011] [debug]: Attempting to get user info using this
> external service: My_LDAP
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:458)
> [Thu May 12 14:31:27 2011] [debug]: Attempting to use this canonicalization
> key: Name
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:472)
> [Thu May 12 14:31:27 2011] [debug]: LDAP Search ===  Base:
> ou=people,o=domain == Filter: (&(uid=*)(uid=another at different.domain.com))
> == Attrs:
> l,cn,st,mail,gecos,co,postalAddress,postalCode,telephoneNumber,uid,o,uid
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:195)
> [Thu May 12 14:31:27 2011] [debug]: Attempting to use this canonicalization
> key: EmailAddress
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:472)
> [Thu May 12 14:31:27 2011] [debug]: LDAP Search ===  Base:
> ou=people,o=domain == Filter: (&(uid=*)(mail=another at different.domain.com))
> == Attrs:
> l,cn,st,mail,gecos,co,postalAddress,postalCode,telephoneNumber,uid,o,uid
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:195)
> [Thu May 12 14:31:27 2011] [debug]: *Attempting to use this
> canonicalization key: RealName
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:472)
> [Thu May 12 14:31:27 2011] [debug]: LDAP Search ===  Base:
> ou=people,o=domain == Filter: (&(uid=*)(cn=Paul Smith))* == Attrs:
> l,cn,st,mail,gecos,co,postalAddress,postalCode,telephoneNumber,uid,o,uid
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:195)
> [Thu May 12 14:31:27 2011] [info]:
> RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Address1: , City:
> London, Comments: Autocreated on ticket submission, Country: , Disabled: 0,
> EmailAddress: another at different.domain.com, ExternalAuthId: username,
> Gecos: Paul Smith, Computing, :
> (/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536)
> [Thu May 12 14:31:27 2011] [crit]: U*ser creation failed in mailgateway:
> Name in use* (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244)
> [Thu May 12 14:31:48 2011] [warning]: Couldn't load user '
> another at different.domain.com'.giving up
> (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:996)
> [Thu May 12 14:31:48 2011] [crit]: User  'another at different.domain.com'
> could not be loaded in the mail gateway
> (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244)
> [Thu May 12 14:31:59 2011] [error]: RT could not load a valid user, and
> RT's configuration does not allow
> for the creation of a new user for this email (
> another at different.domain.com).
>
> You might need to grant 'Everyone' the right 'CreateTicket' for the
>
> I guess the problem is that it does not allow auto creation when it finds a
> user with the same name in the authentication authority... is there any
> chance to disable CanonicalizeUserInfo - providing that is responsible? Or
> maybe using AutoCreateFromExternalUserInfo (even though that would not be
> the behaviour I'd like to activate).
>
> Any suggestion really appreciated!
>
> Best regards,
> Giuseppe
>
> --
> ____________________________________
>
> Giuseppe Sollazzo
> Senior Systems Analyst
> Computing Services
> Information Services
> St. George's, University Of London
> Cranmer Terrace
> London SW17 0RE
>
> Email: gsollazz at sgul.ac.uk
> Direct Dial: +44 20 8725 5160
> Fax: +44 20 8725 3583
>
>
>


-- 
Mike Johnson
Datatel Programmer/Analyst
Northern Ontario School of Medicine
955 Oliver Road
Thunder Bay, ON   P7B 5E1
Phone: (807) 766-7331
Email: mike.johnson at nosm.ca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110512/2b083b3d/attachment.htm>

More information about the rt-users mailing list