<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#ffffff" text="#000000">
    Hi,<br>
    I've noticed this behaviour that I'm not sure how to explain.<br>
    <br>
    I'm experimenting with our externally facing queue. There seems to
    be a problem about people with same name creating tickets as
    external users.<br>
    <br>
    I've got this relevant bits of configuration:<br>
    <br>
    <tt>Set( @Plugins, qw(RT::Authen::ExternalAuth));<br>
      Set($ExternalAuthPriority,  [<br>
                                      'My_LDAP'<br>
                                  ]<br>
      );<br>
      Set($ExternalInfoPriority,  [<br>
                                      'My_LDAP'<br>
                                  ]<br>
      );<br>
      Set($AutoCreateNonExternalUsers,    1);<br>
    </tt><br>
    <br>
    Moreover, "Everyone" can create tickets on the queue. What happened:<br>
    1 - I sent an e-mail from username@ldap from "Paul Smith" ->
    ticket and users were created ok<br>
    2 - I sent an e-mail from <a class="moz-txt-link-abbreviated" href="mailto:another@different.domain.com">another@different.domain.com</a> from "Paul
    Smith" -> failed as "Name in use".<br>
    3 - If I send an e-mail from other name/surname, it works providing
    it's not in ldap<br>
    <br>
    More precisely,<br>
    <br>
    <tt>[Thu May 12 14:31:27 2011] [debug]: Going to create user with
      address '<a class="moz-txt-link-abbreviated" href="mailto:another@different.domain.com">another@different.domain.com</a>'
      (/opt/rt4/sbin/../lib/RT/Interface/Email/Auth/MailFrom.pm:97)<br>
      [Thu May 12 14:31:27 2011] [debug]:
      RT::Authen::ExternalAuth::CanonicalizeUserInfo called by
      RT::Authen::ExternalAuth
      /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
      553 with: Comments: Autocreated on ticket submission, Disabled: 0,
      EmailAddress: <a class="moz-txt-link-abbreviated" href="mailto:peppe@orkus.it">peppe@orkus.it</a>, Name: <a class="moz-txt-link-abbreviated" href="mailto:another@different.domain.com">another@different.domain.com</a>,
      Password: , Privileged: 0, RealName: Paul Smith
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:450)<br>
      [Thu May 12 14:31:27 2011] [debug]: Attempting to get user info
      using this external service: My_LDAP
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:458)<br>
      [Thu May 12 14:31:27 2011] [debug]: Attempting to use this
      canonicalization key: Name
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:472)<br>
      [Thu May 12 14:31:27 2011] [debug]: LDAP Search ===  Base:
      ou=people,o=domain == Filter:
      (&(uid=*)(<a class="moz-txt-link-abbreviated" href="mailto:uid=another@different.domain.com">uid=another@different.domain.com</a>)) == Attrs:
      l,cn,st,mail,gecos,co,postalAddress,postalCode,telephoneNumber,uid,o,uid
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:195)<br>
      [Thu May 12 14:31:27 2011] [debug]: Attempting to use this
      canonicalization key: EmailAddress
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:472)<br>
      [Thu May 12 14:31:27 2011] [debug]: LDAP Search ===  Base:
      ou=people,o=domain == Filter:
      (&(uid=*)(<a class="moz-txt-link-abbreviated" href="mailto:mail=another@different.domain.com">mail=another@different.domain.com</a>)) == Attrs:
      l,cn,st,mail,gecos,co,postalAddress,postalCode,telephoneNumber,uid,o,uid
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:195)<br>
      [Thu May 12 14:31:27 2011] [debug]: <b>Attempting to use this
        canonicalization key: RealName
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:472)<br>
        [Thu May 12 14:31:27 2011] [debug]: LDAP Search ===  Base:
        ou=people,o=domain == Filter: (&(uid=*)(cn=Paul Smith))</b>
      == Attrs:
      l,cn,st,mail,gecos,co,postalAddress,postalCode,telephoneNumber,uid,o,uid
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:195)<br>
      [Thu May 12 14:31:27 2011] [info]:
      RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Address1:
      , City: London, Comments: Autocreated on ticket submission,
      Country: , Disabled: 0, EmailAddress:
      <a class="moz-txt-link-abbreviated" href="mailto:another@different.domain.com">another@different.domain.com</a>, ExternalAuthId: username, Gecos:
      Paul Smith, Computing, : 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536)<br>
      [Thu May 12 14:31:27 2011] [crit]: U<b>ser creation failed in
        mailgateway: Name in use</b>
      (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244)<br>
      [Thu May 12 14:31:48 2011] [warning]: Couldn't load user
      '<a class="moz-txt-link-abbreviated" href="mailto:another@different.domain.com">another@different.domain.com</a>'.giving up
      (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:996)<br>
      [Thu May 12 14:31:48 2011] [crit]: User 
      '<a class="moz-txt-link-abbreviated" href="mailto:another@different.domain.com">another@different.domain.com</a>' could not be loaded in the mail
      gateway (/opt/rt4/sbin/../lib/RT/Interface/Email.pm:244)<br>
      [Thu May 12 14:31:59 2011] [error]: RT could not load a valid
      user, and RT's configuration does not allow<br>
      for the creation of a new user for this email
      (<a class="moz-txt-link-abbreviated" href="mailto:another@different.domain.com">another@different.domain.com</a>).<br>
      <br>
      You might need to grant 'Everyone' the right 'CreateTicket' for
      the<br>
    </tt><br>
    I guess the problem is that it does not allow auto creation when it
    finds a user with the same name in the authentication authority...
    is there any chance to disable CanonicalizeUserInfo - providing that
    is responsible? Or maybe using AutoCreateFromExternalUserInfo (even
    though that would not be the behaviour I'd like to activate).<br>
    <br>
    Any suggestion really appreciated!<br>
    <br>
    Best regards,<br>
    Giuseppe<small><small><small><span class="Apple-style-span"
            style="border-collapse: separate; color: rgb(0, 0, 0);
            font-family: 'Times New Roman'; font-style: normal;
            font-variant: normal; font-weight: normal; letter-spacing:
            normal; line-height: normal; orphans: 2; text-indent: 0px;
            text-transform: none; white-space: normal; widows: 2;
            word-spacing: 0px; font-size: medium;"><span
              class="Apple-style-span" style="color: rgb(58, 58, 58);
              font-family: Helvetica,Arial,sans-serif; font-size: 26px;
              line-height: 27px;"></span></span></small></small></small><br>
    <br>
    <pre class="moz-signature" cols="72">-- 
____________________________________

Giuseppe Sollazzo
Senior Systems Analyst
Computing Services
Information Services
St. George's, University Of London
Cranmer Terrace
London SW17 0RE

Email: <a class="moz-txt-link-abbreviated" href="mailto:gsollazz@sgul.ac.uk">gsollazz@sgul.ac.uk</a>
Direct Dial: +44 20 8725 5160
Fax: +44 20 8725 3583 

</pre>
  </body>
</html>