[rt-users] Odd Account Behavior after Active Directory Migration
Thomas Simmons
twsnnva at gmail.com
Fri Feb 22 15:36:36 EST 2013
On Thu, Feb 21, 2013 at 1:58 PM, Thomas Sibley <trs at bestpractical.com>wrote:
> On 02/21/2013 09:07 AM, Thomas Simmons wrote:
> > Hello,
> > Just wanted to send a follow up. I'm really stumped one this and I
> > really am open to any ideas.
>
> The information you sent is great, but for anyone to start to help,
> you're also going to need to provide detailed logs from RT and possibly
> AD. Since you're on an ancient RT version and not using a standard LDAP
> auth solution for newer versions, I suggest you also provide the list
> with the two customized files you noted.
>
>
> Hello,
I'm not sure what changed, but "create on email" is consistently working. I
am still having a problem with users not being creating when assigning
someone as a requestor (using their email) or when a user tries logging
into the web interface. I have attached some log snippets of these three
things occurring, along with my RT_SiteConfig.pm. This is specifically
confusing (from create on login):
Feb 22 13:23:02 helpdesk RT: Autocreated authenticated user tcuser ()
(/opt/rt3/share/html/Callbacks/LDAP/autohandler/Auth:24)
Feb 22 13:23:02 helpdesk RT: FAILED LOGIN for tcuser from 192.168.100.191
(/opt/rt3/share/html/autohandler:251)
I then check MySQL and see this user was in fact, not created. Thank you
for your help.
Create on email (Working)
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.a.user at example.com" by RT::CurrentUser
/opt/rt3/lib/RT/CurrentUser.pm 218
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.a.user at example.com =>
test.a.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeUserInfo called by
RT::User /opt/rt3/lib/RT/User_Overlay.pm 192 with: Comments: Autocreated on
ticket submission, Disabled: 0, EmailAddress: test.a.user at example.com,
Name: test.a.user at example.com, Password: , Privileged: 0, RealName: "Test
A. User"
Feb 22 14:08:05 helpdesk RT: RT::User::LookupExternalUserInfo called with
baseDN "cn=Users,dc=internal,dc=example,dc=com" and filter "sAMAccountName=
test.a.user at example.com" by RT::User /opt/rt3/lib/RT/User_Local.pm 394
Feb 22 14:08:05 helpdesk RT: RT::User::LookupExternalUserInfo :
cn=Users,dc=internal,dc=example,dc=com sAMAccountName=
test.a.user at example.com => EmailAddress: , Name: , RealName:
(/opt/rt3/lib/RT/User_Local.pm:563)
Feb 22 14:08:05 helpdesk RT: RT::User::LookupExternalUserInfo called with
baseDN "cn=Users,dc=internal,dc=example,dc=com" and filter "mail=
test.a.user at example.com" by RT::User /opt/rt3/lib/RT/User_Local.pm 394
Feb 22 14:08:05 helpdesk RT: RT::User::LookupExternalUserInfo :
cn=Users,dc=internal,dc=example,dc=com mail=test.a.user at example.com =>
Address1: , Address2: , EmailAddress: test.a.user at example.com,
ExternalAuthId: tauser, ExternalContactInfoId: CN=Test A.
User,CN=Users,DC=internal,dc=example,DC=com, Gecos: tauser, Name: tauser,
Organization: , RealName: Test A. User, WorkPhone:
(/opt/rt3/lib/RT/User_Local.pm:563)
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.a.user at example.com" by RT::User /opt/rt3/lib/RT/User_Local.pm
403
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.a.user at example.com =>
test.a.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeUserInfo returning
Address1: , Address2: , Comments: Autocreated on ticket submission,
Disabled: 0, EmailAddress: test.a.user at example.com, ExternalAuthId: tauser,
ExternalContactInfoId: CN=Test A.
User,CN=Users,DC=internal,dc=example,DC=com, Gecos: tauser, Name: tauser,
Organization: , Password: , Privileged: 0, RealName: Test A. User,
WorkPhone: (/opt/rt3/lib/RT/User_Local.pm:412)
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.a.user at example.com" by RT::User /opt/rt3/lib/RT/User_Overlay.pm
196
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.a.user at example.com =>
test.a.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.a.user at example.com" by RT::User /opt/rt3/lib/RT/User_Overlay.pm
563
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.a.user at example.com =>
test.a.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.a.user at example.com" by RT::User /opt/rt3/lib/RT/User_Overlay.pm
563
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.a.user at example.com =>
test.a.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:08:05 helpdesk RT: About to think about scrips for transaction
#43219
Feb 22 14:08:05 helpdesk RT: About to think about scrips for transaction
#43220
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.a.user at example.com" by RT::CurrentUser
/opt/rt3/lib/RT/CurrentUser.pm 218
Feb 22 14:08:05 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.a.user at example.com =>
test.a.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:08:05 helpdesk RT: About to think about scrips for transaction
#43221
Feb 22 14:08:06 helpdesk RT: About to think about scrips for transaction
#43222
Feb 22 14:08:06 helpdesk RT: About to think about scrips for transaction
#43223
Feb 22 14:08:06 helpdesk RT: About to think about scrips for transaction
#43224
Feb 22 14:08:06 helpdesk RT: About to think about scrips for transaction
#43225
Feb 22 14:08:06 helpdesk RT: About to prepare scrips for transaction
#43225
Feb 22 14:08:06 helpdesk RT: Found 4 scrips
Feb 22 14:08:07 helpdesk RT: About to commit scrips for transaction #43225
Feb 22 14:08:07 helpdesk RT: <
rt-3.6.5-6476-1361560086-1540.3155-3-0 at example.com> #3155/43225 - Scrip 3
(/opt/rt3/lib/RT/Action/SendEmail.pm:252)
Feb 22 14:08:07 helpdesk RT: <
rt-3.6.5-6476-1361560086-1540.3155-3-0 at example.com> sent To:
test.a.user at example.com (/opt/rt3/lib/RT/Action/SendEmail.pm:283)
Feb 22 14:08:07 helpdesk RT: About to think about scrips for transaction
#43226
Feb 22 14:08:07 helpdesk RT: <
rt-3.6.5-6476-1361560086-1904.3155-4-0 at example.com> #3155/43225 - Scrip 4
(/opt/rt3/lib/RT/Action/SendEmail.pm:252)
Feb 22 14:08:07 helpdesk RT: <
rt-3.6.5-6476-1361560086-1904.3155-4-0 at example.com> No recipients found.
Not sending. (/opt/rt3/lib/RT/Action/SendEmail.pm:264)
Feb 22 14:08:07 helpdesk RT: <
rt-3.6.5-6476-1361560087-57.3155-15-0 at example.com> #3155/43225 - Scrip 15
NotifyByEmailOnCreate (/opt/rt3/lib/RT/Action/SendEmail.pm:252)
Feb 22 14:08:07 helpdesk RT: <
rt-3.6.5-6476-1361560087-57.3155-15-0 at example.com> sent To:
removed at gmail.com,removed at gmail.com(/opt/rt3/lib/RT/Action/SendEmail.pm:283)
Feb 22 14:08:07 helpdesk RT: About to think about scrips for transaction
#43227
Feb 22 14:08:07 helpdesk RT: Ticket 3155 created in queue 'General' by
tauser (/opt/rt3/lib/RT/Ticket_Overlay.pm:756)
Feb 22 14:08:13 helpdesk RT: RT::Date used date::parse to make 1970-01-01
18000
Feb 22 14:08:30 helpdesk RT: RT::Date used date::parse to make 1970-01-01
18000
Feb 22 14:09:28 helpdesk RT: RT::Date used date::parse to make 1970-01-01
18000
Feb 22 14:10:03 helpdesk RT: About to think about scrips for transaction
#43228
Feb 22 14:10:03 helpdesk RT: About to prepare scrips for transaction
#43228
Feb 22 14:10:03 helpdesk RT: Found 2 scrips
Feb 22 14:10:03 helpdesk RT: About to commit scrips for transaction #43228
Feb 22 14:10:03 helpdesk RT: <
rt-3.6.5-6276-1361560203-830.3155-10-0 at example.com> #3155/43228 - Scrip 10
(/opt/rt3/lib/RT/Action/SendEmail.pm:252)
Feb 22 14:10:03 helpdesk RT: <
rt-3.6.5-6276-1361560203-830.3155-10-0 at example.com> sent To:
test.a.user at example.com (/opt/rt3/lib/RT/Action/SendEmail.pm:283)
Feb 22 14:10:03 helpdesk RT: About to think about scrips for transaction
#43229
Feb 22 14:10:50 helpdesk RT: RT::Date used date::parse to make 1970-01-01
18000
Create when added as a watcher (Not Working)
Feb 22 14:02:46 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.b.user at example.com" by RT::Ticket
/opt/rt3/lib/RT/Ticket_Overlay.pm 1350
Feb 22 14:02:46 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.b.user at example.com =>
test.b.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:02:46 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.b.user at example.com" by RT::User /opt/rt3/lib/RT/User_Overlay.pm
563
Feb 22 14:02:46 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.b.user at example.com =>
test.b.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:02:46 helpdesk RT: RT::Authen::ExternalAuth::CanonicalizeUserInfo
called by RT::Authen::ExternalAuth
/opt/rt3/local/lib/RT/Authen/ExternalAuth.pm 682 with: Comments:
Autocreated when added as a watcher, Disabled: , EmailAddress:
test.b.user at example.com, Name: test.b.user at example.com, Privileged: ,
RealName: test.b.user at example.com
Feb 22 14:02:46 helpdesk RT: Attempting to get user info using this
external service:
Feb 22 14:02:46 helpdesk RT: RT::Authen::ExternalAuth::CanonicalizeUserInfo
returning Comments: Autocreated when added as a watcher, Disabled: ,
EmailAddress: test.b.user at example.com, Name: test.b.user at example.com,
Privileged: , RealName:
test.b.user at example.com(/opt/rt3/local/lib/RT/Authen/ExternalAuth.pm:665)
Feb 22 14:02:46 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.b.user at example.com" by RT::User /opt/rt3/lib/RT/User_Overlay.pm
563
Feb 22 14:02:46 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.b.user at example.com =>
test.b.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:02:51 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.b.user at example.com" by RT::User /opt/rt3/lib/RT/User_Overlay.pm
563
Feb 22 14:02:51 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.b.user at example.com =>
test.b.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:02:51 helpdesk RT: Failed to create user test.b.user at example.com:
Could not set user info (/opt/rt3/lib/RT/User_Overlay.pm:617)
Feb 22 14:02:51 helpdesk RT: Could not load create a user with the email
address 'test.b.user at example.com' to add as a watcher for ticket 3090
(/opt/rt3/lib/RT/Ticket_Overlay.pm:1424)
Feb 22 14:05:42 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.b.user at example.com" by RT::Ticket
/opt/rt3/lib/RT/Ticket_Overlay.pm 1350
Feb 22 14:05:42 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.b.user at example.com =>
test.b.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:05:42 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.b.user at example.com" by RT::User /opt/rt3/lib/RT/User_Overlay.pm
563
Feb 22 14:05:42 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.b.user at example.com =>
test.b.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:05:42 helpdesk RT: RT::Authen::ExternalAuth::CanonicalizeUserInfo
called by RT::Authen::ExternalAuth
/opt/rt3/local/lib/RT/Authen/ExternalAuth.pm 682 with: Comments:
Autocreated when added as a watcher, Disabled: , EmailAddress:
test.b.user at example.com, Name: test.b.user at example.com, Privileged: ,
RealName: test.b.user at example.com
Feb 22 14:05:42 helpdesk RT: Attempting to get user info using this
external service:
Feb 22 14:05:42 helpdesk RT: RT::Authen::ExternalAuth::CanonicalizeUserInfo
returning Comments: Autocreated when added as a watcher, Disabled: ,
EmailAddress: test.b.user at example.com, Name: test.b.user at example.com,
Privileged: , RealName:
test.b.user at example.com(/opt/rt3/local/lib/RT/Authen/ExternalAuth.pm:665)
Feb 22 14:05:42 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.b.user at example.com" by RT::User /opt/rt3/lib/RT/User_Overlay.pm
563
Feb 22 14:05:42 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.b.user at example.com =>
test.b.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:05:47 helpdesk RT: RT::User::CanonicalizeEmailAddress : called
with "test.b.user at example.com" by RT::User /opt/rt3/lib/RT/User_Overlay.pm
563
Feb 22 14:05:47 helpdesk RT: RT::User::CanonicalizeEmailAddress
test.b.user at example.com =>
test.b.user at example.com(/opt/rt3/lib/RT/User_Local.pm:346)
Feb 22 14:05:47 helpdesk RT: Failed to create user test.b.user at example.com:
Could not set user info (/opt/rt3/lib/RT/User_Overlay.pm:617)
Feb 22 14:05:47 helpdesk RT: Could not load create a user with the email
address 'test.b.user at example.com' to add as a watcher for ticket 3090
(/opt/rt3/lib/RT/Ticket_Overlay.pm:1424)
Feb 22 14:07:46 helpdesk RT: RT::Date used date::parse to make 1970-01-01
18000
Create on login (Not Working)
Feb 22 13:23:02 helpdesk RT: Autohandler called ExternalAuth. Response: (0,
ExternalAuthPriority not defined, please check your configuration file.)
Feb 22 13:23:02 helpdesk RT: Transaction->Create couldn't, as you didn't
specify an object type and id (/opt/rt3/lib/RT/Record.pm:1481)
Feb 22 13:23:02 helpdesk RT: Trying LDAP authentication
Feb 22 13:23:02 helpdesk RT: RT::User::IsLDAPPassword Found LDAP DN:
CN=Test C. User,CN=Users,DC=internal,DC=example,DC=com
Feb 22 13:23:02 helpdesk RT: RT::User::IsLDAPPassword AUTH OK: tcuser
(CN=Test C. User,CN=Users,DC=internal,DC=example,DC=com)
(/opt/rt3/lib/RT/User_Local.pm:223)
Feb 22 13:23:02 helpdesk RT: RT::User::IsPassword auth method
IsLDAPPassword SUCCEEDED
Feb 22 13:23:02 helpdesk RT: RT::Authen::ExternalAuth::CanonicalizeUserInfo
called by RT::Authen::ExternalAuth
/opt/rt3/local/lib/RT/Authen/ExternalAuth.pm 682 with: Disabled: ,
EmailAddress: , Gecos: tcuser, Name: tcuser, Privileged:
Feb 22 13:23:02 helpdesk RT: Attempting to get user info using this
external service:
Feb 22 13:23:02 helpdesk RT: RT::Authen::ExternalAuth::CanonicalizeUserInfo
returning Disabled: , EmailAddress: , Gecos: tcuser, Name: tcuser,
Privileged: (/opt/rt3/local/lib/RT/Authen/ExternalAuth.pm:665)
Feb 22 13:23:02 helpdesk RT: Autocreated authenticated user tcuser ()
(/opt/rt3/share/html/Callbacks/LDAP/autohandler/Auth:24)
Feb 22 13:23:02 helpdesk RT: FAILED LOGIN for tcuser from 192.168.100.191
(/opt/rt3/share/html/autohandler:251)
RT_SiteConfig.pm
# /etc/request-tracker3.6/RT_SiteConfig.pm
Set($rtname, 'helpdesk.example.com');
Set($Organization, 'example.com');
Set($CorrespondAddress , 'rt');
Set($CommentAddress , 'rt-comment');
Set($Timezone , 'US/Eastern');
Set($DatabaseType, 'mysql'); # e.g. Pg or mysql
Set($DatabaseUser , 'rtuser');
Set($DatabasePassword , 'super_duper_secret_password');
Set($DatabaseName , 'rtdb');
Set($WebPath , "/rt");
Set($WebBaseURL , "https://helpdesk.example.com");
Set($AuthMethods, ['LDAP', 'Internal']);
Set($LdapExternalAuth, 1);
Set($LdapExternalInfo, 1);
Set($LdapAutoCreateNonLdapUsers, 0);
Set($LdapAttrMap, {'Name' => 'sAMAccountName',
'EmailAddress' => 'mail',
'Organization' => 'company',
'RealName' => 'displayName',
'ExternalContactInfoId' => 'distinguishedName',
'ExternalAuthId' => 'sAMAccountName',
'Gecos' => 'sAMAccountName',
'WorkPhone' => 'telephoneNumber',
'Address1' => 'streetAddress',
'Address2' => 'streetAddress'}
);
Set($LdapRTAttrMatchList, ['Name', 'EmailAddress']
);
Set($LdapEmailAttrMatchList, ['mail']
);
Set($LdapServer, 'ldap://dc1.internal.example.com');
Set($LdapBase, 'cn=Users,dc=internal,dc=example,dc=com');
Set($LdapFilter, '(objectclass=user)');
Set($LdapUser, 'cn=rtbind,cn=Users,dc=internal,dc=example,dc=com');
Set($LdapPass, 'super_secret_password');
1;
>
>
> --
> RT training in Amsterdam, March 20-21:
> http://bestpractical.com/services/training.html
>
> Help improve RT by taking our user survey:
> https://www.surveymonkey.com/s/N23JW9T
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20130222/bdb6941f/attachment.htm>
More information about the rt-users
mailing list