[rt-users] Company keeps changing is name/email addresses -> User creation failed in mailgateway: Name in use?

Philip subs at christiantena.net
Thu Jan 17 12:30:09 EST 2013


Hi
I am using RT 4.0.5-3 from debian squeeze-backports and ExternalAuth

I have the following LDAP settings, and RT is successfully 
authenticating users again Microsoft AD.

my LDAP settings
Set($ExternalAuthPriority, ['My_LDAP']);
Set($ExternalInfoPriority, [ 'My_LDAP']);
Set($AutoCreateNonExternalUsers, 1); I think maybe this shouldn't be 
necessary.
Then the My_LDAP stuff including this:-
'attr_match_list'	=>	['Name','EmailAddress'],
'attr_map'		=>	{'Name' => 'sAMAccountName','EmailAddress' => 'mail',}

I have privileges users who can log into the the web GUI and work on 
tickets.
I have autogenerated users who have emailed the system.  They do not 
need the web GUI at all.  In fact they don't have the ssl client cert 
that they would need to get to the server.

The problem is that the company keeps changing its name, and so one 
person can have had me.person at x.co.uk, me.person at y.com and 
me.person at z.co.uk over the last two years.  This same person would exist 
only once as mperson in AD.

I think that this is why I often get this error when someone emails the 
system.
[info]: RT::Authen::ExternalAuth::CanonicalizeUserInfo returning 
Comments: Autocreated on ticket submission, Disabled: 0, EmailAddress: 
me.person at z.xo.uk, Name: mperson, Password: , Privileged: 0, RealName: 
(/user/local/share/request-tracker4/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536)
[crit]: User creation failed in mailgateway: Name in use 
(/usr/localshare/request-tracker4/lib/RT/Interface/Email.pm:245)
[warning]: Couldn't load user 'me.person at z.co.uk'. giving up

I am tempted to remove 'Name' from the attr_match_list but I'm not 
exactly sure what will happen.  Additionally the privileged users are 
using their AD username on the GUI login which I guess is the same as 
sAMAccountName.  I have noticed that when open a privileged user opens a 
ticket that RT will attempt to display the users real name or AD 
username rather than their email address, but actually I don't need it 
to do that.

To be honest the only reason for the AD connection is so that I don't 
have to do password management for privileged users.  I don't think that 
I need AD lookup for non-privileged users at all.  Is it easy to have 
one without the other?

I also had a look in Email.pm and under sub CreateUser if has things 
like Name => ( $Username || $Address ), EmailAddress => $Address, 
RealName => $Name which I'm afraid I don't understand.

Can anyone explain to me what "name" actually means in the context of 
the error log "Name in use"?

Can anyone tell me maybe how I get RT to treat the three email addresses 
but same AD username either in a way that RT can handle, or ignore the 
AD username and just use email address, or as three seperate users? or 
if there is some other solution, or if maybe I am barking up the wrong 
tree entirely.

thanks, Philip



More information about the rt-users mailing list