So we’re running 5.0.1 and our users authenticate going through Shibboleth. We have also enabled RT to automatically create these user accounts pulling the attributes of username, email, and Full name. For the most part everything is working fine, although I’ve recently become aware of partially duplicated user accounts. As a example, we might have a user who hits our IDP…logs in with user123…the account gets created, he submits a ticket all good. At some point that user ends up with a partially duplicated account, only his username is actually his email, and the email field is left empty. Tickets that were created seem to be registering against the email username account, so what I’ve had to do is delete the regular account, and rename or provide the proper attributes for the duplicate account. This has happened at least a dozen times thus far, and we’ve only had a fraction of our overall students/employees access the system so far. Which set of logs would contain info on when a user account is created. I’d like to peruse those logs to see if I can find out where things are going sideways
We use SAML for our SSO too. For our staff/students we do a nightly LDAP import to ensure that the accounts exist, just after the central registration nightly batch job is run. That means that if they email in it won’t create another ticket because the email address doesn’t match a user. You might want to check if these duplicate accounts are a result of email transactions and if so if the email address is in a slightly different format coming from Shibboleth as coming from the mail system.