Error creating external user via email

I’m having a strange error when a user sends an email to our RT, or if one of our RT users tries to add an email address as a CC:

[17623] [Wed May 13 16:19:42 2020] [error]: Could not create a new user - EmailAddress-******-RealName–Password-NO-PASSWORD-Name–Comments-Autocreated when added as a watcher (/opt/rt4/sbin/…/lib/RT/User.pm:194)

[17409] [Wed May 13 16:19:44 2020] [warning]: Use of uninitialized value in concatenation (.) or string at /usr/local/share/perl5/Plack/Handler/Apache2.pm line 81. (/usr/local/share/perl5/Plack/Handler/Apache2.pm:81)
[17409] [Wed May 13 16:19:44 2020] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt4/sbin/…/lib/RT/Authen/ExternalAuth.pm:288)
[17409] [Wed May 13 16:19:44 2020] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt4/sbin/…/lib/RT/Authen/ExternalAuth.pm:316)
[17409] [Wed May 13 16:19:44 2020] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt4/share/html/Elements/DoAuth:58)
[17409] [Wed May 13 16:19:44 2020] [debug]: Attempting to use external auth service: My_LDAP (/opt/rt4/sbin/…/lib/RT/Authen/ExternalAuth.pm:288)
[17409] [Wed May 13 16:19:44 2020] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt4/sbin/…/lib/RT/Authen/ExternalAuth.pm:316)
[17409] [Wed May 13 16:19:44 2020] [debug]: Autohandler called ExternalAuth. Response: (0, No User) (/opt/rt4/share/html/Elements/DoAuth:58)
[17623] [Wed May 13 16:19:47 2020] [critical]: Failed to create user **********: Could not create user (/opt/rt4/sbin/…/lib/RT/User.pm:662)
[17623] [Wed May 13 16:19:47 2020] [debug]: About to prepare scrips for transaction #182772 (/opt/rt4/sbin/…/lib/RT/Transaction.pm:189)

A copy of my RT_SiteConfig.pm:

Any configuration directives you include here will override

RT’s default configuration file, RT_Config.pm

To include a directive here, just copy the equivalent statement

from RT_Config.pm and change the value. We’ve included a single

sample value below.

This file is actually a perl module, so you can include valid

perl code, as well.

The converse is also true, if this file isn’t valid perl, you’re

going to run into trouble. To check your SiteConfig file, use

this comamnd:

perl -c /path/to/your/etc/RT_SiteConfig.pm

You must restart your webserver after making changes to this file.

You must install Plugins on your own, this is only an example

of the correct syntax to use when activating them.

There should only be one @Plugins declaration in your config file.

Set($rtname , “site”);
Set($Organization, , “URL”);
Set($MinimumPasswordLength, “5”);
Set($Timezone , ‘US/Eastern’);
Set($DateDateBeforeMonth, 0);
Set($DefaultSummaryRows, 30);
Set($HomePageRefreshInterval, 600);
Set($MaxInlineBody, 100000);

Set($HomepageComponents, [qw(
QuickCreate
MyAdminQueues
MySupportQueues
RefreshHomepage
Dashboards
)]);

Set($DatabaseType , ‘mysql’);
Set($DatabaseHost, ‘localhost’);
Set($DatabaseRTHost, ‘localhost’);
Set($DatabasePort, ‘’);
Set($DatabaseUser, ‘root’);
Set($DatabasePassword, ‘********’);
Set($DatabaseName, ‘rt4’);

Set($OwnerEmail, ‘person@site.com’);
Set($LoopsToRTOwner, 1);

Set($SendmailArguments, “-oi -t -f helpdesk@rt.site.com”);

Set($MaxAttachmentSize, 10000000);

Set(RTAddressRegexp , '\@(rt\.site\.com|rt\.siteglobal\.com)’);
Set($CorrespondAddress, ‘correspond@URL’);
Set($CommentAddress, ‘comment@URL’);
Set($UseFriendlyFromLine, 1);
Set($FriendlyFromLineFormat, “”%s" <%s> “);
Set($UseFriendlyToLine, 0);
Set($FriendlyToLineFormat, “”%s Ticket #%s”:;");

Set($NotifyActor, 0);
Set($RecordOutgoingEmail, 1);

Set($WebPath, ‘’);

Set($MessageBoxWidth, 72);
Set($MessageBoxWrap, “HARD”);

Set($MaxInlineBody, 13456);
Set($DefaultSummaryRows, 10);

Set($OldestTransactionsFirst, ‘0’);
Set($ShowTransactionImages, 1);
Set($DateDayBeforeMonth, 0);
Set($AmbiguousDayInPast, 1);
Set($RestrictReferrer, 0);

Set(@ReferrerWhitelist, qw(URL:80));

Set($UserAutocreateDefaultsOnLogin, {Privileged => 1});

Set($LogoURL, ‘/NoAuth/images/logo.png’);
Set($LogoLinkURL, ‘URL*’);
Set($LogoAltText, “site Request Tracker”);

Set($WebBaseURL, ‘URL*’);
Set($WebURL, ‘URL*’);
Set($WebDomain, ‘rt.site.com’);

Set($LogToSTDERR, ‘info’);
Set($LogToFile , ‘debug’); #debug is very noisy
Set($LogDir, ‘/var/log/request-tracker’);
Set($LogToFileNamed , “rt.log”); #log to rt.log

Set($ExternalInfoPriority, [‘My_LDAP’ ]);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalServiceUsesSSLorTLS, 0);

Plugin(‘RT::Authen::ExternalAuth’);

Set($ExternalAuth, 1);

Set($ExternalAuthPriority, [“My_LDAP”]);

Set($ExternalSettings,{
‘My_LDAP’ => {

‘type’ => ‘ldap’,
‘server’ => ‘’,
‘user’ => '
’,
‘pass’ => '
********’,
‘base’ => ‘***********’,

‘filter’ => ‘(&(ObjectCategory=User)(ObjectClass=Person))’,

‘tls’ => 0,
‘ssl_version’ => 3,

‘net_ldap_args’ => [ version => 3 ],
‘attr_match_list’ => [‘Name’,‘EmailAddress’],
‘attr_map’ => { ‘Name’ => ‘sAMAccountName’,
‘EmailAddress’ => ‘mail’,
‘Organization’ => ‘physicalDeliveryOfficeName’,
‘RealName’ => ‘cn’,
‘Gecos’ => ‘sAMAccountName’,
‘WorkPhone’ => ‘telephoneNumber’,
‘Address1’ => ‘streetAddress’,
‘City’ => ‘l’,
‘State’ => ‘st’,
‘Zip’ => ‘postalCode’,
‘Country’ => ‘co’
},

‘group’ => ‘CN=RT,OU=Security Groups,OU=Global Groups,DC=site,DC=com’,
‘group_attr’ => ‘member’,

}
}
);

Set ($HomePageRefreshInterval, 120);

1;

What is your version of RT?

just updated to the latest version: 4.4.4

It could be an issue with using the ExternalAuth plugin:

Plugin(‘RT::Authen::ExternalAuth’);

Since that module was cored in version 4.4.4

Removed and restarted httpd … still the same issue.

[18079] [Wed May 13 19:51:39 2020] [error]: Could not create a new user - RealName-Thomas Kay Photography-Name-tkay@thomaskayphotography.com-EmailAddress-tkay@thomaskayphotography.com-Password-NO-PASSWORD-Comments-Autocreated on ticket submission (/opt/rt4/sbin/…/lib/RT/User.pm:194)
[18079] [Wed May 13 19:51:44 2020] [critical]: Failed to create user tkay@thomaskayphotography.com: Could not create user (/opt/rt4/sbin/…/lib/RT/User.pm:662)
[18079] [Wed May 13 19:51:44 2020] [crit]: Permission Denied: You do not have permission to communicate with RT (/opt/rt4/sbin/…/lib/RT/Interface/Email.pm:705)

That last error is suspect, it looks like it is generated in this block of code:

# None of the GetCurrentUser plugins found a user.  This is
    # rare; some non-Auth::MailFrom authentication plugin which
    # doesn't always return a current user?
    MailError(
        Subject     => "Permission Denied",
        Explanation => "You do not have permission to communicate with RT",
        FAILURE     => 1,
    );

You don’t have any mail plugins from your config, do you have any customizations?

None that I’m aware of. Simply using sendmail and relaying messages to the mailgate system. Used to have some plugins installed, but they’ve been removed over the years.

Just so I am on the same page, for the last log you sent what was the action you did to get that output?

The error on line 194 of User.pm is where stuff is going wrong - the error from line 705 of Email.pm is because the new user with the given email address hasn’t been created so the API calls to get the current user, etc are going to fail. Unfortunately looking at the Create() code around line 194 of User.pm doesn’t give much away - its made a principal_id OK (otherwise the error would be coming from line 183) but SUPER::Create() has failed.

The only thing off the top of my head is whether the MinimiumPasswordLength of 5 in the config is clashing with trying to create a user with no password?