I believe so,
In /etc/RT_SiteConfig.pm, I have the following at the bottom
require “/opt/rt3/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm”;
If I look at this file I see the following which indicates that external users should be created as internal ones I believe.
Set($ExternalAuthPriority, [ ‘My_LDAP’ ]);
Set($ExternalInfoPriority, [ ‘My_LDAP’ ]);
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings, { # AN EXAMPLE LDAP SERVICE
‘My_LDAP’ => { ## GENERIC SECTION
# The type of service (db/ldap/cookie)
‘type’ => ‘ldap’,
# Should the service be used for authentication?
‘auth’ => 1,
# Should the service be used for information?
‘info’ => 1,
# The server hosting the service
‘server’ => ‘dc.domain.com’,
## SERVICE-SPECIFIC SECTION
# If you can bind to your LDAP server anonymously you should
# remove the user and pass config lines, otherwise specify them here:
# The username RT should use to connect to the LDAP server
‘user’ => ‘username’,
# The password RT should use to connect to the LDAP server
‘pass’ => ‘password’,
# The LDAP search base
‘base’ => ‘dc=domain,dc=com’,
# The filter to use to match RT-Users
‘filter’ => ‘(objectclass=Person)’,
# The filter that will only match disabled users
‘d_filter’ => ‘(userAccountControl:1.2.840.113556.1.4.803:=2)’,
# Should we try to use TLS to encrypt connections?
‘tls’ => 0,
# What other args should I pass to Net::LDAP->new($host,@args)?
‘net_ldap_args’ => [ version => 3 ],
# Does authentication depend on group membership? What group name?
# ‘group’ => ‘Request Tracker Users’,
# What is the attribute for the group object that determines membership?
‘group_attr’ => ‘GROUP_ATTR’,
## RT ATTRIBUTE MATCHING SECTION
# The list of RT attributes that uniquely identify a user
‘attr_match_list’ => [ ‘Name’,
‘EmailAddress’,
‘RealName’,
‘WorkPhone’,
‘Address2’
],
# The mapping of RT attributes on to LDAP attributes
‘attr_map’ => { ‘Name’ => ‘sAMAccountName’,
‘EmailAddress’ => ‘mail’,
‘Organization’ => ‘physicalDeliveryOfficeName’,
‘RealName’ => ‘cn’,
‘ExternalAuthId’ => ‘sAMAccountName’,
‘Gecos’ => ‘sAMAccountName’,
‘WorkPhone’ => ‘telephoneNumber’,
‘Address1’ => ‘streetAddress’,
‘City’ => ‘l’,
‘State’ => ‘st’,
‘Zip’ => ‘postalCode’,
‘Country’ => ‘co’
}
}
}
);
1;From: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Kevin Falcone
Sent: Tuesday, July 19, 2011 11:25 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Error when receiving emails from external (e.g. gmail) accounts
RT is integrated to an internal Microsoft Active Directory Server for
authentication, and no the email addresses are not corporate ones.
(Using Gmail ones etc. to send in emails when they cannot VPN in to
access RT, or their domain credentials are locked out etc.
Do you have RT-Authen-ExternalAuth configured to allow for account creation for emails outside your AD server?
If not, there will never be a current user and this will cause CommandByMail to fail when it tries to find Custom Fields.
Do you actually want external users using CommandByMail? If not, I suggest using the configuration to limit the extension to Privileged or a smaller group of users.
-kevin
The version I believe is 0.07.
Gerrard
-----Original Message-----
From: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Kevin
Falcone
Sent: Monday, July 18, 2011 11:06 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Error when receiving emails from external
(e.g. gmail) accounts
We are receiving an error when non-corporate user accounts send email to our help desk within our production system.
Do these users have RT User records? The error implies that they do not. Also, without knowing what version of RT-Extension-CommandByMail that you’re running, it isn’t possible to look and see what line 484 is doing.
-kevin
We are using version 3.8.7 and are seeing the following error when these emails are received.
This sounds permissions related somehow.
Thanks for any help you can provide.
Gerrard
RT server error.
The RT server which handled your email did not behave as expected.
It
said:
Can’t call method “HasRight” on an undefined value at /opt/rt3/bin/…/lib/RT/User_Overlay.pm line 1277.
Stack:
[/opt/rt3/bin/…/lib/RT/User_Overlay.pm:1277]
[/opt/rt3/bin/…/lib/RT/Queue_Overlay.pm:1223]
[/opt/rt3/bin/…/lib/RT/Queue_Overlay.pm:1188]
[/opt/rt3/bin/…/lib/RT/Queue_Overlay.pm:635]
[/opt/rt3/local/plugins/RT-Extension-CommandByMail/lib/RT/Interface/
Em
ail/Filter/TakeAction.pm:484]
[/opt/rt3/bin/…/lib/RT/Interface/Email.pm:1560]
[/opt/rt3/bin/…/lib/RT/Interface/Email.pm:1377]
[/opt/rt3/share/html/REST/1.0/NoAuth/mail-gateway:61]
“|/etc/smrsh/rt-mailgate --queue IT --action correspond --url
http://rt.domain.com/”… Deferred: prog mailer (/usr/sbin/smrsh)
exited with EX_TEMPFAIL
Warning: message still undelivered after 4 hours Will keep trying
until message is 5 days old Download (untitled)
message/delivery-status 456b
Reporting-MTA: dns; rt.domain.com
Arrival-Date: Thu, 14 Jul 2011 14:46:22 -0400
Original-Recipient: rfc822;btiit@domain.com
Final-Recipient: RFC822; btiit@rt.domain.com
X-Actual-Recipient: X-Unix; |/etc/smrsh/rt-mailgate --queue IT
–action correspond --url http://rt.domain.com/
Action: delayed
Status: 4.2.0
Diagnostic-Code: X-Unix; 75
Last-Attempt-Date: Thu, 14 Jul 2011 19:51:38 -0400
Will-Retry-Until: Tue, 19 Jul 2011 14:46:22 -0400
2011 Training: http://bestpractical.com/services/training.html
2011 Training: http://bestpractical.com/services/training.html