Failure to Create User

Dear All,

I have installed the RT 3.6.5 originally using it’s database (Pg) for
authentication. Initially it went fine with all the features working.

However, I decided to enable authentication of RT through AD (
tradardc02.tra.go.tz) as shown in the attached RT_SiteConfig file. On
choosing the priority I set AD as the primary choice and ‘localhost’ -
meaning the RT database for authentication. Now I am getting the following
errors:

x1 - [Tue Apr 22 12:40:23 2008] [crit]: Failed to create user
rm_kagera@tra.go.tz: Co
uld not set user info (/usr/lib/RT/User_Overlay.pm:617)
[Tue Apr 22 12:40:23 2008] [error]: Could not load create a user with the
email
address ‘rm_kagera@tra.go.tz’ to add as a watcher for ticket 667
(/usr/lib/RT/Ti
cket_Overlay.pm:1424)

x2- [Tue Apr 22 12:51:12 2008] [error]: Invalid type specification in config
tradard
c02.tra.go.tz (/usr/lib/RT/User_Vendor.pm:289)
[Tue Apr 22 12:51:12 2008] [error]: Invalid type specification in config
localho
st (/usr/lib/RT/User_Vendor.pm:289)

Please help to resolve these problems.

With kindest regards,

Emmanuel

RT_SiteConfig-220408.txt (8.28 KB)

Emmanuel Nnko wrote:

Dear All,

I have installed the RT 3.6.5 originally using it’s database (Pg) for
authentication. Initially it went fine with all the features working.

However, I decided to enable authentication of RT through AD
(tradardc02.tra.go.tz http://tradardc02.tra.go.tz) as shown in the
attached RT_SiteConfig file. On choosing the priority I set AD as the
primary choice and ‘localhost’ - meaning the RT database for
authentication. Now I am getting the following errors:

Emmanuel, your RT_SiteConfig is a complete mess. You need to remove ALL
your LDAP related settings and start again from scratch using the
information here:

http://wiki.bestpractical.com/view/ExternalAuth

To start with, you do not specify the hostname of your AD server in
ExternalAuthPriority. ExternalAuthPriority simply defines which config
sets to use from the ExternalSettings directive. If you only have one AD
server, you should only have one entry in ExternalAuthPriority and it
should be a name you choose for your AD server and it should match the
name of a config set in ExternalSettings.

Also, authentication will always fall back to RT. Any user in RT’s
internal database will always be checked if they are not authenticated
out of AD.

Let us know when you’ve fixed it up a bit.
Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com

Emmanuel Nnko wrote:

Mike,

Thanks very much for the response.

However, just to shade some light:

x1- During the initial installation of RT, the RT comes with
RT_Config.pm file that for all customization has to be reflected on
RT_SiteConfig.pm (let me call this file Old/Original) file.

x2- In the file earlier submitted (RT_SiteConfig.pm, also attached)
contains the normal customization for local requirements.

x3- Now, when I installed RT::Authen::ExternalAuth &
RT::Authen::CookieAuth, they came with their RT_SiteConfig.pm file.

x4- Now, the issue is how to integrate these two new RT_SiteConfig.pm
files with the Old/Original RT_SiteConfig.pm file.

Please advise how to integrate them or if I need to do away with the
Old/Original RT_SiteConfig.pm.

You simply copy the contents of those files and paste them into your
RT_SiteConfig.om and then change the values to suit your installation.
IT seems that you have tried to do that, but the paste didn’t work right
and you also have Ldap settings that are for Jim Meyer’s deprecated
User_Local overlay, and not RT::Authen::ExternalAuth. If you have a
setting that has LDAP in it and it doesn’t appear in the example config
that comes with ExternalAuth then you should remove it.

Also, are you sure you want to be using RT::Authen::CookieAuth?

Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com