RT 3.6.6 /w LDAP - Error: "Could not load a valid user"

Yvo_van_Doorn · May 2, 2008, 5:37pm

Hey everyone,

I currently have RT 3.6.6 installed with the LDAP overlay. Everything
has been peachy but a change was recently made by a parting employee
to RT that impacted us negatively. The system no longer creates new
users if they aren’t in RT but are in LDAP. This used to work. For
those that aren’t in RT, they get an error like this one:

Message:
RT could not load a valid user, and RT’s configuration does not allow
for the creation of a new user for this email (nsi@an.okaycompany.com).

You might need to grant ‘Everyone’ the right ‘ReplyToTicket’ for the
queue hr.

The queues do have the proper permissions assigned so that isn’t where
the problem lies.

Here is my RT_SiteConfig.pm file:

Any configuration directives you include here will override

RT’s default configuration file, RT_Config.pm

To include a directive here, just copy the equivalent statement

from RT_Config.pm and change the value. We’ve included a single

sample value below.

This file is actually a perl module, so you can include valid

perl code, as well.

The converse is also true, if this file isn’t valid perl, you’re

going to run into trouble. To check your SiteConfig file, use

this comamnd:

perl -c /path/to/your/etc/RT_SiteConfig.pm

Set( $rtname, ‘cmo’);
Set($DatabasePassword , “rt_pass”);
Set($Organization , “cmo”);
Set($NotifyActor, 1);
Set($WebBaseURL , “http://rt.okaycompany.com”);
Set($ParseNewMessageForTicketCcs, 1);
Set($ParseFollowupMessageForTicketCcs, 1);
Set($Timezone, ‘America/Los_Angeles’);

Set($OwnerEmail , ‘nsi@an.okaycompany.com’);
Set($LoopsToRTOwner , 1);
Set($StoreLoops , undef);
Set($MaxAttachmentSize , 10000000);
Set($TruncateLongAttachments , undef);
Set($DropLongAttachments , undef);
Set($RTAddressRegexp , ‘(((helpdesk)|[a-z]±(support|oncall|todo|tools|system|ne
twork))|@rt|@tickets|@sgrt)’);
Set($CanonicalizeOnCreate , 0);
Set($SenderMustExistInExternalDatabase , false);
Set($CorrespondAddress , ‘RT_CorrespondAddressNotSet’);
Set($CommentAddress , ‘RT_CommentAddressNotSet’);

Set($LogToFileNamed, “/var/log/rt3/rt.log”);
Set($LogToFile, ‘debug’);

Set($AuthMethods, [‘Internal’,‘LDAP’]);
Set($LdapExternalAuth, 1);
Set($LdapExternalInfo, 1);
Set($LdapAutoCreateNonLdapUsers, 0);

Set($LdapAttrMap, {‘Name’ => ‘sAMAccountName’,
‘EmailAddress’ => ‘mail’,
‘Organization’ => ‘physicalDeliveryOfficeName’,
‘RealName’ => ‘cn’,
‘ExternalContactInfoId’ => ‘dn’,
‘ExternalAuthId’ => ‘sAMAccountName’,
‘Gecos’ => ‘sAMAccountName’,
‘WorkPhone’ => ‘telephoneNumber’,
‘Address1’ => ‘streetAddress’,
‘City’ => ‘l’,
‘State’ => ‘st’,
‘Zip’ => ‘postalCode’,
‘Country’ => ‘co’}
);

Set($LdapRTAttrMatchList, [‘ExternalContactInfoId’, ‘Name’,
‘EmailAddress’, ‘RealName’,
‘WorkPhone’, ‘Address2’]
);

Set($LdapEmailAttrMatchList, [‘mail’, ‘mailRoutingAddress’,
‘mailAlternateAddress’]
);

#Set($LdapEmailAttrMatchPrefix, [‘’, ‘SMTP:’] );
Set($LdapEmailAttrMatchPrefix, [‘SMTP:’] );

Set($LdapServer, ‘thecorporateoverloadldapserver.com:3268’);
Set($LdapUser, ‘theaccount’);
Set($LdapPass, ‘thepassword’);
Set($LdapBase, ‘DC=corp,DC=int,DC=corporateoverloard,DC=com’);
Set($LdapUidAttr, ‘sAMAccountName’);
$LdapFilter=“(objectclass=*)”;
Set($LdapSSLVersion, 3);

1;

Here is output from the logs:

[Fri May 2 16:50:19 2008] [debug]: Converting ‘us-ascii’ to ‘utf-8’
for text/plain - [RT #110565] [cmo #70143] [Comment] Supervisor
Changes (/
opt/rt3/lib/RT/I18N.pm:240)
[Fri May 2 16:50:19 2008] [debug]: Found a ticket ID. It’s 70143
(/opt/rt3/lib/RT/Interface/Email.pm:480)
[Fri May 2 16:50:19 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mail=SMTP:payroll@tickets.int.corpoverloard.com =>
EmailAddress: , Name: , RealName: “” (/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:19 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailRoutingAddress=SMTP:payroll@tickets.i
nt.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:19 2008] [debug]: About to think about scrips for
transaction #839194 (/opt/rt3/lib/RT/Transaction_Overlay.pm:167)
[Fri May 2 16:50:19 2008] [debug]: About to prepare scrips for
transaction #839194 (/opt/rt3/lib/RT/Transaction_Overlay.pm:171)
[Fri May 2 16:50:19 2008] [debug]: Found 1 scrips
(/opt/rt3/lib/RT/Scrips_Overlay.pm:365)
[Fri May 2 16:50:19 2008] [debug]: Converting ‘us-ascii’ to ‘utf-8’
for text/plain - [RT #110565] [cmo #70143] [Comment] Supervisor
Changes (/
opt/rt3/lib/RT/I18N.pm:240)
[Fri May 2 16:50:19 2008] [debug]: Found a ticket ID. It’s 70143
(/opt/rt3/lib/RT/Interface/Email.pm:480)
[Fri May 2 16:50:19 2008] [debug]: About to commit scrips for
transaction #839194 (/opt/rt3/lib/RT/Transaction_Overlay.pm:180)
[Fri May 2 16:50:20 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailAlternateAddress=SMTP:payroll@tickets
.int.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:20 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mail=SMTP:payroll@tickets.int.corpoverloard.com =>
EmailAddress: , Name: , RealName: “” (/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:20 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
sAMAccountName=payroll@tickets.int.corpoverloard.c
om => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:20 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailRoutingAddress=SMTP:payroll@tickets.i
nt.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:20 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mail=payroll@tickets.int.corpoverloard.com => Ema
ilAddress: , Name: , RealName: “” (/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:20 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailAlternateAddress=SMTP:payroll@tickets
.int.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:20 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
cn=payroll@tickets.int.corpoverloard.com => Email
Address: , Name: , RealName: “” (/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:21 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
sAMAccountName=payroll@tickets.int.corpoverloard.c
om => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:21 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mail=payroll@tickets.int.corpoverloard.com => Ema
ilAddress: , Name: , RealName: “” (/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:21 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
cn=payroll@tickets.int.corpoverloard.com => Email
Address: , Name: , RealName: “” (/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:21 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mail=SMTP:payroll@tickets.int.corpoverloard.com =>
EmailAddress: , Name: , RealName: “” (/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:21 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mail=SMTP:payroll@tickets.int.corpoverloard.com =>
EmailAddress: , Name: , RealName: “” (/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:21 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailRoutingAddress=SMTP:payroll@tickets.i
nt.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:22 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailRoutingAddress=SMTP:payroll@tickets.i
nt.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:22 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailAlternateAddress=SMTP:payroll@tickets
.int.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:22 2008] [crit]: User creation failed in
mailgateway: Could not set user info
(/opt/rt3/lib/RT/Interface/Email.pm:243)
[Fri May 2 16:50:22 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailAlternateAddress=SMTP:payroll@tickets
.int.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:22 2008] [crit]: User creation failed in
mailgateway: Could not set user info
(/opt/rt3/lib/RT/Interface/Email.pm:243)
[Fri May 2 16:50:22 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mail=SMTP:payroll@tickets.int.corpoverloard.com =>
EmailAddress: , Name: , RealName: “” (/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:23 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailRoutingAddress=SMTP:payroll@tickets.i
nt.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:23 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mail=SMTP:payroll@tickets.int.corpoverloard.com =>
EmailAddress: , Name: , RealName: “” (/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:23 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailAlternateAddress=SMTP:payroll@tickets
.int.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:23 2008] [warning]: Couldn’t load user
‘payroll@tickets.int.corpoverloard.com’.giving up
(/opt/rt3/lib/RT/Interface/Email.pm:329)
[Fri May 2 16:50:23 2008] [crit]: User
‘payroll@tickets.int.corpoverloard.com’ could not be loaded in the
mail gateway (/opt/rt3/lib/RT/Interface/Email.
pm:243)
[Fri May 2 16:50:23 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailRoutingAddress=SMTP:payroll@tickets.i
nt.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:23 2008] [error]: RT could not load a valid user,
and RT’s configuration does not allow
for the creation of a new user for this email (nsi@corp.okaycompany.com).

You might need to grant ‘Everyone’ the right ‘ReplyToTicket’ for the
queue hr. (/opt/rt3/lib/RT/Interface/Email.pm:243)
[Fri May 2 16:50:24 2008] [info]: RT::User::LookupExternalUserInfo :
DC=,DC=corp,DC=int,DC=corpoverloard,DC=com
mailAlternateAddress=SMTP:payroll@tickets
.int.corpoverloard.com => EmailAddress: , Name: , RealName: “”
(/opt/rt3/local/lib/RT/User_Local.pm:563)
[Fri May 2 16:50:24 2008] [warning]: Couldn’t load user
‘payroll@tickets.int.corpoverloard.com’.giving up
(/opt/rt3/lib/RT/Interface/Email.pm:329)
[Fri May 2 16:50:24 2008] [crit]: User
‘payroll@tickets.int.corpoverloard.com’ could not be loaded in the
mail gateway (/opt/rt3/lib/RT/Interface/Email.
pm:243)
[Fri May 2 16:50:24 2008] [error]: Could not record email: Could not
load a valid user
(/opt/rt3/share/html/REST/1.0/NoAuth/mail-gateway:75)
[Fri May 2 16:50:24 2008] [error]: RT could not load a valid user,
and RT’s configuration does not allow
for the creation of a new user for this email (nsi@corp.okaycompany.com).

You might need to grant ‘Everyone’ the right ‘ReplyToTicket’ for the
queue hr. (/opt/rt3/lib/RT/Interface/Email.pm:243)

Mike_Peachey · May 2, 2008, 5:40pm

Yvo van Doorn wrote:

Set($LdapUidAttr, ‘sAMAccountName’);
$LdapFilter=“(objectclass=*)”;
Set($LdapSSLVersion, 3);

Set missing from LdapFilter.
Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England

Mike_Peachey · May 2, 2008, 5:50pm

Yvo van Doorn wrote:> On Fri, May 2, 2008 at 10:40 AM, Mike Peachey mike.peachey@jennic.com wrote:

Yvo van Doorn wrote:

Set($LdapUidAttr, ‘sAMAccountName’);
$LdapFilter=“(objectclass=*)”;
Set($LdapSSLVersion, 3);

Set missing from LdapFilter.

Fixed this just now. Would this cause it to error like this?

Difficult to say… it’s all a bit of a mess. Test it.
Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England