Ticket not created from external email using external auth

Dear all,
would like to ask you for an expert view on our issue.

We have RT 4.2 with ExternalAuth to LDAP (Microsoft AD) installed. All
seems to work fine. Except the ticket is not created when sending emails
from external email address.
All permissions were setup correctly based on how-to
http://requesttracker.wikia.com/wiki/ItsFinallyInstalledNowWhat .
Thank you for all your help in advance.

These are relevant RT_SiteConfig.pm entries (LDAP auth is working and LDAP
users are created in RT):

Plugin(‘RT::Authen::ExternalAuth’);
Set( $ExternalAuthPriority, [“My_LDAP”] );
Set( $ExternalInfoPriority, [“My_LDAP”] );
Set( $WebRemoteUserAutocreate, 1 );
Set( $UserAutocreateDefaultsOnLogin, { Privileged => 0 } );

We see these messages:

Nov 4 16:13:10 rt-server RT: [30252] Going to create user with address ‘
skupko.sk@gmail.com
(/opt/rt4/sbin/…/lib/RT/Interface/Email/Auth/MailFrom.pm:100)
Nov 4 16:13:10 rt-server RT: [30252]
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by
RT::Authen::ExternalAuth
/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
885 with: Comments: Autocreated on ticket submission, Disabled: ,
EmailAddress: skupko.sk@gmail.com, Name: skupko.sk@gmail.com, Password: ,
Privileged: , RealName: Peter Viskup
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:792)
Nov 4 16:13:10 rt-server RT: [30252] Attempting to get user info using
this external service: My_LDAP
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:800)
Nov 4 16:13:10 rt-server RT: [30252] Attempting to use this
canonicalization key: Name
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:809)
Nov 4 16:13:10 rt-server RT: [30252] LDAP Search === Base:
dc=company,dc=com == Filter: (&(ObjectClass=)(sAMAccountName=
skupko.sk@gmail.com)) == Attrs:
cn,mail,sAMAccountName,displayName,sAMAccountName
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357)
Nov 4 16:13:10 rt-server RT: [30252] Attempting to use this
canonicalization key: EmailAddress
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:809)
Nov 4 16:13:10 rt-server RT: [30252] LDAP Search === Base:
dc=company,dc=com == Filter: (&(ObjectClass=
)(mail=skupko.sk@gmail.com))
== Attrs: cn,mail,sAMAccountName,displayName,sAMAccountName
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:357)
Nov 4 16:13:10 rt-server RT: [30252]
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments:
Autocreated on ticket submission, Disabled: , EmailAddress:
skupko.sk@gmail.com, Name: skupko.sk@gmail.com, Password: , Privileged: ,
RealName: Peter Viskup
Nov 4 16:13:10 rt-server RT: [30252] User could not be created: User
creation failed in mailgateway: Could not set user info
Nov 4 16:13:10 rt-server RT: [30252] Couldn’t load user ‘
skupko.sk@gmail.com’.giving up
Nov 4 16:13:10 rt-server RT: [30252] User could not be loaded: User ‘
skupko.sk@gmail.com’ could not be loaded in the mail gateway
Nov 4 16:13:10 rt-server RT: [30252] Could not load a valid user: RT could
not load a valid user, and RT’s configuration does not allow#012for the
creation of a new user for this email (skupko.sk@gmail.com).#012#012You
might need to grant ‘Everyone’ the right ‘CreateTicket’ for the#012queue
Whitehat.
Nov 4 16:13:10 rt-server RT: [30252] Could not load a valid user: RT could
not load a valid user, and RT’s configuration does not allow#012for the
creation of a new user for your email.
Nov 4 16:13:10 rt-server RT: [30252] Could not record email: Could not
load a valid user

Peter Viskup

Hi,

I think you should add
Set( $AutoCreateNonExternalUsers, 1 );

See

ChrisAm 04.11.2015 um 17:30 schrieb Peter Viskup:

Dear all,
would like to ask you for an expert view on our issue.

We have RT 4.2 with ExternalAuth to LDAP (Microsoft AD) installed. All
seems to work fine. Except the ticket is not created when sending emails
from external email address.
All permissions were setup correctly based on how-to
http://requesttracker.wikia.com/wiki/ItsFinallyInstalledNowWhat .
Thank you for all your help in advance.

These are relevant RT_SiteConfig.pm entries (LDAP auth is working and
LDAP users are created in RT):

Plugin(‘RT::Authen::ExternalAuth’);
Set( $ExternalAuthPriority, [“My_LDAP”] );
Set( $ExternalInfoPriority, [“My_LDAP”] );
Set( $WebRemoteUserAutocreate, 1 );
Set( $UserAutocreateDefaultsOnLogin, { Privileged => 0 } );

Hello,
thank you, Christian, that solved our issue.
Not sure how I could overlooked that option.

PeterOn Wed, Nov 4, 2015 at 5:44 PM, Christian Loos cloos@netcologne.de wrote:

Hi,

I think you should add
Set( $AutoCreateNonExternalUsers, 1 );

See

https://github.com/bestpractical/rt-authen-externalauth/blob/master/lib/RT/Authen/ExternalAuth.pm#L118

Chris

Am 04.11.2015 um 17:30 schrieb Peter Viskup:

Dear all,
would like to ask you for an expert view on our issue.

We have RT 4.2 with ExternalAuth to LDAP (Microsoft AD) installed. All
seems to work fine. Except the ticket is not created when sending emails
from external email address.
All permissions were setup correctly based on how-to
http://requesttracker.wikia.com/wiki/ItsFinallyInstalledNowWhat .
Thank you for all your help in advance.

These are relevant RT_SiteConfig.pm entries (LDAP auth is working and
LDAP users are created in RT):

Plugin(‘RT::Authen::ExternalAuth’);
Set( $ExternalAuthPriority, [“My_LDAP”] );
Set( $ExternalInfoPriority, [“My_LDAP”] );
Set( $WebRemoteUserAutocreate, 1 );
Set( $UserAutocreateDefaultsOnLogin, { Privileged => 0 } );