I am getting the following error for a user tim.graham@example.com who
is trying to
create a ticket in the help queue. ‘Everyone’ already has the right
to ‘CreateTicket’
for years. It is being triggered by the RT::Authen::ExternalAuth once
in a while.
[Fri Mar 22 21:58:42 2013] [error]: RT could not load a valid user,
and RT’s configuration does not allow
for the creation of a new user for your email.
(/opt/rt3/bin/…/lib/RT/Interface/Email.pm:244)
[Fri Mar 22 21:58:42 2013] [error]: Could not record email: Could not
load a valid user
(/opt/rt3/share/html/REST/1.0/NoAuth/mail-gateway:75)
[Fri Mar 22 22:03:31 2013] [info]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments:
Autocreated on ticket submission, Disabled: , EmailAddress:
tim.graham@example.com, Name: tim.graham@example.com, Password: ,
Privileged: , RealName: Tim Graham
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:651)
[Fri Mar 22 22:03:31 2013] [crit]: User creation failed in
mailgateway: Could not set user info
(/opt/rt3/bin/…/lib/RT/Interface/Email.pm:244)
[Fri Mar 22 22:03:32 2013] [warning]: Couldn’t load user
‘tim.graham@example.com’.giving up
(/opt/rt3/bin/…/lib/RT/Interface/Email.pm:806)
[Fri Mar 22 22:03:32 2013] [crit]: User ‘tim.graham@example.com’
could not be loaded in the mail gateway
(/opt/rt3/bin/…/lib/RT/Interface/Email.pm:244)
[Fri Mar 22 22:03:32 2013] [error]: RT could not load a valid user,
and RT’s configuration does not allow
for the creation of a new user for this email (tim.graham@example.com).
You might need to grant ‘Everyone’ the right ‘CreateTicket’ for the
queue help. (/opt/rt3/bin/…/lib/RT/Interface/Email.pm:244)
[Fri Mar 22 22:03:32 2013] [error]: RT could not load a valid user,
and RT’s configuration does not allow
for the creation of a new user for your email.
(/opt/rt3/bin/…/lib/RT/Interface/Email.pm:244)
[Fri Mar 22 22:03:32 2013] [error]: Could not record email: Could not
load a valid user
(/opt/rt3/share/html/REST/1.0/NoAuth/mail-gateway:75)
Here are some excerpt about the external auth setup
Set( @Plugins, qw( RT::Authen::ExternalAuth ) );
Set($ExternalAuthPriority, [ ‘AD’, ‘MySQL’ ]);
Set($ExternalInfoPriority, [ ‘AD’ ]);
Set($ExternalServiceUsesSSLorTLS, 1);
Set($AutoCreateNonExternalUsers, 0);
Set($ExternalSettings, {
‘AD’ => { ## GENERIC SECTION
‘type’ => ‘ldap’,
‘server’ => ‘ldaps://ldap.internal.com:1636’,
‘verify’ => ‘require’,
‘cafile’ => ‘/opt/rt3/etc/rt.cer’,
‘user’ =>
‘uid=binduid,ou=people,dc=internal,dc=com’,
‘pass’ => ‘secret’,
# search base
‘base’ => ‘ou=People,dc=internal,dc=com’,
‘filter’ => ‘(objectclass=mnetperson)’,
‘d_filter’ =>
‘(employeetype=Personal Secondary)’,
‘tls’ => 1,
‘ssl_version’ => 3,
‘net_ldap_args’ => [ version => 3 ],
‘group_attr_value’ => ‘uid’,
‘attr_match_list’ => [ ‘Name’,
‘EmailAddress’,
],
‘attr_map’ => { ‘Name’ => ‘uid’,
‘EmailAddress’
=> ‘mail’,
‘RealName’ => ‘cn’,
}
},
}
);
I increased the loglevel to debug and tried to create the subject user
and got this error
on the gui
Results:
User could not be created: Could not set user info
and log shows
[Fri Mar 22 23:48:49 2013] [debug]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by
RT::Authen::ExternalAuth
/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
668 with: Address1: , Address2: , AuthSystem: , City: , Comments: ,
ContactInfoSystem: , Country: , Disabled: , EmailAddress:
tim.graham@example.com, EmailEncoding: , ExternalAuthId: ,
ExternalContactInfoId: , FreeformContactInfo: , Gecos: , HomePhone: ,
Lang: , MobilePhone: , Name: tim.graham@example.com, NickName: ,
Organization: , PagerPhone: , Privileged: , RealName: Tim Graham,
Signature: , State: , WebEncoding: , WorkPhone: , Zip:
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:565)
[Fri Mar 22 23:48:49 2013] [debug]: Attempting to get user info using
this external service: AD
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573)
[Fri Mar 22 23:48:49 2013] [debug]: Attempting to use this
canonicalization key: Name
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:587)
[Fri Mar 22 23:48:50 2013] [debug]: LDAP Search === Base:
ou=People,dc=internal,dc=com == Filter:
(&(objectclass=mnetperson)(uid=tim.graham@example.com)) == Attrs:
cn,mail,uid (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:217)
[Fri Mar 22 23:48:50 2013] [debug]: Attempting to use this
canonicalization key: EmailAddress
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:587)
[Fri Mar 22 23:48:50 2013] [debug]: LDAP Search === Base:
ou=People,dc=internal,dc=com == Filter:
(&(objectclass=mnetperson)(mail=tim.graham@example.com)) == Attrs:
cn,mail,uid (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:217)
[Fri Mar 22 23:48:50 2013] [info]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Address1: ,
Address2: , AuthSystem: , City: , Comments: , ContactInfoSystem: ,
Country: , Disabled: , EmailAddress: tim.graham@example.com,
EmailEncoding: , ExternalAuthId: , ExternalContactInfoId: ,
FreeformContactInfo: , Gecos: , HomePhone: , Lang: , MobilePhone: ,
Name: tim.graham@example.com, NickName: , Organization: , PagerPhone:
, Privileged: , RealName: Tim Graham, Signature: , State: ,
WebEncoding: , WorkPhone: , Zip:
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:651)
I could not find that user in the database. Any suggestion?
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
