[ZendTo] automationUsers

Massimo Forni Massimo.Forni at turboden.it
Thu Jun 13 15:47:37 BST 2019


You should check if you have the intermediate CA certificate bundled with the public key or in a separate file.


From: ZendTo [mailto:zendto-bounces at zend.to] On Behalf Of Brian Smith via ZendTo
Sent: 13 June 2019 14:28
To: zend.to at neilzone.co.uk
Cc: Brian Smith <brian at lifetrends.com>; ZendTo Users <zendto at zend.to>; Jules Field <Jules at Jul.es>
Subject: Re: [ZendTo] automationUsers

Thank you, that was helpful. Running curl in verbose mode, I get this (slightly altered) output (only IP and URL are changed):

" "https://subdomain.organization.com/req.php"
*   Trying 0.0.0.0...
* TCP_NODELAY set
* Connected to subdomain.organization.com (0.0.0.0) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [223 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [108 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [1717 bytes data]
* TLSv1.2 (OUT), TLS alert, Server hello (2):
} [2 bytes data]
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 0

I’m a bit confused by this since the cert is valid, not self-signed, etc.

Thanks,

Brian

From: zend.to at neilzone.co.uk<mailto:zend.to at neilzone.co.uk> <zend.to at neilzone.co.uk<mailto:zend.to at neilzone.co.uk>>
Sent: Thursday, June 13, 2019 7:13 AM
To: Brian Smith <brian at lifetrends.com<mailto:brian at lifetrends.com>>
Cc: Jules Field <Jules at Jul.es<mailto:Jules at Jul.es>>; ZendTo Users <zendto at zend.to<mailto:zendto at zend.to>>
Subject: Re: [ZendTo] automationUsers

If it helps in debugging it, here's the curl script I use with it, with your anonymised parameters substituted — the bash script is, AFAIK, just doing this behind the scenes:


curl --dump-header - --output /dev/null --silent --data Action=send --data-urlencode uname="auto" --data-urlencode password="the*passw0rD" --data-urlencode senderName="Jane Doe" --data-urlencode senderEmail="jane at email.com<mailto:jane at email.com> " --data-urlencode senderOrg="decoded.legal" --data-urlencode subject="Test Automated Email" --data-urlencode recipName="John Doe'" --data-urlencode recipEmail="john at email.com<mailto:john at email.com>" --data-urlencode note="As requested." "https://zend.orgname.com/req.php<https://urldefense.proofpoint.com/v2/url?u=https-3A__zend.orgname.com_req.php&d=DwMGaQ&c=BhoZNBgU_N7M6f8L4tuvBQ&r=VYKXIp3xrNWb2nnlxuNnzWTAzLHGEEsHiJ4tlqQ7gUI&m=aHpbsfObg2dOJc1KsYiA6QpaxoNiCE7ZLQsK8Kup-zI&s=diDHM7Y71F3jEe69oz24-A3NWmvk3AAhCAbqK0OfaWI&e=>"

curl’s output might help you locate what isn’t working?

Best wishes

Neil

On 13 Jun 2019, at 13:06, Brian Smith <brian at lifetrends.com<mailto:brian at lifetrends.com>> wrote:

I previously tried quoting all of them with the same result. I tried again (single quoting each argument) with debug enabled. The values all look correct. However, it still runs without any kind of error or output when not using --debug. And yes, I ran the upgrade script after installing the beta Debian package. I’ve also confirmed that sending a request via the web interface as a normal user still works as expected.

Thanks again,

Brian


From: Jules Field <Jules at Jul.es<mailto:Jules at Jul.es>>
Sent: Thursday, June 13, 2019 2:19 AM
To: zend.to at neilzone.co.uk<mailto:zend.to at neilzone.co.uk>
Cc: Brian Smith <brian at lifetrends.com<mailto:brian at lifetrends.com>>; ZendTo Users <zendto at zend.to<mailto:zendto at zend.to>>
Subject: Re: [ZendTo] automationUsers

Try running the command with —debug and check that all the values shown are actually what you put on the command line. If you have any quoting problems, that will probably show them up.
--
Jules

On 13 Jun 2019, at 8:14 am, Jules Field <Jules at zend.to<mailto:Jules at zend.to>> wrote:
The other obvious possibility is that in your example you haven’t quoted any of the arguments. If you’ve got anything non-alphanumeric in auto’s password, definitely put it in single quotes.
--
Jules

On 12 Jun 2019, at 9:36 pm, zend.to at neilzone.co.uk<mailto:zend.to at neilzone.co.uk> wrote:

On 12 Jun 2019, at 21:24, Jules Field via ZendTo <zendto at zend.to<mailto:zendto at zend.to>> wrote:


Unfortunately it doesn’t seem to work (I could be doing something wrong). I’ve created a local user using adduser called “auto”. I have “Multi” set under authenticator and authMultiAuthenticators set to “array(‘Local’, ‘LDAP’)”. I’ve also tried swapping the order to LDAP then Local.  This is the command I’m running (with identifying info changed):

/opt/zendto/bin/autorequest -u auto -p the*passw0rD -n ‘Jane Doe’ -e jane at email.com<mailto:jane at email.com> -o OrgName -s 'Test Automated Email' -t 'Note in test automated email.' -N 'John Doe' -E john at email.com<mailto:john at email.com> 'https://zend.orgname.com<https://urldefense.proofpoint.com/v2/url?u=https-3A__zend.orgname.com_&d=DwMGaQ&c=BhoZNBgU_N7M6f8L4tuvBQ&r=VYKXIp3xrNWb2nnlxuNnzWTAzLHGEEsHiJ4tlqQ7gUI&m=aHpbsfObg2dOJc1KsYiA6QpaxoNiCE7ZLQsK8Kup-zI&s=u58yglwfS46S1YgIIWcZ41Th9Mf9ObaFYD7VXBM6N0Y&e=>'

No system logs are created (that I can find) and no errors.

I feel stupid commenting here, since Jules is already on the thread, but have you remembered to add the user to “automationUsers” in preferences.php?


  // You can list multiple usernames here. So different teams using the
  // scriptable requests could be done with different "system accounts" to
  // aid later diagnosis of problems as ZendTo will log the requests
  // against this username.
  'automationUsers' => array('auto'),




Neil

__________


Neil

--
Massimo Forni
ICT Infrastructure Manager

Mobile: +393474110278
________________________________

Turboden S.p.A. I via Cernaia 10 I 25124 Brescia I Italy
t. +390303552001 I f. +390303552011
www.turboden.com<http://www.turboden.com>


Confidentiality notice: this message, together with its attachments, may contain strictly confidential and/or legally privileged information and it is destined solely to the intended addressee(s), who only may use it under his/their responsibility. Opinions, conclusions and other information contained in this message, that do not relate to the official business of this firm, shall be considered as not given or endorsed by it. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. Any use, disclosure, copying or distribution of the contents of this communication by a not-intended recipient or in violation of the purposes of this communication is strictly prohibited and may be unlawful.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20190613/aa7d3d64/attachment-0001.html>


More information about the ZendTo mailing list