Skip to content

Clean up LDAP error handling#26875

Merged
zmb3 merged 1 commit intomasterfrom
zmb3/ldap-errors
May 25, 2023
Merged

Clean up LDAP error handling#26875
zmb3 merged 1 commit intomasterfrom
zmb3/ldap-errors

Conversation

@zmb3
Copy link
Copy Markdown
Collaborator

@zmb3 zmb3 commented May 24, 2023

The following error often confuses users:

*ldap.Error LDAP Result Code 1 "Operations Error": 000004DC: LdapErr: DSID-0C090ACD,
comment: In order to perform this operation a successful bind must be completed on the connection.

Since Teleport always uses x509 certs to bind, this error indicates that the Teleport-issued cert is not trusted (which is likely due to Teleport's CA not being imported as a trusted root).

While fixing this, unify the LDAP error handling with a common utility for converting between LDAP error codes and trace errors.

@zmb3 zmb3 requested review from ibeckermayer and smallinsky May 24, 2023 22:19
@github-actions github-actions Bot requested review from avatus and fspmarshall May 24, 2023 22:20
smallinsky
smallinsky approved these changes May 25, 2023
View reviewed changes
Comment thread lib/auth/windows/ldap.go Outdated
@zmb3
Clean up LDAP error handling
840da12 
The following error often confuses users:

    *ldap.Error LDAP Result Code 1 "Operations Error": 000004DC: LdapErr: DSID-0C090ACD,
    comment: In order to perform this operation a successful bind must be completed on the connection.

Since Teleport always uses x509 certs to bind, this error indicates
that the Teleport-issued cert is not trusted (which is likely due to
Teleport's CA not being imported as a trusted root).

While fixing this, unify the LDAP error handling with a common
utility for converting between LDAP error codes and trace errors.
@zmb3 zmb3 force-pushed the zmb3/ldap-errors branch from 0e59b6b to 840da12 Compare May 25, 2023 14:45
@zmb3 zmb3 added this pull request to the merge queue May 25, 2023
Merged via the queue into master with commit b0bee3b May 25, 2023
@zmb3 zmb3 deleted the zmb3/ldap-errors branch May 25, 2023 22:20
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented May 25, 2023

@zmb3 See the table below for backport results.

Branch Result
branch/v11 Create PR
branch/v12 Create PR
branch/v13 Create PR

This was referenced May 26, 2023
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@smallinsky smallinsky smallinsky approved these changes

+1 more reviewer

@ibeckermayer ibeckermayer ibeckermayer approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

size/sm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@zmb3 @ibeckermayer @smallinsky