Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAP not working on 3.1.1 #1502

Closed
dkremenjas opened this issue Dec 18, 2019 · 3 comments
Closed

LDAP not working on 3.1.1 #1502

dkremenjas opened this issue Dec 18, 2019 · 3 comments
Labels
triage/need-test v3 3.0 version

Comments

@dkremenjas
Copy link

Hi,

just installed the latest version but cannot connect to LDAP.
On the same server I have Syspass 2.1 connecting just fine to the same LDAP directory.
3.1.1 was a clean install, not an upgrade from 2.1, they run in parallel.
I literally copied and pasted LDAP related config params from 2.1 config.xml to 3.1.1 but no luck.
Syspass 2.1 is running on PHP5.6 interpreter, 3.1.1 is running on 7.2.

Thanks
@nuxsmin
Copy link
Owner

nuxsmin commented Dec 21, 2019

Hello, could you provide syspass.log file?. Please follow the guidelines when opening a new issue.

Regards

@dkremenjas
Copy link
Author

dkremenjas commented Dec 22, 2019
edited
Loading

Hi,

I'm sorry I'm new to this.
Below is what's produced in app/config/syspass.log on 3.1.1 on login attempt.
Further below is a relevant part of /var/log/syslog.
Please let me know what other info may be needed to progress this.

Thanks a lot!

<ldapAds>0</ldapAds> <ldapBase>dc=xxxxxxxxx,dc=xx</ldapBase> <ldapBindPass>********</ldapBindPass> <ldapBindUser>cn=admin,dc=xxxxxxxxx,dc=xx</ldapBindUser> <ldapDefaultGroup>1</ldapDefaultGroup> <ldapDefaultProfile>1</ldapDefaultProfile> <ldapEnabled>1</ldapEnabled> <ldapGroup>cn=SysPass,ou=Roles,dc=xxxxxxxxx,dc=xx</ldapGroup> <ldapProxyUser></ldapProxyUser> <ldapServer>localhost</ldapServer> <ldapTlsEnabled>0</ldapTlsEnabled> <ldapType>1</ldapType>

All of the values above are copy/paste from Syspass 2.1 config.xml except for ldapTlsEnabled and ldapType which are not present in 2.1 config file so I just left them as defaults in 3.1.1 config.

[2019-12-22 07:48:42] syspass.INFO: logger {"message":"Extensions checked","caller":"SP\Core\PhpExtensionChecker::checkMandatory"}
[2019-12-22 07:48:42] syspass.INFO: logger {"message":"Loaded icons cache","caller":"SP\Core\UI\Theme::initIcons"}
[2019-12-22 07:48:42] syspass.INFO: logger {"message":"Loaded actions cache","caller":"SP\Core\Acl\Actions::loadCache"}
[2019-12-22 07:48:42] syspass.EXCEPTION: logger {"message":"Connection error (BIND)
#0 /usr/local/sysPass-3.1.1.19121601/lib/SP/Providers/Auth/Ldap/LdapConnection.php(114): SP\Providers\Auth\Ldap\LdapConnection->bind()
#1 /usr/local/sysPass-3.1.1.19121601/lib/SP/Providers/Auth/Ldap/LdapConnection.php(95): SP\Providers\Auth\Ldap\LdapConnection->connectAndBind()
#2 /usr/local/sysPass-3.1.1.19121601/lib/SP/Providers/Auth/Ldap/Ldap.php(96): SP\Providers\Auth\Ldap\LdapConnection->checkConnection()
#3 /usr/local/sysPass-3.1.1.19121601/lib/SP/Providers/Auth/AuthProvider.php(154): SP\Providers\Auth\Ldap\Ldap->factory(Object(SP\Providers\Auth\Ldap\LdapParams),Object(SP\Core\Events\EventDispatcher),Boolean)
#4 /usr/local/sysPass-3.1.1.19121601/lib/SP/Providers/Auth/AuthProvider.php(116): SP\Providers\Auth\AuthProvider->getLdapAuth()
#5 /usr/local/sysPass-3.1.1.19121601/lib/SP/Providers/Auth/AuthProvider.php(97): SP\Providers\Auth\AuthProvider->authLdap()
#6 /usr/local/sysPass-3.1.1.19121601/lib/SP/Services/Auth/LoginService.php(154): SP\Providers\Auth\AuthProvider->doAuth(Object(SP\DataModel\UserLoginData))
#7 /usr/local/sysPass-3.1.1.19121601/app/modules/web/Controllers/LoginController.php(65): SP\Services\Auth\LoginService->doLogin()
#8 [internal function]: SP\Modules\Web\Controllers\LoginController->loginAction()
#9 /usr/local/sysPass-3.1.1.19121601/lib/SP/Bootstrap.php(240): call_user_func_array(Array,Array)
#10 [internal function]: SP\Bootstrap->SP{closure}(Object(Klein\Request),Object(Klein\Response),Object(Klein\ServiceProvider),Object(Klein\App),Object(Klein\Klein),Object(Klein\DataCollection\RouteCollection),Array)
#11 /usr/local/sysPass-3.1.1.19121601/vendor/klein/klein/src/Klein/Klein.php(886): call_user_func(Object(Closure),Object(Klein\Request),Object(Klein\Response),Object(Klein\ServiceProvider),Object(Klein\App),Object(Klein\Klein),Object(Klein\DataCollection\RouteCollection),Array)
#12 /usr/local/sysPass-3.1.1.19121601/vendor/klein/klein/src/Klein/Klein.php(588): Klein\Klein->handleRouteCallback(Object(Klein\Route),Object(Klein\DataCollection\RouteCollection),Array)
#13 /usr/local/sysPass-3.1.1.19121601/lib/SP/Bootstrap.php(464): Klein\Klein->dispatch(Object(Klein\Request))
#14 /usr/local/sysPass-3.1.1.19121601/lib/Base.php(75): SP\Bootstrap->run(Object(DI\Container))
#15 /usr/local/sysPass-3.1.1.19121601/index.php(28): require(String)","caller":"N/A"}

Dec 22 07:48:42 slapd[7761]: conn=1454 fd=11 ACCEPT from IP=127.0.0.1:32866 (IP=127.0.0.1:389)
Dec 22 07:48:42 slapd[7761]: conn=1454 op=0 BIND dn="cn=admin,dc=xxxxxxxxx,dc=xx" method=128
Dec 22 07:48:42 slapd[7761]: conn=1454 op=0 RESULT tag=97 err=49 text=
Dec 22 07:48:42 slapd[7761]: conn=1454 op=1 UNBIND
Dec 22 07:48:42 slapd[7761]: conn=1454 fd=11 closed

@dkremenjas
Copy link
Author

Hi,

further investigation showed a small glitch on LDAP side.
It turned out it was actually properly recognised on Syspass 3.1.1, but not on Syspass 2.1 which made it look like the problem was with Syspass.
I'll close the issue, apologies for false alert.

Regards

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triage/need-test v3 3.0 version
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nuxsmin @dkremenjas