Bug #10493
closedLDAP broken in 1.8 with $login in account name
Description
Upgrading from 1.7.4 to 1.8 breaks LDAP logins. It seems to be attributed to a new group feature. Logging in as an internal user, and setting credentials in the UI results in logins never completing.
Problem 1: Foreman should re-use the original bind from the logged in user when looking up groups (instead of relying on predefined credentials as config)
Problem 2: Group lookup is so slow / hangs until browser timeout (!)
Oops, we're sorry but something went wrong
Warning!
Could not bind to ActiveDirectory user DOMAIN\DOMAIN\$login
If you feel this is an error with Foreman itself, please open a new issue with Foreman ticketing system, You would probably need to attach the Full trace and relevant log entries.
LdapFluff::Generic::UnauthenticatedException
Could not bind to ActiveDirectory user DOMAIN\DOMAIN\$login
app/models/auth_sources/auth_source_ldap.rb:97:in `update_usergroups'
app/models/user.rb:193:in `block in try_to_login'
app/models/concerns/foreman/thread_session.rb:72:in `as'
app/models/concerns/foreman/thread_session.rb:78:in `as_anonymous_admin'
app/models/user.rb:191:in `try_to_login'
app/controllers/users_controller.rb:71:in `login'
app/controllers/concerns/application_shared.rb:13:in `set_timezone'
app/models/concerns/foreman/thread_session.rb:32:in `clear_thread'
lib/middleware/catch_json_parse_errors.rb:9:in `call'