Project

General

Profile

Actions

Bug #10493

closed

LDAP broken in 1.8 with $login in account name

Added by Jon Skarpeteig over 9 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
Authentication
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Upgrading from 1.7.4 to 1.8 breaks LDAP logins. It seems to be attributed to a new group feature. Logging in as an internal user, and setting credentials in the UI results in logins never completing.

Problem 1: Foreman should re-use the original bind from the logged in user when looking up groups (instead of relying on predefined credentials as config)
Problem 2: Group lookup is so slow / hangs until browser timeout (!)

Oops, we're sorry but something went wrong

Warning!
Could not bind to ActiveDirectory user DOMAIN\DOMAIN\$login

If you feel this is an error with Foreman itself, please open a new issue with Foreman ticketing system, You would probably need to attach the Full trace and relevant log entries.
LdapFluff::Generic::UnauthenticatedException
Could not bind to ActiveDirectory user DOMAIN\DOMAIN\$login
app/models/auth_sources/auth_source_ldap.rb:97:in `update_usergroups'
app/models/user.rb:193:in `block in try_to_login'
app/models/concerns/foreman/thread_session.rb:72:in `as'
app/models/concerns/foreman/thread_session.rb:78:in `as_anonymous_admin'
app/models/user.rb:191:in `try_to_login'
app/controllers/users_controller.rb:71:in `login'
app/controllers/concerns/application_shared.rb:13:in `set_timezone'
app/models/concerns/foreman/thread_session.rb:32:in `clear_thread'
lib/middleware/catch_json_parse_errors.rb:9:in `call'


Related issues 2 (0 open2 closed)

Related to Foreman - Bug #7369: External user groups should be updated on loginClosedDaniel Lobato Garcia09/05/2014Actions
Related to Foreman - Bug #10340: AD auth hangs while syncing user groups on loginClosedMathieu Parent04/30/2015Actions
Actions

Also available in: Atom PDF