LDAP ValidationError

Description

After upgrade from 11.3RC2 to 11.3-RELEASE unable to activate LDAP directory service.

report_problem ValidationError
[EFAULT] ldap_update: option error

Error: Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py" , line 583, in do_update
await self.middleware.call( 'ldap.ldap_validate' , new )
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py" , line 1127, in call
app=app, pipes=pipes, job_on_progress_cb=job_on_progress_cb, io_thread=True,
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py" , line 1077, in _call
return await methodobj(*args)
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py" , line 487, in ldap_validate
await self.middleware.call( 'ldap.validate_credentials' , data)
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py" , line 1127, in call
app=app, pipes=pipes, job_on_progress_cb=job_on_progress_cb, io_thread=True,
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py" , line 1091, in _call
return await run_method(methodobj, *args)
File "/usr/local/lib/python3.7/site-packages/middlewared/utils/run_in_thread.py" , line 10, in run_in_thread
return await self.loop.run_in_executor(self.run_in_thread_executor, functools.partial(method, *args, **kwargs))
File "/usr/local/lib/python3.7/site-packages/middlewared/utils/io_thread_pool_executor.py" , line 25, in run
result = self.fn(*self.args, **self.kwargs)
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py" , line 636, in validate_credentials
ret = LDAP.validate_credentials()
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py" , line 137, in validate_credentials
ret = self._open()
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py" , line 197, in _open
ldap.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
File "/usr/local/lib/python3.7/site-packages/ldap/functions.py" , line 103, in set_option
return _ldap_function_call(None,_ldap.set_option,option,invalue)
File "/usr/local/lib/python3.7/site-packages/ldap/functions.py" , line 55, in _ldap_function_call
result = func(args,*kwargs)
ValueError: option errorDuring handling of the above exception, another exception occurred:Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py" , line 130, in call_method
io_thread=False)
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py" , line 1077, in _call
return await methodobj(*args)
File "/usr/local/lib/python3.7/site-packages/middlewared/service.py" , line 302, in update
f '{self._config.namespace}.update' , self, self.do_update, [data]
File "/usr/local/lib/python3.7/site-packages/middlewared/main.py" , line 1077, in _call
return await methodobj(*args)
File "/usr/local/lib/python3.7/site-packages/middlewared/schema.py" , line 960, in nf
return await f(*args, **kwargs)
File "/usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py" , line 585, in do_update
raise ValidationError( 'ldap_update' , str(e))
middlewared.service_exception.ValidationError: [EFAULT] ldap_update: option error

Problem/Justification

None

Impact

None

Linked issues

duplicates

NAS-104849

LDAP certificate validaton error

SmartDraw Connector

Katalon Manual Tests (BETA)

Activity

Show:

Andrew Walker February 3, 2020 at 1:09 PM

Can you generate a debug and attach to this ticket?

Heidi February 3, 2020 at 10:23 AM

Thanks Andrew, now (plain/389) ldap is working again, but as soon as you try to use START_TLS I'm getting this error, seems do be the same as in NAS-104849. I checked ldap.py, it already included #4137. We are using a valid external wildcard. Same settings as our productiv storage running 12.2u1. We are talking to an openLDAP implementation.

Andrew Walker February 1, 2020 at 6:28 AM

Lasse, I was able to confirm a fix for this issue with a couple of other users. I have attached a fixed version of /usr/local/lib/python3.7/site-packages/middlewared/plugins/ldap.py

You can back up the existing copy of the file, replace with the one uploaded in this ticket, and issue "service middlewared onerestart" to resolve the issue.

Bug Clerk February 1, 2020 at 4:59 AM

12.0 PR: https://github.com/freenas/freenas/pull/4164

Bug Clerk January 31, 2020 at 5:46 PM

11.3 PR: https://github.com/freenas/freenas/pull/4163

Complete

Details
Assignee
Andrew Walker
Reporter
Heidi
Labels
Components
Fix versions
11.3-U1
12.0-ALPHA1
Affects versions
11.3-RELEASE
12.0-ALPHA1
Priority
Low

More fields

Katalon Platform

Created January 29, 2020 at 12:22 PM

Updated July 1, 2022 at 4:46 PM

Resolved February 1, 2020 at 4:59 AM

Configure

LDAP ValidationError

Description

Problem/Justification

Impact

Linked issues

duplicates

SmartDraw Connector

Katalon Manual Tests (BETA)

Activity

Andrew Walker February 3, 2020 at 1:09 PM

Heidi February 3, 2020 at 10:23 AM

Andrew Walker February 1, 2020 at 6:28 AM

Bug Clerk February 1, 2020 at 4:59 AM

Bug Clerk January 31, 2020 at 5:46 PM

DetailsAssigneeAndrew WalkerAndrew WalkerReporterHeidiHeidiLabelsLDAPComponentsFix versions11.3-U112.0-ALPHA1Affects versions11.3-RELEASE12.0-ALPHA1PriorityLow

Details

Assignee

Reporter

Labels

Components

Fix versions

Affects versions

Priority

More fieldsTime tracking

More fields

Katalon PlatformLinked Test Cases, Katalon Defect Results, Katalon Studio Test Results

Katalon Platform

Details
Assignee
Andrew Walker
Reporter
Heidi
Labels
Components
Fix versions
11.3-U1
12.0-ALPHA1
Affects versions
11.3-RELEASE
12.0-ALPHA1
Priority
Low

More fields

Katalon Platform