Open frafra opened 5 years ago
HTTP 500 responses
This is a CLI tool, not a web tool. You shouldn't be running this through a web server. Does your web server error log indicate any further details as to what the error is?
All the failing users had a random password with a strange special character. A longer password could be used to improve security.
This tool doesn't read password attributes at all. If you have a specific error message from the tool I'm interested.
If this issue occurs in Gitlab itself after the sync has completed that would be an issue between Gitlab and LDAP. (At this point this tool is no longer involved.)
HTTP 500 responses
This is a CLI tool, not a web tool. You shouldn't be running this through a web server. Does your web server error log indicate any further details as to what the error is?
I am using it as a CLI tool; that error comes from the GitLab web server that does not seems happy to receive such kind of parameter.
All the failing users had a random password with a strange special character. A longer password could be used to improve security.
This tool doesn't read password attributes at all. If you have a specific error message from the tool I'm interested.
Password are generated by this tool, but they does not seem to be valid to GitLab. Modifying the password generator in order to use just a-zA-Z0-9 characters fixes the issue. To reproduce, just spin up a GitLab instance with Docker and synchronize few hundreds users.
If this issue occurs in Gitlab itself after the sync has completed that would be an issue between Gitlab and LDAP. (At this point this tool is no longer involved.)
This issue happens while the tool is creating the new users on GitLab.
Ah ok, I'll raise this issue with Gitlab because none of the characters I've specified are non-ASCII, so shouldn't be a problem.
The randomly used password is never used anyway. As per issue #9 you raised this is only done to satisfy a Gitlab API bug. You always authenticate using the password defined in the directory. (If the random password from this tool works to login that suggests Gitlab isn't binding to LDAP correctly.)
Did the Gitlab API give you any further information than HTTP 500? (Was there an exact message I can reference upstream?)
Hi @frafra,
With the above two commits now available in the master
branch it would be worth trying this out again.
While creating various hundreds of users, I got HTTP 500 responses, so I had to run the tool multiple times. All the failing users had a random password with a strange special character. Removing special characters from the password generator fixes the issue. A longer password could be used to improve security.