si458
commented
2 months ago this to me sounds like meshcentral is crashing and restarting. in the my server tab under general, click the show error logs, is the anything listed there?
Closed tobias9931 closed 1 month ago
si458
commented
2 months ago this to me sounds like meshcentral is crashing and restarting. in the my server tab under general, click the show error logs, is the anything listed there?
tobias9931
commented
2 months ago tobias9931
commented
2 months ago this to me sounds like meshcentral is crashing and restarting. in the my server tab under general, click the show error logs, is the anything listed there?
No, there are no errors. "Server has no error log."
The server and the MeshCentral dashboard are also there the entire time active and there is no disconnection. Only the active remote connections are all disconnected.
tobias9931
commented
2 months ago si458
commented
2 months ago you didnt really follow the bug template as it has info we need to replicate the issue can u share ur config.json please? what nodejs are you using? how did u install meshcentral? meshcentralinstaller.exe or npm install ?
tobias9931
commented
2 months ago Sorry, here it is
{
"settings": {
"cert": "meshcentral.company.cloud",
"Port": 443,
"RedirPort": 0,
"agentIdleTimeout": 600,
"_maintenanceMode": true,
"webRTC": true,
"WANonly": true,
"amtscanner": false
},
"domaindefaults": {
"title": "company",
"title2": "(ITI)"
},
"domains": {
"": {
"auth": "LDAP",
"ldapoptions": {
"url": [
"ldap://server1.company.inhouse:389/",
"ldap://server2.company.inhouse:389/"
],
"bindDN": "CN=_Mesh Central,OU=Service_Accounts,DC=company,DC=inhouse",
"bindCredentials": "SECRET",
"searchBase": "DC=company,DC=inhouse",
"searchFilter": "(sAMAccountName={{username}})"
},
"ldapsiteadmingroups": "CN=gl_adm_meshcentral,OU=Admin_Groups,OU=Admin_Objects,DC=company,DC=inhouse",
"ldapuserrequiredgroupmembership": [
"CN=gl_adm_meshcentral,OU=Admin_Groups,OU=Admin_Objects,DC=company,DC=inhouse",
"CN=gl_aad_meshcentral_inspection,OU=AAD_Groups,OU=BERG,DC=company,DC=inhouse",
"CN=gl_aad_meshcentral_office,OU=AAD_Groups,OU=BERG,DC=company,DC=inhouse",
"CN=gl_aad_meshcentral_production,OU=AAD_Groups,OU=BERG,DC=company,DC=inhouse",
"CN=gl_aad_meshcentral_external,OU=AAD_Groups,OU=BERG,DC=company,DC=inhouse",
"CN=gl_aad_meshcentral_special,OU=AAD_Groups,OU=BERG,DC=company,DC=inhouse"
],
"ldapsyncwithusergroups": {
"filter": [
"gl_adm_meshcentral",
"gl_aad_meshcentral_inspection",
"gl_aad_meshcentral_production",
"gl_aad_meshcentral_office",
"gl_aad_meshcentral_external",
"gl_aad_meshcentral_special"
]
},
"consentMessages": {
"Title": "company Meshcentral",
"consentTimeout": 60,
"autoAcceptOnTimeout": false,
"desktopnotify": true,
"terminalnotify": true,
"filenotify": true,
"desktopprompt": true,
"terminalprompt": true,
"fileprompt": true,
"desktopprivacybar": true
},
"agentTag": {
"ServerName": 0,
"ServerDesc": 1,
"ServerTags": 3
},
"hidePowerTimeline": true,
"userSessionIdleTimeout": 120,
"userSessionsSort": "Username",
"ldapusername": "sAMAccountName",
"ldapUserKey": "sAMAccountName",
"ldapuseremail": "mail",
"ldapuserrealname": "{{{givenName}}} {{{sn}}}",
"ldapuserphonenumber": "telephoneNumber",
"title": "MeshCentral",
"title2": "company",
"footer": "ITI",
"userAllowedIP": "10.112.0.0/16,10.113.64.0/20,10.138.0.0/16,10.124.0.0/16,10.132.0.0/16,10.116.0.0/16,10.14.2.0/24,10.4.107.0/24",
"autoRemoveInactiveDevices": "5",
"welcomePictureFullScreen": true,
"welcomePicture": "company.jpg",
"agentCustomization": {
"foregroundColor": "200,0,0",
"backgroundColor": "230,189,76"
}
}
}
}Node.js version 18.19.0 On other TEST System Node.js version 20.12.2 Same bug existing.
Installed via meshcentralinstaller.exe
I hope you can reproduce the bug
dmikoss
commented
1 month ago Can confirm this issue in my environment. Remote session disconnects on "New" LDAP user login first time.
dmikoss
commented
1 month ago On turning OFF ldapSyncWithUserGroups - problem is gone. (upd.: because usergroups not updated in this way)
UPD1: @si458, but I am also discovered that disconnect happen on creation new or changing user group (even if the group description only changed)!
UPD2: This issue also occurs if LDAP mode is turned OFF.
si458
commented
1 month ago @dmikoss im just looking at this and i can confirm your finding that indeed if a NEW user logs in while another user has a relay/control in progress they get disconnected? i think its something to do with the users being added to the groups
dmikoss
commented
1 month ago @dmikoss im just looking at this and i can confirm your finding that indeed if a NEW user logs in while another user has a relay/control in progress they get disconnected? i think its something to do with the users being added to the groups
With some experiments, a disconnect happens when creating a new user group or changing a user group. The websocket connection closes.
If we create a user but do not create a user group, there are no disconnects.
I tried to find the problem in the source code but with no luck.
si458
commented
1 month ago i tried changing a usergroup and nothing happened BUT a new user LOGGING IN caused the issue, its to do with the usergroups so dont worry ill get it fixed 👍
EDIT1: MY NOTES:
meshserver.send({ action: 'nodes', skip: (devicePagingState == null) ? 0 : devicePagingState.skip });
causing problem, asking server for nodes, then nodes getting returning and disconnecting?
EDIT2: MY NOTES:
if (currentNode != null) { currentNode = getNodeFromId(currentNode._id); if (currentNode != null) { gotoDevice(currentNode._id, xxcurrentView, true); } else { go(1); } }
causing problem, gotoDevice(currentNode._id, xxcurrentView, true); is causing the disconnect
si458
commented
1 month ago I am still looking into this, and I've found the issue. I just need to try to find a workaround.
Every time we ask for new nodes or get new nodes, say because of a group change, we check if ur looking at a device currently, and if u are, we refresh its view with new information, but this is in turn disconnecting the remote, terminal and files pages, to recreate the canvas, files table and terminal lines too.
Oversally, we dont want to do that.
si458
commented
1 month ago ok so after a few days testing, i think its now fixed! https://github.com/Ylianst/MeshCentral/commit/d2d9f7a13ef442d6134b8e6552368454c938000a
its basically as explained in my above post https://github.com/Ylianst/MeshCentral/issues/6240#issuecomment-2304630028
the where lines in the code which stopped any sessions in progress to help with things, but from my testing no issues at all by simply commenting out the lines and fixing 1 line and away you go!
PS: it also effected any terminal and file transfers too! not just remote control!
Describe the bug All remote sessions are disconnected when a new user, previously unknown to MeshCentral, logs in to MeshCentral via LDAP.
To Reproduce Steps to reproduce the behavior:
At the same time, however, all remote sessions active at that time are suddenly disconnected!
Expected behavior User B should be created, but all remote sessions of other users active at this time should not be disconnected at the same time.
Screenshots
Server Software (please complete the following information):