Saw in the wild a traceback due an unhandled authentication failure.
{
"source": "ipahealthcheck.ipa.dna",
"check": "IPADNARangeCheck",
"result": "CRITICAL",
"uuid": "f28db15e-15a1-41ab-bb8b-f0003bef7c33",
"when": "20240123200708Z",
"duration": "0.239964",
"kw": {
"exception": "Insufficient access: Invalid credentials",
"traceback": "Traceback (most recent call last):\n File \"/usr/lib/python3.6/site-packages/ipapython/ipaldap.py\", line 1085, in error_handler\n yield\n File \"/usr/lib/python3.6/site-packages/ipapython/ipaldap.py\", line 1257, in gssapi_bind\n '', auth_tokens, server_controls, client_controls)\n File \"/usr/lib64/python3.6/site-packages/ldap/ldapobject.py\", line 476, in sasl_interactive_bind_s\n return self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls),sasl_flags)\n File \"/usr/lib64/python3.6/site-packages/ldap/ldapobject.py\", line 340, in _ldap_call\n reraise(exc_type, exc_value, exc_traceback)\n File \"/usr/lib64/python3.6/site-packages/ldap/compat.py\", line 46, in reraise\n raise exc_value\n File \"/usr/lib64/python3.6/site-packages/ldap/ldapobject.py\", line 324, in _ldap_call\n result = func(*args,*kwargs)\nldap.INVALID_CREDENTIALS: {'result': 49, 'desc': 'Invalid credentials', 'ctrls': []}\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File \"/usr/lib/python3.6/site-packages/ipahealthcheck/core/core.py\", line 56, in run_plugin\n for result in plugin.check():\n File \"/usr/lib/python3.6/site-packages/ipahealthcheck/core/plugin.py\", line 18, in wrapper\n for result in f(args, **kwds):\n File \"/usr/lib/python3.6/site-packages/ipahealthcheck/ipa/dna.py\", line 32, in check\n agmt = replication.ReplicationManager(api.env.realm, api.env.host)\n File \"/usr/lib/python3.6/site-packages/ipaserver/install/replication.py\", line 268, in init\n self.conn.gssapi_bind()\n File \"/usr/lib/python3.6/site-packages/ipapython/ipaldap.py\", line 1257, in gssapi_bind\n '', auth_tokens, server_controls, client_controls)\n File \"/usr/lib64/python3.6/contextlib.py\", line 99, in exit\n self.gen.throw(type, value, traceback)\n File \"/usr/lib/python3.6/site-packages/ipapython/ipaldap.py\", line 1113, in error_handler\n raise errors.ACIError(info=\"%s %s\" % (info, desc))\nipalib.errors.ACIError: Insufficient access: Invalid credentials\n"
}
},
Saw in the wild a traceback due an unhandled authentication failure.
{ "source": "ipahealthcheck.ipa.dna", "check": "IPADNARangeCheck", "result": "CRITICAL", "uuid": "f28db15e-15a1-41ab-bb8b-f0003bef7c33", "when": "20240123200708Z", "duration": "0.239964", "kw": { "exception": "Insufficient access: Invalid credentials", "traceback": "Traceback (most recent call last):\n File \"/usr/lib/python3.6/site-packages/ipapython/ipaldap.py\", line 1085, in error_handler\n yield\n File \"/usr/lib/python3.6/site-packages/ipapython/ipaldap.py\", line 1257, in gssapi_bind\n '', auth_tokens, server_controls, client_controls)\n File \"/usr/lib64/python3.6/site-packages/ldap/ldapobject.py\", line 476, in sasl_interactive_bind_s\n return self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls),sasl_flags)\n File \"/usr/lib64/python3.6/site-packages/ldap/ldapobject.py\", line 340, in _ldap_call\n reraise(exc_type, exc_value, exc_traceback)\n File \"/usr/lib64/python3.6/site-packages/ldap/compat.py\", line 46, in reraise\n raise exc_value\n File \"/usr/lib64/python3.6/site-packages/ldap/ldapobject.py\", line 324, in _ldap_call\n result = func(*args,*kwargs)\nldap.INVALID_CREDENTIALS: {'result': 49, 'desc': 'Invalid credentials', 'ctrls': []}\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File \"/usr/lib/python3.6/site-packages/ipahealthcheck/core/core.py\", line 56, in run_plugin\n for result in plugin.check():\n File \"/usr/lib/python3.6/site-packages/ipahealthcheck/core/plugin.py\", line 18, in wrapper\n for result in f(args, **kwds):\n File \"/usr/lib/python3.6/site-packages/ipahealthcheck/ipa/dna.py\", line 32, in check\n agmt = replication.ReplicationManager(api.env.realm, api.env.host)\n File \"/usr/lib/python3.6/site-packages/ipaserver/install/replication.py\", line 268, in init\n self.conn.gssapi_bind()\n File \"/usr/lib/python3.6/site-packages/ipapython/ipaldap.py\", line 1257, in gssapi_bind\n '', auth_tokens, server_controls, client_controls)\n File \"/usr/lib64/python3.6/contextlib.py\", line 99, in exit\n self.gen.throw(type, value, traceback)\n File \"/usr/lib/python3.6/site-packages/ipapython/ipaldap.py\", line 1113, in error_handler\n raise errors.ACIError(info=\"%s %s\" % (info, desc))\nipalib.errors.ACIError: Insufficient access: Invalid credentials\n" } },