search

snipe / snipe-it

A free open source IT asset/license management system
https://snipeitapp.com
GNU Affero General Public License v3.0
11.1k stars 3.18k forks source link

Random LDAP Bind Error #13130

Open netlabit opened 1 year ago

netlabit commented 1 year ago

Debug mode

Describe the bug

I configured LDAP with Free IPA when i do Test sync LDAP, it randomly joins correctly.

the same thing happens when i do Test LDAP Login.

Reproduction steps

  1. set "LDAP Authentication query"
  2. try Test sync LDAP, it randomly joins correctly.
  3. try Test LDAP Login. it randomly joins correctly.

Expected behavior

I configured LDAP with Free IPA when i do Test sync LDAP, it randomly joins correctly.

the same thing happens when i do Test LDAP Login.

Screenshots

No response

Snipe-IT Version

Version v6.1.1-pre - build 10727

Operating System

Ubuntu

Web Server

Ubuntu

PHP Version

8.1.2-1ubuntu2.11

Operating System

No response

Browser

No response

Version

No response

Device

No response

Operating System

No response

Browser

No response

Version

No response

Error messages

[01:50:22] LOG.debug: Bind failed
DEBUGLOG
[01:50:22] LOG.debug: Exception was: Could not bind to LDAP: Can't contact LDAP server

when retry test:

[01:51:09] LOG.debug: LDAP search executed successfully.
DEBUGLOG[01:51:09] LOG.debug: okay, at least one more page to go!!!
DEBUGLOG[01:51:09] LOG.debug: Total count is: 10

Additional context

No response

welcome[bot] commented 1 year ago

👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.

snipe commented 1 year ago

If it can't contact the LDAP server, the only thing I can think of would be latency or some oddness within the firewall/network. The requests it makes are all the same from the code code of things.

luvustea commented 1 year ago

Since updating to the above mentioned Version (dockered), we get the "can't contact LDAP server" error constantly. So we cannot add new users. We did not change anything on the firewall.

Really looking forward to a solution here.

luvustea commented 1 year ago

Problem solved here: In the Docker configuration file on our host /etc/docker/daemon.js, the use of IPTables was set to false instead of true.

As a result, Docker did not establish a masquerade rule in the firewall and consequently could not reach the LDAP servers. I cannot tell why the content of the file changed; it used to work, and no manual changes were made on our side.