search

snipe / snipe-it

A free open source IT asset/license management system
https://snipeitapp.com
GNU Affero General Public License v3.0
11.09k stars 3.18k forks source link

LDAP/AD Settings 4.0 Beta #3871

Closed jmartins1 closed 7 years ago

jmartins1 commented 7 years ago

Using the same LDAP settings as in V3.6.6 (Working) Attempted to use same LDAP settings in V4.0-beta (Broken)

capture

rcarterv commented 7 years ago

I am experiencing the same issue. It looks like the test button uses the api route /api/v1/settings/ldaptest and results in a 401 Unauthorized return code.

In exploring further, it looks like the settings need to be saved prior to using the test button(?) so I added debug logging to the SettingsController and found this error when attempting to save the LDAP configuration:

development.DEBUG: {"slack_endpoint":["The slack endpoint format is invalid."], "slack_channel":["The slack channel format is invalid.]}

Interestingly enough, when I tried to setup a slack integration (to see if it would help me get LDAP working) I found this error:

development.DEBUG: {"ldap_server":["The ldap server format is invalid."]}
rcarterv commented 7 years ago

Commenting out the 'slack' validation rules in the /app/Models/Setting.php file lets me save my LDAP settings:

    protected $rules = [
          "brand"     => 'required|min:1|numeric',
          "qr_text"         => 'max:31',
          "logo_img"        => 'mimes:jpeg,bmp,png,gif',
          "alert_email"   => 'email_array',
          "default_currency"   => 'required',
          "locale"   => 'required',
//          "slack_endpoint"   => 'url|required_with:slack_channel',
//          "slack_channel"   => 'regex:/(?<!\w)#\w+/|required_with:slack_endpoint',
//          "slack_botname"   => 'string|nullable',
          ...
          "ldap_server"   => 'sometimes|required_if:ldap_enabled,1|url',
          "ldap_uname"     => 'sometimes|required_if:ldap_enabled,1',
          "ldap_basedn"     => 'sometimes|required_if:ldap_enabled,1',
          "ldap_filter"     => 'sometimes|required_if:ldap_enabled,1',
          "ldap_username_field"     => 'sometimes|required_if:ldap_enabled,1',
          "ldap_fname_field"     => 'sometimes|required_if:ldap_enabled,1',
          "ldap_lname_field"     => 'sometimes|required_if:ldap_enabled,1',
          "ldap_auth_filter_query"     => 'sometimes|required_if:ldap_enabled,1',
          "ldap_version"     => 'sometimes|required_if:ldap_enabled,1',
          "thumbnail_max_h"     => 'numeric|max:500|min:25',
    ];

Now when I click the 'Test LDAP Connection' button I get a 500 Internal Server Error with no logs tied to it (I'm in debug mode).

In the LDAP Documentation it references this command that can be used to sync users that I tried:

php artisan snipeit:ldap-sync

Which produced:

[2017-08-21 17:15:59] development.ERROR: ErrorException: Trying to get property of non-object in /var/www/html/app/Http/Transformers/UsersTransformer.php:37
Stack trace:
#0 /var/www/html/app/Models/Ldap.php(242): App\Models\Ldap::bindAdminToLdap(Resource id #489)
#1 /var/www/html/app/Console/Commands/LdapSync.php(70): App\Models\Ldap::findLdapUsers()
#2 [internal function]: App\Console\Commands\LdapSync->handle()
#3 /var/www/html/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(29): call_user_func_array(Array, Array)
#4 /var/www/html/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(87): Illuminate\Container\BoundMethod::Illuminate\Container\{closure}()
#5 /var/www/html/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(31): Illuminate\Container\BoundMethod::callBoundMethod(Object(Illuminate\Foundation\Application), Array, Object(Closure))
#6 /var/www/html/vendor/laravel/framework/src/Illuminate/Container/Container.php(539): Illuminate\Container\BoundMethod::call(Object(Illuminate\Foundation\Application), Array, Array, NULL)
#7 /var/www/html/vendor/laravel/framework/src/Illuminate/Console/Command.php(182): Illuminate\Container\Container->call(Array)
#8 /var/www/html/vendor/symfony/console/Command/Command.php(264): Illuminate\Console\Command->execute(Object(Symfony\Component\Console\Input\ArgvInput), Object(Illuminate\Console\OutputStyle))
#9 /var/www/html/vendor/laravel/framework/src/Illuminate/Console/Command.php(167): Symfony\Component\Console\Command\Command->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Illuminate\Console\OutputStyle))
#10 /var/www/html/vendor/symfony/console/Application.php(874): Illuminate\Console\Command->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#11 /var/www/html/vendor/symfony/console/Application.php(228): Symfony\Component\Console\Application->doRunCommand(Object(App\Console\Commands\LdapSync), Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#12 /var/www/html/vendor/symfony/console/Application.php(130): Symfony\Component\Console\Application->doRun(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#13 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Console/Kernel.php(122): Symfony\Component\Console\Application->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#14 /var/www/html/artisan(35): Illuminate\Foundation\Console\Kernel->handle(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#15 {main}  
error

I'm still trying to drill down to understand this better.

snipe commented 7 years ago

@jmartins1 - can you be more specific than "broken"? Errors, logs, etc.

@rcarterv:

In exploring further, it looks like the settings need to be saved prior to using the test button(?)

That's correct

jmartins1 commented 7 years ago

Sorry, I'm not a programmer just an end user. If have tried multiple combinations on the LDAP page. Nothing seems to work. These are the exact setting I used on the earlier version and they worked. I have also used these settings on other web apps. On the 4.0 beta version these settings no matter what I use will not pull information from active directory. If you require additional information please tell me how to produce what you're looking for to help troubleshoot this issue.

jmartins1 commented 7 years ago

I'm also not able to save the settings, I receive Error: Please check the form below for errors

snipe commented 7 years ago

@jmartins1 The information we need was in the issue template. Please see the getting help documentation for information on how to turn on debugging, find log files, etc. https://snipe-it.readme.io/docs/getting-help

jmartins1 commented 7 years ago

I am running the latest Beta version of Snipe-IT, latest version of Chrome, and Windows 10 64Bit

snipe commented 7 years ago

@rcarterv 

[2017-08-21 17:15:59] development.ERROR: ErrorException: Trying to get property of non-object in /var/www/html/app/Http/Transformers/UsersTransformer.php:37

That error doesn't really make sense though. Line 37 is:

'department' => ($user->department) ? [
                    'id' => (int) $user->department->id,
                    'name'=> e($user->department->name)
                ]  : null,

That error implies that the user isn't an object, in which case it should trigger that error the first time we reference the user in that transformer.

snipe commented 7 years ago

Can you do a fresh pull and see if today's changes fix anything? I can't reproduce this error at all on my end.

jmartins1 commented 7 years ago

I'd love too... Would you mind telling me where I can download the update? I'm assuming the update instructions apply. New to all this... thanks for your patience :)

⁣Sent from BlueMail ​

On Aug 22, 2017, 2:54 PM, at 2:54 PM, snipe notifications@github.com wrote:

Can you do a fresh pull and see if today's changes fix anything? I can't reproduce this error at all on my end.

-- You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub: https://github.com/snipe/snipe-it/issues/3871#issuecomment-324148856

jmartins1 commented 7 years ago

I downloaded a fresh copy of 4.0 Beta. Please find logs below.

Unauthenticated. C:\wamp\www\snipe-it\vendor\laravel\framework\src\Illuminate\Auth\Middleware\Authenticate.php#66 Illuminate\Auth\AuthenticationException

        }
    }

    throw new AuthenticationException('Unauthenticated.', $guards);
}

}

rcarterv commented 7 years ago

I think a nice UI addition would be a message that indicates that the LDAP settings need to be saved before they can be tested.

Also, some additional logging around saving settings would be nice for troubleshooting..

snipe commented 7 years ago

@rcarterv all of those are planned, but we have to ship v4 first.

rcarterv commented 7 years ago

Good to know- I'll wait for LDAP functionality post-4.0 release.

rcarterv commented 7 years ago

LDAP functionality (minus the test button) now works for me as of 4.0-beta4. Thanks!