XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    ldap user auth doesn't work after update to actual version

    Scheduled Pinned Locked Moved Xen Orchestra
    4 Posts 2 Posters 12 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V Offline
      vmpr
      last edited by vmpr

      Hi everyone, I have a strange problem. I updated our XO from sources last week, and now LDAP auth is not working anymore 😞

      Interesting part is: when I try it on CLI it works 🙂

      /opt/xo/xo-builds/xen-orchestra-202507030450/packages/xo-server-auth-ldap/dist# node test-cli.js
      ? URI ldap://company.zone
      ? fill optional Certificate Authorities? No
      ? fill optional Check certificate? No
      ? fill optional Use StartTLS? No
      ? Base DC=company,DC=zone
      ? fill optional Credentials? Yes
      ? Credentials > dn user@company.zone
      ? Credentials > password XXX
      ? fill optional User filter? Yes
      ? User filter (sAMAccountName={{name}})
      ? ID attribute (sAMAccountName={{name}})
      ? fill optional Synchronize groups? No
      configuration saved in ./ldap.cache.conf
      ? Username rgi
      ? Password [hidden]
      2025-07-07T09:37:18.624Z xo:xo-server-auth-ldap DEBUG attempting to bind with as user@company.zone...
      2025-07-07T09:37:18.668Z xo:xo-server-auth-ldap DEBUG successfully bound as user@company.zone
      2025-07-07T09:37:18.669Z xo:xo-server-auth-ldap DEBUG searching for entries...
      2025-07-07T09:37:18.682Z xo:xo-server-auth-ldap DEBUG 1 entries found
      2025-07-07T09:37:18.682Z xo:xo-server-auth-ldap DEBUG attempting to bind as CN=bla blubb,OU=company,DC=company,DC=zone
      2025-07-07T09:37:18.686Z xo:xo-server-auth-ldap INFO successfully bound as CN=bla blubb,OU=company,DC=company,DC=zone => rgi authenticated
      2025-07-07T09:37:18.687Z xo:xo-server-auth-ldap DEBUG {
      ...
      

      But in the web interface with the same configuration, I get an error 😞

      Screenshot 2025-07-07 at 17.56.50.png

      Code: -32000
      
      Message: could not authenticate user
      
      {
        "message": "could not authenticate user",
        "name": "Error",
        "stack": "Error: could not authenticate user\n    at /opt/xo/xo-builds/xen-orchestra-202507030450/packages/xo-server-auth-ldap/src/index.js:246:15\n    at default.testPlugin (file:///opt/xo/xo-builds/xen-orchestra-202507030450/packages/xo-server/src/xo-mixins/plugins.mjs:290:5)\n    at Xo.test (file:///opt/xo/xo-builds/xen-orchestra-202507030450/packages/xo-server/src/api/plugin.mjs:109:3)\n    at Task.runInside (/opt/xo/xo-builds/xen-orchestra-202507030450/@vates/task/index.js:175:22)\n    at Task.run (/opt/xo/xo-builds/xen-orchestra-202507030450/@vates/task/index.js:159:20)\n    at Api.#callApiMethod (file:///opt/xo/xo-builds/xen-orchestra-202507030450/packages/xo-server/src/xo-mixins/api.mjs:469:18)"
      }
      

      any ideas what could be the problem?

      cheers Ringo

      1 Reply Last reply Reply Quote 0
      • olivierlambertO Offline
        olivierlambert Vates 🪐 Co-Founder CEO
        last edited by

        Hi,

        Can you double check the case for the base and not use caps? (like dc instead of DC)

        V 1 Reply Last reply Reply Quote 0
        • V Offline
          vmpr @olivierlambert
          last edited by

          @olivierlambert sadly that didn't help 😞

          1 Reply Last reply Reply Quote 0
          • olivierlambertO Offline
            olivierlambert Vates 🪐 Co-Founder CEO
            last edited by

            All in all, it's likely related to the fix we did on it "recently" (like 1 or 2 months ago tops).

            Is anyone from XO team could assist? Maybe @pdonias since I think you fixed it? (I can be mistaken though)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post