Problem: Unable to authenticate with LDAP in v2.9.109
guyke01 opened this issue · comments
Issue
After updating to version v2.9.109 it is not possible anymore to use LDAP Authentication. When TLS is turned on with port 636 a error message 500 will show up at the login page.
When changing TLS to off and change the port to 389 there is a incorrect username or password. When i revert to version v2.9.75 the LDAP connections works with TLS enabled and port 636 configured.
Impact
Web-Frontend (what users interact with)
Installation method
Docker
Database
MySQL
Browser
Microsoft Edge
Semaphore Version
v2.9.109
Ansible Version
N/A. Docker installation.
Logs & errors
time="2024-05-28T05:12:28Z" level=warning msg="unable to read LDAP response packet: read tcp <REDACTED>:44374-><REDACTED>:636: read: connection reset by peer"
Manual installation - system information
No response
Configuration
{
"ldap_enable": true,
"ldap_needtls": true,
"ldap_binddn": "<REDACTED>",
"ldap_bindpassword": "<REDACTED>",
"ldap_server": "<REDACTED>:636",
"ldap_searchdn": "<REDACTED>",
"ldap_searchfilter": "(&(sAMAccountName=%s)(memberOf:1.2.840.113556.1.4.1941:=CN=<REDACTED>))",
"ldap_mappings": {
"dn": "distinguishedName",
"mail": "mail",
"uid": "sAMAccountName",
"cn": "cn"
},
"access_key_encryption": "<REDACTED>",
"cookie_encryption": "<REDACTED>",
"cookie_hash": "<REDACTED>"
}
Additional information
No response
Hi @guyke01 thank you.
Reproduced the issue. LDAP with SSL works fine on the host machine, but doesn't work in Docker.
Hi @fiftin,
Good to know that it can reproduced. I've didn't test it on the host itself as you did. Thanks for checking the issue.
I found out the cause of the problem, it will be fixed ASAP.
@guyke01 fixed. Pushed v2.9.111-beta
.