VMware Cloud Community
jet81
Contributor
Contributor
Jump to solution

VIO 3.1 - Can't contact LDAP

I came in this morning unable to log in to Horizon with an LDAP account. This was all functional on Friday and no changes were made over the weekend. Now when someone tries to log in with an LDAP account (backed by AD) I get the below error.

Also, I can ping the AD server from the controller, I can "validate" the AD settings in the vSphere VIO client, and it will return objects. Just any actual logins fail. I can still log with the "local" admin account. Of course this happens the week I have to demo the system...

2018-04-30 15:11:36.413 24362 DEBUG keystone.common.ldap.core [req-96fdc559-40e8-4adb-b0c7-2957c55cef7c - - - - -] LDAP init: url=ldaps://ad.server.com:636 _common_ldap_initialization /usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py:579

2018-04-30 15:11:36.414 24362 DEBUG keystone.common.ldap.core [req-96fdc559-40e8-4adb-b0c7-2957c55cef7c - - - - -] LDAP init: use_tls=False tls_cacertfile=None tls_cacertdir=/etc/keystone/ssl/certs/ tls_req_cert=2 tls_avail=1 _common_ldap_initialization /usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py:583

2018-04-30 15:11:36.415 24362 DEBUG keystone.common.ldap.core [req-96fdc559-40e8-4adb-b0c7-2957c55cef7c - - - - -] LDAP bind: who=ldapquery@domain simple_bind_s /usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py:903

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi [req-96fdc559-40e8-4adb-b0c7-2957c55cef7c - - - - -] {'info': '(unknown error code)', 'desc': "Can't contact LDAP server"}

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi Traceback (most recent call last):

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/wsgi.py", line 249, in __call__

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     result = method(context, **params)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/auth/controllers.py", line 396, in authenticate_for_token

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     self.authenticate(context, auth_info, auth_context)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/auth/controllers.py", line 520, in authenticate

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     auth_context)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/auth/plugins/password.py", line 30, in authenticate

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     user_info = auth_plugins.UserAuthInfo.create(auth_payload, METHOD_NAME)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/auth/plugins/core.py", line 107, in create

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     user_auth_info._validate_and_normalize_auth_data(auth_payload)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/auth/plugins/core.py", line 196, in _validate_and_normalize_auth_data

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     auth_payload)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/auth/plugins/core.py", line 173, in _validate_and_normalize_auth_data

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     user_name, domain_ref['id'])

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/manager.py", line 124, in wrapped

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     __ret_val = __f(*args, **kwargs)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 433, in wrapper

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     return f(self, *args, **kwargs)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 443, in wrapper

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     return f(self, *args, **kwargs)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/dogpile/cache/region.py", line 1053, in decorate

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     should_cache_fn)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/dogpile/cache/region.py", line 657, in get_or_create

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     async_creator) as value:

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/dogpile/core/dogpile.py", line 158, in __enter__

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     return self._enter()

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/dogpile/core/dogpile.py", line 98, in _enter

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     generated = self._enter_create(createdtime)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/dogpile/core/dogpile.py", line 149, in _enter_create

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     created = self.creator()

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/dogpile/cache/region.py", line 625, in gen_value

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     created_value = creator()

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/dogpile/cache/region.py", line 1049, in creator

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     return fn(*arg, **kw)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 902, in get_user_by_name

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     ref = driver.get_user_by_name(user_name, domain_id)

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap.py", line 90, in get_user_by_name

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     return self.user.filter_attributes(self.user.get_by_name(user_name))

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py", line 1532, in get_by_name

2018-04-30 15:11:38.112 24362 ERROR keystone.common.wsgi     res = self.get_all(query)

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py", line 1934, in get_all

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     return super(EnabledEmuMixIn, self).get_all(ldap_filter, hints)

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py", line 1541, in get_all

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     for x in self._ldap_get_all(hints, ldap_filter)]

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/driver_hints.py", line 42, in wrapper

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     return f(self, hints, *args, **kwargs)

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py", line 1497, in _ldap_get_all

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     with self.get_connection() as conn:

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py", line 1291, in get_connection

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     conn.simple_bind_s(user, password)

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py", line 908, in simple_bind_s

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     clientctrls=clientctrls)

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/common/ldap/core.py", line 757, in simple_bind_s

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     with self._get_pool_connection() as conn:

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/contextlib.py", line 17, in __enter__

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     return self.gen.next()

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/ldappool/__init__.py", line 291, in connection

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     conn = self._get_connection(bind, passwd)

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/ldappool/__init__.py", line 244, in _get_connection

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     conn = self._create_connector(bind, passwd)

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/ldappool/__init__.py", line 224, in _create_connector

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi     raise BackendError(str(exc), backend=conn)

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi BackendError: {'info': '(unknown error code)', 'desc': "Can't contact LDAP server"}

2018-04-30 19:03:56.921 2393 ERROR keystone.common.wsgi

Reply
0 Kudos
1 Solution

Accepted Solutions
jet81
Contributor
Contributor
Jump to solution

I was able to solve this by re-configuring VIO the same LDAP configuration settings again and the connection was restored. I don't know why though.

View solution in original post

Reply
0 Kudos
1 Reply
jet81
Contributor
Contributor
Jump to solution

I was able to solve this by re-configuring VIO the same LDAP configuration settings again and the connection was restored. I don't know why though.

Reply
0 Kudos