Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Fails to discard LDAP search references

See original GitHub issue

Hello Étienne Bersac,

I’m facing one issue with ldap2pg package and I hope you can help to solve it. So, I have several OU in my LDAP structure: Every OU have own Groups and users.

So, I place one of users from different OU to group of other OU and configured LDAP search in this way:

...
- ldap:
    base: dc=f10,dc=cloud
    scope: sub
    filter: |
      (&
      (objectClass=User)
      (memberOf=cn=psql-acl-local-bi-ro,ou=groups,ou=.f100,dc=f10,dc=cloud)
      )
  role:
    name_attribute: sAMAccountName
    options: LOGIN
    parent:
    - ldap_roles
    - acl_local_bi_ro
    comment: "Managed by LDAP"
...

When I make run I’m getting error:

[ldap2pg.manager       INFO] Querying LDAP dc=f10,dc=cloud... (&(objectCla...
[ldap2pg.ldap         DEBUG] Doing: ldapsearch -x -D cn=pgadsync,cn=Users,dc=f10,dc=cloud -W -b dc=f10,dc=cloud -s sub '(&
[ldap2pg.ldap         DEBUG] (objectClass=User)
[ldap2pg.ldap         DEBUG] (memberOf=cn=psql-acl-local-bi-ro,ou=groups,ou=.f100,dc=f10,dc=cloud)
[ldap2pg.ldap         DEBUG] )' sAMAccountName
[ldap2pg.manager      DEBUG] Got 5 entries from LDAP.
[ldap2pg.script       ERROR] Unhandled error:
[ldap2pg.script       ERROR] Traceback (most recent call last):
[ldap2pg.script       ERROR]   File "/usr/local/lib/python3.5/dist-packages/ldap2pg/script.py", line 94, in main
[ldap2pg.script       ERROR]     exit(wrapped_main(config))
[ldap2pg.script       ERROR]   File "/usr/local/lib/python3.5/dist-packages/ldap2pg/script.py", line 70, in wrapped_main
[ldap2pg.script       ERROR]     count = manager.sync(syncmap=config['sync_map'])
[ldap2pg.script       ERROR]   File "/usr/local/lib/python3.5/dist-packages/ldap2pg/manager.py", line 215, in sync
[ldap2pg.script       ERROR]     ldaproles, ldapacl = self.inspect_ldap(syncmap)
[ldap2pg.script       ERROR]   File "/usr/local/lib/python3.5/dist-packages/ldap2pg/manager.py", line 154, in inspect_ldap
[ldap2pg.script       ERROR]     entries = self.query_ldap(**mapping['ldap'])
[ldap2pg.script       ERROR]   File "/usr/local/lib/python3.5/dist-packages/ldap2pg/manager.py", line 46, in query_ldap
[ldap2pg.script       ERROR]     attributes['dn'] = [dn]
[ldap2pg.script       ERROR] TypeError: list indices must be integers or slices, not str
[ldap2pg.script       ERROR] Please file an issue at https://github.com/dalibo/ldap2pg/issues with full log.
[ldap2pg.psql         DEBUG] Closing Postgres connexion to libpq default.

When I run this query manually it is working fine for me:

$ ldapsearch -H ldap://ldap-test.f10.cloud -x -W -D "pgadsync" -b "dc=f10,dc=cloud" -s sub "(&(objectClass=User)(memberOf=cn=psql-acl-local-bi-ro,ou=groups,ou=.f100,dc=f10,dc=cloud))" sAMAccountName
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=f10,dc=cloud> with scope subtree
# filter: (&(objectClass=User)(memberOf=cn=psql-acl-local-bi-ro,ou=groups,ou=.f100,dc=f10,dc=cloud))
# requesting: sAMAccountName
#

# Some user 1, users, .f100, f10.cloud
dn: CN=Some user 1,OU=users,OU=.f100,DC=f10,DC=cloud
sAMAccountName: xx582hj

# Some user 2, users, .f101, f10.cloud
dn: CN=Some user 2,OU=users,OU=.f101,DC=f10,DC=cloud
sAMAccountName: ME335OH

# search reference
ref: ldap://ForestDnsZones.f10.cloud/DC=ForestDnsZones,DC=f10,DC=cloud

# search reference
ref: ldap://DomainDnsZones.f10.cloud/DC=DomainDnsZones,DC=f10,DC=cloud

# search reference
ref: ldap://f10.cloud/CN=Configuration,DC=f10,DC=cloud

# search result
search: 2
result: 0 Success

# numResponses: 6
# numEntries: 2
# numReferences: 3

Could you take a look what is happening here?