Unknown attribute u'samaccountname' after drop of attributes parameter in 4.2
See original GitHub issueUnknown attribute u’samaccountname’ after drop of attributes parameter in 4.2
With release 4.2 the attributes parameter was dropped from the ldap part of the configuration. Here this results in in critical Unknown attribute u'samaccountname'
errors directly after the ldap search.
4.1 log
Doing: ldapsearch -x -D cn=mybinduser,ou=Functional Users,ou=Users,ou=IDIV,dc=idiv,dc=de -W -b ou=AAI,dc=idiv,dc=de -s sub '(memberOf:1.2.840.113556.1.4.1941:=cn=g_r_postgres01-KREINITZ_rw,ou=FunctionalGroups,ou=Groups,ou=IDIV,dc=idiv,dc=de)' sAMAccountName
Got 3 entries from LDAP.
Found role redac t. ed from CN=redac ted,OU=German Centre for Integrative Biodiversity Research,OU=Mitarbeiter,OU=AAI,DC=idiv,DC=de sAMAccountName.
[…]
Found ACL item ddl on KREINITZ.* for * to kreinitz_owner (granted) in LDAP.
[…]
4.2 log
Doing: ldapsearch -x -D cn=mybinduser,ou=Functional Users,ou=Users,ou=IDIV,dc=idiv,dc=de -W -b ou=AAI,dc=idiv,dc=de -s sub '(memberOf:1.2.840.113556.1.4.1941:=cn=g_r_postgres01-KREINITZ_rw,ou=FunctionalGroups,ou=Groups,ou=IDIV,dc=idiv,dc=de)' sAMAccountName
[ldap2pg.manager DEBUG] Got 3 entries from LDAP.
[ldap2pg.script CRITICAL] Failed to process CN=redac t. ed,OU=German Centre for Integra: Unknown attribute u'samaccountname'
It might(!) be related to the base search string. The users are in …,ou=AAI,dc… while the groups are in …,ou=IDIV,dc…. Using the dc… as base search string does work for ldapsearch but for some reason not via ldap2pg. With ldapsearch you actually need to omit the ou as it would not find the users which are in the ou=AAI,dc… if the base search string points to ou=IDIV,dc…
[ldap2pg.script CRITICAL] Failed to query LDAP: {'info': '000004DC: LdapErr: DSID-0C09079A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v23f0', 'desc': 'Operations error'}.
Issue Analytics
- State:
- Created 6 years ago
- Comments:11 (5 by maintainers)
Top Results From Across the Web
Get-CsOnlineUser (SkypeForBusiness)
The Get-CsOnlineUser cmdlet returns information about users who have accounts homed on Microsoft Teams or Skype for Business Online.
Read more >smb.conf
The smb.conf file is processed in the following way: The Samba suite's client applications read ... Parameters define the specific attributes of sections....
Read more >Local EAP Authentication on the Wireless LAN Controller ...
This section explains using the LDP utility to identify the specific attributes associated to the user user2. Some of these attributes are used ......
Read more >'Unknown attribute' error in controller - ruby on rails
It is likely that you are using has_secure_password and you have not enabled it correctly. has_secure_password adds two virtual attributes ...
Read more >Apache Karaf Container 4.x - Documentation
Hot deployment: simply drop a file in the deploy directory, Apache Karaf will ... You should see the following information on the command...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I’m getting this issue as well. I debugged the ldap2pg code and I think this is the issue:
https://github.com/dalibo/ldap2pg/blob/1281c3d27cc8403175d1c1b4b7c0e5dac03b139b/ldap2pg/ldap.py#L68
The returned attribute dictionary looks like:
But as you lowercase the
path
it looks for the keysamaccountname
in the attributes dict and returns an error.I have only just started using
ldap2pg
so this may be intentional or I’m using the config wrong, so sorry for the newbie questionforget it, I misread 4.10 as 4.1.0 :-q