Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[GLPI 11.0.0] Can't authentify and import users via LDAP #18259

Open
2 tasks done
EORIS-SUPPORT opened this issue Nov 7, 2024 · 0 comments
Open
2 tasks done

[GLPI 11.0.0] Can't authentify and import users via LDAP #18259

EORIS-SUPPORT opened this issue Nov 7, 2024 · 0 comments
Assignees
Labels

Comments

@EORIS-SUPPORT
Copy link

EORIS-SUPPORT commented Nov 7, 2024

Code of Conduct

  • I agree to follow this project's Code of Conduct

Is there an existing issue for this?

  • I have searched the existing issues

Version

11.0.0 Alpha

Bug description

Can't connect via LDAP, or import users.

Relevant log output

This appears while trying to initiate a connection

/var/log/apache2/error.log -

Undefined array key "id" in /opt/glpi/instance1/versions/11.0.0/src/Auth.php on line 1062

/var/log/glpi/php-errors.log -

[2024-11-07 10:34:12] glpiphplog.WARNING:   *** PHP Warning (2): Undefined array key "id" in /opt/glpi/instance1/versions/11.0.0/src/Auth.php at line 1062

  Backtrace :

  front/login.php:94                                 Auth->login()

  ...Glpi/Controller/LegacyFileLoadController.php:59 require()

  vendor/symfony/http-kernel/HttpKernel.php:101      Glpi\Controller\LegacyFileLoadController->Glpi\Controller\{closure}()

  ...ymfony/http-foundation/StreamedResponse.php:106 Symfony\Component\HttpKernel\HttpKernel::Symfony\Component\HttpKernel\{closure}()

  vendor/symfony/http-foundation/Response.php:423    Symfony\Component\HttpFoundation\StreamedResponse->sendContent()

  src/Glpi/Kernel/Kernel.php:255                     Symfony\Component\HttpFoundation\Response->send()

  public/index.php:58                                Glpi\Kernel\Kernel->sendResponse()

[2024-11-07 10:34:12] glpiphplog.CRITICAL: Uncaught PHP Exception TypeError: "Glpi\Security\TOTPManager::get2FAEnforcement(): Argument #1 ($users_id) must be of type int, null given, called in /opt/glpi/instance1/versions/11.0.0/src/Auth.php on line 1062" at TOTPManager.php line 386 {"exception":"[object] (TypeError(code: 0): Glpi\\Security\\TOTPManager::get2FAEnforcement(): Argument #1 ($users_id) must be of type int, null given, called in /opt/glpi/instance1/versions/11.0.0/src/Auth.php on line 1062 at /opt/glpi/instance1/versions/11.0.0/src/Glpi/Security/TOTPManager.php:386)"}

[2024-11-07 10:34:12] glpiphplog.CRITICAL:   *** Uncaught Exception TypeError: Glpi\Security\TOTPManager::get2FAEnforcement(): Argument #1 ($users_id) must be of type int, null given, called in /opt/glpi/instance1/versions/11.0.0/src/Auth.php on line 1062 in /opt/glpi/instance1/versions/11.0.0/src/Glpi/Security/TOTPManager.php at line 386

  Backtrace :

  src/Auth.php:1062                                  Glpi\Security\TOTPManager->get2FAEnforcement()

  front/login.php:94                                 Auth->login()

  ...Glpi/Controller/LegacyFileLoadController.php:59 require()

  vendor/symfony/http-kernel/HttpKernel.php:101      Glpi\Controller\LegacyFileLoadController->Glpi\Controller\{closure}()

  ...ymfony/http-foundation/StreamedResponse.php:106 Symfony\Component\HttpKernel\HttpKernel::Symfony\Component\HttpKernel\{closure}()

  vendor/symfony/http-foundation/Response.php:423    Symfony\Component\HttpFoundation\StreamedResponse->sendContent()

  src/Glpi/Kernel/Kernel.php:255                     Symfony\Component\HttpFoundation\Response->send()

  public/index.php:58                                Glpi\Kernel\Kernel->sendResponse()

Page URL

http://glpi11-test.pangolin.local

Steps To reproduce

4 Users created in the active directory:
Image

LDPA Config :
Image

The connection test in the new tab works and show 4 entries that matches the 4 users :
Image

But trying to import users via LDAP in the users menu doesn't work (shows no user to import):
Image

And trying to connect with an active directory user (with the correct credentials) gives this page and generates the log in the section above :
Image

Trying to connect with the wrong credentials gives this page :
Image

Your GLPI setup information

GLPI information
GLPI: 11.0.0-dev (/nosso => /opt/glpi/instance1/versions/11.0.0)
Installation mode: TARBALL
Current language: fr_FR
Server
Operating system: Linux glpi11 6.1.0-25-amd64 #​1 SMP PREEMPT_DYNAMIC Debian 6.1.106-3 (2024-08-26) x86_64

PHP: 8.3.11 apache2handler

PHP extensions: Core, date, libxml, openssl, pcre, zlib, filter, hash, json, random, Reflection, SPL, session, standard, sodium,
apache2handler, mysqlnd, PDO, xml, apcu, bz2, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, iconv,
imap, intl, ldap, exif, mysqli, pdo_mysql, Phar, posix, readline, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm,
tokenizer, xmlreader, xmlrpc, xmlwriter, xsl, zip, Zend OPcache

Setup: max_execution_time="30" memory_limit="128M" post_max_size="8M" safe_mode="" session.save_handler="files"
upload_max_filesize="2M" disable_functions=""

Web server: Apache/2.4.62 (Debian) (Apache/2.4.62 (Debian) Server at glpi11-test.pangolin.local Port 80)

User agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/20100101 Firefox/132.0

Database:

Server Software: Debian 12

Server Version: 10.11.6-MariaDB-0+deb12u1-log

Server SQL Mode: STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

Parameters: glpi@127.0.0.1:3306/glpi10016

Host info: 127.0.0.1 via TCP/IP

Requirements:
PHP version (8.3.11) is supported.
OS and PHP are relying on 64 bits integers.
Sessions configuration is OK.
Allocated memory is sufficient.
Following extensions are installed: dom, fileinfo, filter, libxml, json, simplexml, xmlreader,
xmlwriter.
mysqli extension is installed.
curl extension is installed.
gd extension is installed.
intl extension is installed.
mbstring extension is installed.
zlib extension is installed.
The
constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES is present.
openssl extension is installed.
Database engine version (10.11.6) is
supported.
No files from previous GLPI version
detected.
The log file has been created successfully.
Write access to /opt/glpi/instance1/files/_cache has been validated.
Write access to /opt/glpi/instance1/files/_cron has been validated.
Write access to /opt/glpi/instance1/files has been validated.
Write access to /opt/glpi/instance1/files/_dumps has been validated.
Write access to /opt/glpi/instance1/files/_graphs has been validated.
Write access to /opt/glpi/instance1/files/_lock has been validated.
Write access to /opt/glpi/instance1/files/_pictures has been validated.
Write access to /opt/glpi/instance1/files/_plugins has been validated.
Write access to /opt/glpi/instance1/files/_rss has been validated.
Write access to /opt/glpi/instance1/files/_sessions has been validated.
Write access to /opt/glpi/instance1/files/_tmp has been validated.
Write access to /opt/glpi/instance1/files/_uploads has been validated.

Sessions configuration is secured.
exif extension is installed.
ldap extension is installed.
openssl extension is installed.
Following extensions are installed:
bz2, Phar, zip.
Zend OPcache extension is installed.
Following extensions are
installed: ctype, iconv, sodium.
Write
access to /opt/glpi/instance1/versions/11.0.0/plugins has been validated.
Timezones seems loaded in database.

GLPI constants
GLPI_ROOT: "/opt/glpi/instance1/versions/11.0.0"
GLPI_VERSION: "11.0.0-dev"
GLPI_SCHEMA_VERSION: "11.0.0-dev@01b9107cf173fac8b63e9d5cab7aa7c788721b9b"
GLPI_MIN_PHP: "8.2"
GLPI_MAX_PHP: "8.3"
GLPI_YEAR: "2024"
GLPI_I18N_DIR: "/opt/glpi/instance1/versions/11.0.0/locales"
GLPI_CONFIG_DIR: "/opt/glpi/instance1/config"
GLPI_MARKETPLACE_DIR: "/opt/glpi/instance1/versions/11.0.0/plugins"
GLPI_VAR_DIR: "/opt/glpi/instance1/files"
GLPI_DOC_DIR: "/opt/glpi/instance1/files"
GLPI_CRON_DIR: "/opt/glpi/instance1/files/_cron"
GLPI_DUMP_DIR: "/opt/glpi/instance1/files/_dumps"
GLPI_GRAPH_DIR: "/opt/glpi/instance1/files/_graphs"
GLPI_LOCK_DIR: "/opt/glpi/instance1/files/_lock"
GLPI_PICTURE_DIR: "/opt/glpi/instance1/files/_pictures"
GLPI_PLUGIN_DOC_DIR: "/opt/glpi/instance1/files/_plugins"
GLPI_RSS_DIR: "/opt/glpi/instance1/files/_rss"
GLPI_SESSION_DIR: "/opt/glpi/instance1/files/_sessions"
GLPI_TMP_DIR: "/opt/glpi/instance1/files/_tmp"
GLPI_UPLOAD_DIR: "/opt/glpi/instance1/files/_uploads"
GLPI_CACHE_DIR: "/opt/glpi/instance1/files/_cache"
GLPI_LOG_DIR: "/var/log/glpi"
GLPI_ENVIRONMENT_TYPE: "production"
GLPI_ALLOW_IFRAME_IN_RICH_TEXT: false
GLPI_SERVERSIDE_URL_ALLOWLIST: ["/^(https?|feed):\/\/[^@:]+(\/.*)?$/"]
GLPI_TELEMETRY_URI: "https://telemetry.glpi-project.org"
GLPI_INSTALL_MODE: "TARBALL"
GLPI_NETWORK_MAIL: "glpi@teclib.com"
GLPI_NETWORK_SERVICES: "https://services.glpi-network.com"
GLPI_MARKETPLACE_ENABLE: 3
GLPI_MARKETPLACE_PRERELEASES: true
GLPI_MARKETPLACE_ALLOW_OVERRIDE: true
GLPI_MARKETPLACE_MANUAL_DOWNLOADS: true
GLPI_USER_AGENT_EXTRA_COMMENTS: ""
GLPI_DOCUMENTATION_ROOT_URL: "https://links.glpi-project.org"
GLPI_DISABLE_ONLY_FULL_GROUP_BY_SQL_MODE: "1"
GLPI_AJAX_DASHBOARD: "1"
GLPI_CALDAV_IMPORT_STATE: 0
GLPI_CENTRAL_WARNINGS: "1"
GLPI_TEXT_MAXSIZE: "4000"
GLPI_LOCAL_I18N_DIR: "/opt/glpi/instance1/files/_locales"
GLPI_INVENTORY_DIR: "/opt/glpi/instance1/files/_inventories"
GLPI_THEMES_DIR: "/opt/glpi/instance1/files/_themes"
GLPI_NETWORK_REGISTRATION_API_URL: "https://services.glpi-network.com/api/registration/"
GLPI_MARKETPLACE_PLUGINS_API_URI: "https://services.glpi-network.com/api/marketplace/"
Libraries
symfony/mailer not found
simplepie/simplepie version 1.8.0 in /opt/glpi/instance1/versions/11.0.0/vendor/simplepie/simplepie/src
tecnickcom/tcpdf version 6.7.6 in /opt/glpi/instance1/versions/11.0.0/vendor/tecnickcom/tcpdf
sabre/dav version in /opt/glpi/instance1/versions/11.0.0/vendor/sabre/dav/lib/DAV
sabre/http version in /opt/glpi/instance1/versions/11.0.0/vendor/sabre/http/lib
sabre/uri version in /opt/glpi/instance1/versions/11.0.0/vendor/sabre/uri/lib
sabre/vobject version in /opt/glpi/instance1/versions/11.0.0/vendor/sabre/vobject/lib
laminas/laminas-i18n version in /opt/glpi/instance1/versions/11.0.0/vendor/laminas/laminas-i18n/src
laminas/laminas-json version in /opt/glpi/instance1/versions/11.0.0/vendor/laminas/laminas-json/src
monolog/monolog version in /opt/glpi/instance1/versions/11.0.0/vendor/monolog/monolog/src/Monolog
sebastian/diff version in /opt/glpi/instance1/versions/11.0.0/vendor/sebastian/diff/src
donatj/phpuseragentparser version in /opt/glpi/instance1/versions/11.0.0/vendor/donatj/phpuseragentparser/src/UserAgent
elvanto/litemoji version in /opt/glpi/instance1/versions/11.0.0/vendor/elvanto/litemoji/src
gettext/languages version in /opt/glpi/instance1/versions/11.0.0/vendor/gettext/languages/src
symfony/console version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/console
symfony/config version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/config/Loader
symfony/dependency-injection version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/dependency-injection
symfony/event-dispatcher version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/event-dispatcher
symfony/filesystem version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/filesystem
symfony/framework-bundle version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/framework-bundle
symfony/http-foundation version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/http-foundation
symfony/http-kernel version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/http-kernel
symfony/routing version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/routing
scssphp/scssphp version in /opt/glpi/instance1/versions/11.0.0/vendor/scssphp/scssphp/src
laminas/laminas-mail version in /opt/glpi/instance1/versions/11.0.0/vendor/laminas/laminas-mail/src/Protocol
laminas/laminas-mime version in /opt/glpi/instance1/versions/11.0.0/vendor/laminas/laminas-mime/src
rlanvin/php-rrule version in /opt/glpi/instance1/versions/11.0.0/vendor/rlanvin/php-rrule/src
ramsey/uuid version in /opt/glpi/instance1/versions/11.0.0/vendor/ramsey/uuid/src
phpoffice/phpspreadsheet version in /opt/glpi/instance1/versions/11.0.0/vendor/phpoffice/phpspreadsheet/src/PhpSpreadsheet
psr/log version in /opt/glpi/instance1/versions/11.0.0/vendor/psr/log/src
psr/simple-cache version in /opt/glpi/instance1/versions/11.0.0/vendor/psr/simple-cache/src
psr/cache version in /opt/glpi/instance1/versions/11.0.0/vendor/psr/cache/src
psr/container version in /opt/glpi/instance1/versions/11.0.0/vendor/psr/container/src
league/csv version in /opt/glpi/instance1/versions/11.0.0/vendor/league/csv/src
mexitek/phpcolors version in /opt/glpi/instance1/versions/11.0.0/vendor/mexitek/phpcolors/src/Mexitek/PHPColors
guzzlehttp/guzzle version in /opt/glpi/instance1/versions/11.0.0/vendor/guzzlehttp/guzzle/src
guzzlehttp/psr7 version in /opt/glpi/instance1/versions/11.0.0/vendor/guzzlehttp/psr7/src
glpi-project/inventory_format version in /opt/glpi/instance1/versions/11.0.0/vendor/glpi-project/inventory_format/lib/php
wapmorgan/unified-archive version in /opt/glpi/instance1/versions/11.0.0/vendor/wapmorgan/unified-archive/src
paragonie/sodium_compat version in /opt/glpi/instance1/versions/11.0.0/vendor/paragonie/sodium_compat/src
symfony/cache version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/cache
html2text/html2text version in /opt/glpi/instance1/versions/11.0.0/vendor/html2text/html2text/src
symfony/css-selector version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/css-selector
symfony/dom-crawler version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/dom-crawler
twig/twig version in /opt/glpi/instance1/versions/11.0.0/vendor/twig/twig/src
twig/string-extra version in /opt/glpi/instance1/versions/11.0.0/vendor/twig/string-extra
symfony/polyfill-ctype not found
symfony/polyfill-iconv not found
symfony/polyfill-mbstring not found
symfony/polyfill-php83 not found
league/oauth2-client version in /opt/glpi/instance1/versions/11.0.0/vendor/league/oauth2-client/src/Provider
league/oauth2-google version in /opt/glpi/instance1/versions/11.0.0/vendor/league/oauth2-google/src/Provider
thenetworg/oauth2-azure version in /opt/glpi/instance1/versions/11.0.0/vendor/thenetworg/oauth2-azure/src/Provider
league/commonmark version in /opt/glpi/instance1/versions/11.0.0/vendor/league/commonmark/src/Extension/CommonMark
egulias/email-validator version in /opt/glpi/instance1/versions/11.0.0/vendor/egulias/email-validator/src
symfony/mime not found
apereo/phpcas version in /opt/glpi/instance1/versions/11.0.0/vendor/apereo/phpcas/source
bacon/bacon-qr-code version in /opt/glpi/instance1/versions/11.0.0/vendor/bacon/bacon-qr-code/src
robthree/twofactorauth version in /opt/glpi/instance1/versions/11.0.0/vendor/robthree/twofactorauth/lib
ralouphie/getallheaders not found
symfony/html-sanitizer version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/html-sanitizer
league/oauth2-server version in /opt/glpi/instance1/versions/11.0.0/vendor/league/oauth2-server/src
league/html-to-markdown version in /opt/glpi/instance1/versions/11.0.0/vendor/league/html-to-markdown/src
twig/markdown-extra version in /opt/glpi/instance1/versions/11.0.0/vendor/twig/markdown-extra
webonyx/graphql-php version in /opt/glpi/instance1/versions/11.0.0/vendor/webonyx/graphql-php/src
phpdocumentor/reflection-docblock version in /opt/glpi/instance1/versions/11.0.0/vendor/phpdocumentor/reflection-docblock/src
symfony/property-access version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/property-access
symfony/serializer version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/serializer
symfony/property-info version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/property-info
symfony/error-handler version in /opt/glpi/instance1/versions/11.0.0/vendor/symfony/error-handler
Annuaires LDAP
Server: '192.168.136.226',
Port: '389',
BaseDN: 'OU=Utilisateurs,DC=pangolin,DC=local',
Connection filter: '(&(objectClass=user)(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))',
RootDN: 'CN=Administrateur,CN=Users,DC=pangolin,DC=local',
Use TLS: none
Réplicats SQL
Not active
Notifications
Way of sending emails: PHP

Anything else?

The exact same config works on GLPI 10.0.16.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants