Error syncing users: An error occurred while calling https://uaa/Users #467
Comments
|
We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story. The labels on this github issue will be updated when the story is started. |
…ce-users and updated-org-users commands - #467
|
@burgerjeffrey Looks like there was a regression added several versions ago where validation of system domain, userid, password were not being raised as an error. Created a pull request to add this validation back but can be fixed without a new release by ensuring you have set the system domain which appears to be blank. |
…ce-users and updated-org-users commands - #467
|
@burgerjeffrey Also published a develop tag with latest fixes if you want to validate this fixes your issue.
|
I am not understanding where the system domain would be blank, can you explain more about this? |
|
@burgerjeffrey if running via concourse this is exported as an environment variable. Am curious if you use the "develop" tag does this fix your issue and either show an error or work as expected. |
|
@calebwashburn yes, and i did find I have that exported as as environment variable. I will get it tested out, I see develop on the docker hub to make my image from now. |
|
@calebwashburn issue is the same with the develop tag
|
|
@burgerjeffrey I added some information logging to help debug this to print out the system domain and uaa target. This has been re-pushed to develop with the following sha / digest
Let me know if you can re-run with this to help triage this issue. |
|
@calebwashburn looks like those are correct.
Note, only 1 of my 8 CF environments is experiencing this error out of the blue, so wasn't sure where to start or if there is an issue with UAA possibly. |
|
@burgerjeffrey Sorry for the confusion. Didn't realize you had redacted the uaa domain in the error message so this is what I was trying to track down. Let me add more context to uaa errors and have you retest.
|
|
@calebwashburn this is the results form your addtional context added:
|
|
@burgerjeffrey Sorry for all the back and forth but the underlying UAA client library cf-mgmt leverages is swallowing the error unless we turn on verbosity, which I have set to true in this build to see what is actually the error when calling UAA to guide us to figuring out resolution.
|
|
@calebwashburn my issue is now resolved. I was able to use the uaa-go cli to resolve the issue on UAA. The error that provided the clue was update-space-users when it first errored out, saying:
I then used uaa-go cli to remove the user from UAA: to obtain the password to login to UAA: to target UAA: to login to UAA as an admin: get the user: delete the user: I then re-ran the update-org-users and it ran successfully this time: |
|
@burgerjeffrey @calebwashburn We are facing same issue on our foundation when cf-mgmt was updated to 1.0.73. Error: Error syncing users for org , space , role developer: adding ldap users: An error occurred while calling https://uaa./Users] PS: I have edited the error msg for org-name, space-name and uaa endpoint. We don't have uaa-go tool. Please suggest a suitable solution to this. Let us know if this issue is resolved in the later versions of cf-mgmt. |
|
@binayakmohanty will need to add additional context to the uaa errors to help triage this as there is a conflict with what is in uaa so need more specifics in their error message and that library doesn’t share the raw error by default. |
|
We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story. The labels on this github issue will be updated when the story is started. |
|
Hey @calebwashburn , thanks for the reply. But I'm not sure how to add more context to the errors which belongs to uaa-client-library as we are getting the same error from cf-mgmt package. |
|
@binayakmohanty - FYI... Here's a branch with additional logging - https://github.com/vmware-tanzu-labs/cf-mgmt/tree/issue_467_uaa_logging that is the basis for a PR to add that additional context. If able to test there is a new tag for the docker image under |
|
Hey @calebwashburn , Can you provide the link for the cf-mgmt binary with the additional features! |
|
Thanks @calebwashburn for fixing this. |
Using version 1.0.74 of cf-mgmt
Not sure why this started or how it happened but I cannot figure out how to get past this, any help is appreciated.
update-org-users and update-space-users tasks are both failing for this same reason.
update-space-users
Version: [1.0.74], Commit: [93e74cd5ba7a8f0236dc65ed5c0ae780d5f91f74] 2023/12/13 20:42:04 W1213 20:42:04.516024 22 ldap.go:108] No users found under group: sg-app-dg-cf_devint_cmn-role-spcaud 2023/12/13 20:42:04 W1213 20:42:04.721002 22 ldap.go:108] No users found under group: sg-app-dg-cf_devint_cst-role-spcaud 2023/12/13 20:42:04 W1213 20:42:04.86749 22 ldap.go:108] No users found under group: sg-app-dg-cf_devint_inf-role-spcaud 2023/12/13 20:42:05 W1213 20:42:05.036627 22 ldap.go:108] No users found under group: sg-app-dg-cf_devint_inv-role-spcaud 2023/12/13 20:42:06 W1213 20:42:06.279509 22 ldap.go:108] No users found under group: sg-app-dg-cf_devint_prd-role-spcaud 2023/12/13 20:42:06 W1213 20:42:06.36749 22 ldap.go:108] No users found under group: sg-app-dg-cf_int_cmn-role-spcaud 2023/12/13 20:42:06 W1213 20:42:06.458015 22 ldap.go:108] No users found under group: sg-app-dg-cf_int_cst-role-spcaud 2023/12/13 20:42:06 W1213 20:42:06.547021 22 ldap.go:108] No users found under group: sg-app-dg-cf_int_inf-role-spcaud 2023/12/13 20:42:06 W1213 20:42:06.634963 22 ldap.go:108] No users found under group: sg-app-dg-cf_int_inv-role-spcaud 2023/12/13 20:42:06 W1213 20:42:06.907867 22 ldap.go:108] No users found under group: sg-app-dg-cf_int_ord-role-spcaud 2023/12/13 20:42:06 W1213 20:42:06.995384 22 ldap.go:108] No users found under group: sg-app-dg-cf_int_prd-role-spcaud error: got errors processing update space users [Error syncing users for org dev, space X, role developer: adding ldap users: An error occurred while calling https://uaa.sys.<redacted>/Users]update-org-users
Version: [1.0.74], Commit: [93e74cd5ba7a8f0236dc65ed5c0ae780d5f91f74] 2023/12/14 14:13:11 I1214 14:13:11.100913 18 yaml_config.go:535] Using environment provided ldap user <redacted> instead of 2023/12/14 14:13:11 I1214 14:13:11.100983 18 yaml_config.go:546] Using environment provided ldap host <redacted> instead of 2023/12/14 14:13:18 W1214 14:13:18.704188 18 ldap.go:108] No users found under group: sg-app-dg-cf_devint-role-billmgr 2023/12/14 14:13:18 W1214 14:13:18.731803 18 ldap.go:108] No users found under group: sg-app-dg-cf_devint-role-orgaud 2023/12/14 14:13:19 W1214 14:13:19.187882 18 ldap.go:108] No users found under group: sg-app-dg-cf_ft-role-billmgr 2023/12/14 14:13:21 W1214 14:13:21.762141 18 ldap.go:108] No users found under group: sg-app-dg-cf_int-role-billmgr 2023/12/14 14:13:21 W1214 14:13:21.789289 18 ldap.go:108] No users found under group: sg-app-dg-cf_int-role-orgaud error: got errors processing update org users [Error syncing users for org ft role org-manager: adding ldap users: An error occurred while calling https://uaa.sys.<redacted>/Users]The text was updated successfully, but these errors were encountered: