superset icon indicating copy to clipboard operation
superset copied to clipboard
verified publisher icon apache

"Can't contact LDAP server

Open mujohiddin opened this issue 1 year ago • 1 comments

Bug description

2024-05-07 12:44:49,392:ERROR:flask_appbuilder.security.manager:{'result': -1, 'desc': "Can't contact LDAP server", 'errno': 11, 'ctrls': [], 'info': 'Resource temporarily unavailable'}

How to reproduce the bug

AUTH_TYPE = AUTH_DB AUTH_TYPE = AUTH_LDAP AUTH_USER_REGISTRATION = True AUTH_USER_REGISTRATION_ROLE = "Admin" AUTH_LDAP_SERVER = "ldap://my.uz:389" AUTH_LDAP_USE_TLS = False AUTH_LDAP_BIND_USER = "[email protected]" AUTH_LDAP_BIND_PASSWORD = "*******" AUTH_LDAP_SEARCH = "DC=MY,DC=uz" AUTH_LDAP_UID_FIELD = "sAMAccountName" AUTH_LDAP_FIRSTNAME_FIELD = "givenName" AUTH_LDAP_LASTNAME_FIELD = "sn" AUTH_LDAP_ALLOW_SELF_SIGNED = True AUTH_LDAP_APPEND_DOMAIN = False CUSTOM_SECURITY_MANAGER = SupersetSecurityManager

Hello, I am unable to do the below problem solution, ubunu server it works successfully but, Almalinux is getting this error can you help

@mistercrunch @villebro @michael-s-molina @betodealmeida @john-bodley @rusackas

Screenshots/recordings

No response

Superset version

3.1.2

Python version

3.9

Node version

16

Browser

Chrome

Additional context

No response

Checklist

  • [X] I have searched Superset docs and Slack and didn't find a solution to my problem.
  • [X] I have searched the GitHub issue tracker and didn't find a similar bug report.
  • [X] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section.

mujohiddin avatar May 07 '24 12:05 mujohiddin

To address the LDAP connection issue you're encountering on Almalinux with Superset, follow these targeted steps:

  1. Verify python-ldap Installation: Ensure python-ldap is installed in your Superset environment. Use pip install python-ldap to install it if necessary.

  2. Review LDAP Configuration: Double-check your LDAP settings in superset_config.py to ensure they match those that work on Ubuntu, focusing on server URL, user DN template, and other LDAP-specific settings.

  3. Network and Firewall: Confirm there are no network or firewall restrictions preventing your Almalinux server from reaching the LDAP server. The error "Resource temporarily unavailable" often points to such connectivity issues.

  4. SELinux Policies: On Almalinux, SELinux might be blocking the connection. Use sestatus to check SELinux status and setenforce 0 for testing. If SELinux is the culprit, adjust policies accordingly.

  5. Install LDAP System Libraries: Make sure all necessary LDAP development libraries are installed on your Almalinux server. For Almalinux, you'll need openldap-devel and cyrus-sasl-devel, which can be installed via yum or dnf.

  6. Logs for Additional Insights: Increase the logging level in Superset and review the logs for more detailed error information regarding the LDAP connection failure.

By systematically following these steps, you should be able to pinpoint and resolve the issue preventing LDAP authentication on your Almalinux server. If the problem persists, additional error messages or logs could be helpful for further diagnosis.

Details

Sources


About Dosu This response is meant to be useful and save you time. It is not meant to be a precise solution, but rather a starting point for your own research.

Help me be more useful! Please leave a 👍 if this is helpful and 👎 if it is irrelevant.

To continue the conversation, mention @dosu.

dosubot[bot] avatar May 07 '24 12:05 dosubot[bot]