Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAP server error: LDAP Result Code 200 "Network Error": EOF | Login getting failed with 401(Unauthorized) status code #2048

Open
Sanketbhandare opened this issue Mar 27, 2024 · 11 comments
Open

LDAP server error: LDAP Result Code 200 "Network Error": EOF | Login getting failed with 401(Unauthorized) status code #2048

Sanketbhandare opened this issue Mar 27, 2024 · 11 comments
Labels
community triage

Comments

@Sanketbhandare
Copy link

LDAP server error: LDAP Result Code 200 "Network Error": EOF | Login getting failed with 401(Unauthorized) status code

Expected Behavior

Login to Minio console should be working fine with LDAP Identity provider.

Current Behavior

Login to Minio console is getting failed with LDAP Result Code 200 "Network Error": EOF

Possible Solution

No solution. Workaround to access the Minio Console would be to use Built-In Identity provider.

Steps to Reproduce (for bugs)

Context

LDAP / AD Users are unable to login to Minio Console.

Regression

Your Environment

Dev

  • Version used (minio-operator): 5.0.12
  • Environment name and version (e.g. kubernetes v1.17.2): Kubernetes v1.26.4, Helm version v3.12.0
  • Server type and version: AlmaLinux release 8.5 (Arctic Sphynx)
  • Operating System and version (uname -a): Linux dev-yyk8smst1 4.18.0-348.7.1.el8_5.x86_64 Add Minio operator Add Minio operator  #1 SMP Tue Dec 21 13:57:48 EST 2021 x86_64 x86_64 x86_64 GNU/Linux
  • Link to your deployment file:
@jiuker
Copy link
Contributor

jiuker commented Mar 27, 2024

@Sanketbhandare Post your setup steps. plz

@Sanketbhandare
Copy link
Author

  1. Create a new Tenant using Minio Operator
  2. Under Identity Provider Section, Choose "LDAP / Active Directory" option and provide information related to your LDAP server.
  3. Once you provide all the necessary information like Lookup Bind DN, Lookup Bind Password, User DN Search Base DN, User DN Search filter etc.
  4. Once done, save your changes.
  5. Open Minio Console session for newly created tenant & try login to Minio console via your AD Account.
  6. Ideally you should be able to login, But It's failing with above Network Error in our case.

@Sanketbhandare
Copy link
Author

@jiuker Any update on this?

@jiuker jiuker mentioned this issue Apr 12, 2024
Closed
@jiuker jiuker self-assigned this Apr 12, 2024
@jiuker jiuker added bug Something isn't working and removed triage labels Apr 12, 2024
@jiuker
Copy link
Contributor

jiuker commented Apr 12, 2024

Yeah. @Sanketbhandare Found that.

@jiuker
Copy link
Contributor

jiuker commented Apr 12, 2024
edited

Maybe you need config MINIO_IDENTITY_LDAP_SERVER_INSECURE = on

@jiuker jiuker closed this as completed Apr 12, 2024
@jiuker
Copy link
Contributor

jiuker commented Apr 12, 2024

Please follow this https://min.io/docs/minio/linux/reference/minio-server/settings/iam/ldap.html, MINIO_IDENTITY_LDAP_SERVER_INSECURE

@Sanketbhandare
Copy link
Author

@jiuker We've been following the same setting since start, but we're still getting the 401 Unauthorized response.
We're using below config along with base DN & LDAP details(Confidential).

MINIO_IDENTITY_LDAP_GROUP_SEARCH_FILTER: (&(objectclass=groupOfNames)(member=%d))
MINIO_IDENTITY_LDAP_SERVER_INSECURE: on
MINIO_IDENTITY_LDAP_SERVER_STARTTLS: off
MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY: on
MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER: (uid=%s)

Minio Operator version: 5.0.12

Please check and assist us to fix this issue.

@Sanketbhandare
Copy link
Author

@jiuker Please check and assist on this topic? Also, we can reopen this issue. /reopen

@jiuker
Copy link
Contributor

jiuker commented Apr 18, 2024

LDAP_SERVER running with tls or not ? @Sanketbhandare

@jiuker jiuker reopened this Apr 18, 2024
@Sanketbhandare
Copy link
Author

@jiuker LDAP_SERVER is running without tls

@jiuker
Copy link
Contributor

jiuker commented Apr 23, 2024

No idea for that. I can't reproduce that. @Sanketbhandare Check the server's log.

@jiuker jiuker removed their assignment Apr 23, 2024
@jiuker jiuker added triage and removed bug Something isn't working labels Apr 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
community triage
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix:not startTls connect use tls. jiuker/pkg
2 participants
@jiuker @Sanketbhandare