Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

同步LDAP用户报错 #375

Closed
hlilhuang opened this issue Apr 19, 2022 · 9 comments
Closed

同步LDAP用户报错 #375

hlilhuang opened this issue Apr 19, 2022 · 9 comments
Labels
Layer: api Api module related Module: LDAP/MAD ldap/mad related Type: bug Something isn't working

Comments

@hlilhuang
Copy link

hlilhuang commented Apr 19, 2022
edited

第一个问题:同步LDAP用户时报错,报错日志如下:
ldap3.core.exceptions.LDAPAttributeError: invalid attribute type memberOf

ldap3.core.exceptions.LDAPAttributeError: invalid attribute type memberOf
File "/data/bkce/usermgr/api/bkuser/categories/vendors/ldap/adapter.py", line 291, in _fetch_data
bkuser.categories.exceptions.FetchDataFromRemoteFailed: 无法获取用户数据, 请检查配置
@wklken wklken added Type: bug Something isn't working Layer: api Api module related Module: LDAP/MAD ldap/mad related labels Apr 19, 2022
@hlilhuang hlilhuang changed the title 同步LDAP用户报错,LDAP组织架构类是指什么? 同步LDAP用户报错 Apr 19, 2022
@IMBlues
Copy link
Collaborator

IMBlues commented Apr 19, 2022

可以参考 #143 手动修改
也可以参考 #182 做出的修改,在产品上不填写 memberOf 字段即可

@IMBlues IMBlues closed this as completed Apr 19, 2022
@ilovedj2022
Copy link

可以参考 #143 手动修改 也可以参考 #182 做出的修改,在产品上不填写 memberOf 字段即可

社区版6.0.5的版本,“在产品上不填写 memberOf 字段即可”具体怎么操作?

@IMBlues
Copy link
Collaborator

IMBlues commented Apr 20, 2022

image

如果升级到了最新版,这里用户组关联字段是可以不填写的,留空即不同步用户组数据

@ilovedj2022
Copy link

image
UI上没有这个字段的配置,测试连接是正常的,手动点击同步按钮报错ldap3.core.exceptions.LDAPAttributeError: invalid attribute type memberOf

@ilovedj2022
Copy link

组织架构类,这里指的什么,其它工具接ldap都没有要求填组织架构类,也可以正常接入;

@IMBlues
Copy link
Collaborator

IMBlues commented Apr 21, 2022

说白一点,你需要告诉用户管理,哪一个类是代表部门的,不然没法同步组织架构。。。

组织架构类,这里指的什么,其它工具接ldap都没有要求填组织架构类,也可以正常接入;

@ilovedj2022
Copy link

search_filter='(objectClass=organizationalUnit)',测试用这个filter去拉取可以拉到一级部门的OU,拉不到二级部门的OU

@ilovedj2022
Copy link

dn里加上一级部门OU也能拉到二级部门

@ilovedj2022
Copy link

INFO [2022-04-21 14:34:49] bkuser.categories.tasks(ln:16): going to sync Category<2>
INFO [2022-04-21 14:34:49] bkuser.categories.vendors.ldap.client(ln:75): going to search (objectClass=organizationalUnit) from dc=gostart,dc=com
INFO [2022-04-21 14:34:49] bkuser.categories.vendors.ldap.client(ln:75): going to search (objectClass=organizationalUnit) from dc=gostart,dc=com
INFO [2022-04-21 14:34:49] bkuser.categories.vendors.ldap.client(ln:75): going to search (objectClass=inetOrgPerson) from dc=gostart,dc=com
ERROR [2022-04-21 14:34:49] bkuser.categories.vendors.ldap.adapter(ln:290): failed to get users from remote server
Traceback (most recent call last):
File "/data/bkce/usermgr/api/bkuser/categories/vendors/ldap/adapter.py", line 287, in _fetch_data
File "/data/bkce/usermgr/api/bkuser/categories/vendors/ldap/client.py", line 82, in search
File "/data/bkce/.envs/usermgr-api/lib/python3.6/site-packages/ldap3/extend/init.py", line 125, in paged_search
paged_criticality)
File "/data/bkce/.envs/usermgr-api/lib/python3.6/site-packages/ldap3/extend/standard/PagedSearch.py", line 139, in paged_search_accumulator
paged_criticality):
File "/data/bkce/.envs/usermgr-api/lib/python3.6/site-packages/ldap3/extend/standard/PagedSearch.py", line 68, in paged_search_generator
None if cookie is True else cookie)
File "/data/bkce/.envs/usermgr-api/lib/python3.6/site-packages/ldap3/core/connection.py", line 772, in search
raise LDAPAttributeError('invalid attribute type ' + attribute_name_to_check)
ldap3.core.exceptions.LDAPAttributeError: invalid attribute type memberOf

@wklken wklken mentioned this issue Apr 24, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Layer: api Api module related Module: LDAP/MAD ldap/mad related Type: bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@wklken @IMBlues @hlilhuang @ilovedj2022