Problem: Unable to authenticate with LDAP in v2.9.109

[guyke01]

Issue

After updating to version v2.9.109 it is not possible anymore to use LDAP Authentication. When TLS is turned on with port 636 a error message 500 will show up at the login page.

When changing TLS to off and change the port to 389 there is a incorrect username or password. When i revert to version v2.9.75 the LDAP connections works with TLS enabled and port 636 configured.

Impact

Web-Frontend (what users interact with)

Installation method

Docker

Database

MySQL

Browser

Microsoft Edge

Semaphore Version

v2.9.109

Ansible Version

N/A. Docker installation.

Logs & errors

time="2024-05-28T05:12:28Z" level=warning msg="unable to read LDAP response packet: read tcp <REDACTED>:44374-><REDACTED>:636: read: connection reset by peer"

Manual installation - system information

No response

Configuration

{
"ldap_enable": true,
"ldap_needtls": true,
"ldap_binddn": "<REDACTED>",
"ldap_bindpassword": "<REDACTED>",
"ldap_server": "<REDACTED>:636",
"ldap_searchdn": "<REDACTED>",
"ldap_searchfilter": "(&(sAMAccountName=%s)(memberOf:1.2.840.113556.1.4.1941:=CN=<REDACTED>))",
"ldap_mappings": {
"dn": "distinguishedName",
"mail": "mail",
"uid": "sAMAccountName",
"cn": "cn"
},
"access_key_encryption": "<REDACTED>",
"cookie_encryption": "<REDACTED>",
"cookie_hash": "<REDACTED>"
}

Additional information

No response

[fiftin]

Hi @guyke01 thank you.

Reproduced the issue. LDAP with SSL works fine on the host machine, but doesn't work in Docker.

[guyke01]

Hi @fiftin,

Good to know that it can reproduced. I've didn't test it on the host itself as you did. Thanks for checking the issue.

[fiftin]

I found out the cause of the problem, it will be fixed ASAP.

[fiftin]

@guyke01 fixed. Pushed v2.9.111-beta.

[guyke01]

@fiftin Thanks for the rapid fix. Can confirm that LDAP(S) is working again in v2.9.111-beta.