Hi,
I’m trying to set up the CRE docker edition and would like to enable our admins to just login using their FreeIPA accounts. However, when setting up the LDAP connection (using “OpenLDAP” as Directory type with manually specified port and usage of SSL) I get a very non-descriptive error (see below). From the host machine I can do ldapsearch
with the exact parameters and everything seems to work, so I’m wondering, does the docker image contain the necessary libraries to use CMK with LDAP from within a container? Is this supported/tested?
Thanks!
CMK version: Checkmk Raw Edition 2.2.0p21
OS version: Ubuntu 22.04
Error message:
2024-02-21 10:37:02,710 [40] [cmk.web 1669158] Exception (clusteradmins, userdb_job): Traceback (most recent call last):
File "/omd/sites/hpc/lib/python3/cmk/gui/userdb/__init__.py", line 760, in _execute_sync_action
connection.do_sync(
File "/omd/sites/hpc/lib/python3/cmk/gui/userdb/ldap_connector.py", line 1287, in do_sync
ldap_users = self.get_users()
^^^^^^^^^^^^^^^^
File "/omd/sites/hpc/lib/python3/cmk/gui/userdb/ldap_connector.py", line 907, in get_users
for dn, ldap_user in self._ldap_search(
^^^^^^^^^^^^^^^^^^
File "/omd/sites/hpc/lib/python3/cmk/gui/userdb/ldap_connector.py", line 754, in _ldap_search
raise MKLDAPException(
cmk.gui.userdb.ldap_connector.MKLDAPException: Unable to successfully perform the LDAP search (LDAP connection failed:
ldaps://idm.domain.com:636: {'result': -1, 'desc': "Can't contact LDAP server", 'errno': 11, 'ctrls': [], 'info': '(unknown error code)'}
ldaps://idm2.domain.com:636: {'result': -1, 'desc': "Can't contact LDAP server", 'errno': 11, 'ctrls': [], 'info': '(unknown error code)'})