LDAP issues with AWX

Hi,

I’m facing some issues using LDAP configuration in AWX.

First of all, due to my company policy, I can’t update my containers right now and my AWX version is 2.1.2 which is VERY old… unfortunately right now I am not authorized to update it.

This is my issue :
LDAP is configured and worked fine at least one time : some users was able to connect to AWX through it.

But for some reason, it doesn’t work as it shouid now :

  • People who was able to login during the time it worked are still able to do it.
  • People who never tried to login to AWX can’t do it through LDAP.
  • 6 groups are present in LDAP, rigorously identical, but 3 of them can login, 3 can’t. The only difference is that the last 3 ones were created after the 3 first.
    I tried to get more logs activating DEBUG level in Parameters > System > Logging but I can’t see any logs to help me. I checked in awx_task_1 and awx_web_1 containers, maybe these logs are elsewhere ?

Thank you for your help !

The output of people attempting to log in thru awx through ldap can be found by looking at docker logs awx_web

I can’t find nothing in awx_web logs, I only have these :

[root@awxweb awx]# find / -name “*.log”
/anaconda-post.log
/usr/lib/rpm/rpm.log
/var/lib/awx/supervisord.log
/var/log/yum.log
/var/log/tower/dispatcher.log
/var/log/nginx/access.log
/var/log/nginx/error.log

And nothing in related to LDAP…

No. You have to use docker logs on the awx_web container

Watch the output from it and you will see any messages coming out from it

Oh my bad I didn’t get it ^^
I found these lines when my coworker tried to log in :

2020-10-01 13:32:33,478 WARNING django_auth_ldap Caught LDAPError while authenticating USRTEST: NO_SUCH_OBJECT({‘info’: “0000208D: NameErr: DSID-03100241, problem 2001 (NO_OBJECT), data 0, best match of:\n\t’OU=WMD_ANSIBLE,OU=Applications,DC=groupe,DC=intra,DC=laposte,DC=fr’\n”, ‘matched’: ‘OU=WMD_ANSIBLE,OU=Applications,DC=groupe,DC=intra,DC=laposte,DC=fr’, ‘desc’: ‘No such object’},)
2020-10-01 13:32:33,551 DEBUG django_auth_ldap Authentication failed for USRTEST: user DN/password rejected by LDAP server.

Regards,

user DN/password rejected by LDAP server.

There in lies the problem. You have an incorrect username or password