Internal Error on LDAP Auth

Added by Alex Vanino over 6 years ago

I just recently setup Active Directory integration in Redmine. Additionally I also installed the Directory Sync plugin to sync the groups and users. That plugin can be found here: http://www.redmine.org/plugins/redmine_ldap_sync

I've successfully tested the ldap integration by creating a test user, setting it's auth mode to LDAP and logging in as that user. That was successful.

Additionally at Random (About a 50% chance of it happening) I'll get an error on login:
500
execution expired
This also happened during my successful login test above, and is still happening. I have no clue why. If I turn off LDAP integration all together, it goes away.

After setting up the LDAP Sync plugin and doing the first rake command to sync the redmine groups/users with active directory, I checked the Users list and saw that my test user with the filled in firstname, lastname and mail was imported as a locked user.

I then went and attempted to login with a user that wasn't imported because it does not have an email address in the ldap. It's my understanding that the user will be created on the fly at first login and will ask the user to specify their email. When I went to login, redmine threw another internal server error.

> Internal error
> 
> An error occurred on the page you were trying to access.
> If you continue to experience problems please contact your Redmine administrator for assistance.
> 
> If you are the Redmine administrator, check your log files for details about the error.
> 

I attached log files to this post.

- Ruby implementation and version
ruby 1.9.3p392 (2013-02-22 revision 39386) [x86_64-linux]

- Rails version (rails --version)
Rails 3.2.13

- Operating system (precise if you're using cygwin when running on Windows)
Ubuntu 12.04.2 LTS
Linux mayerredmine 3.2.0-41-virtual #66-Ubuntu SMP Thu Apr 25 03:47:17 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

- Database used, and its version
MySQL
/opt/bitnami/mysql/bin/mysql.bin Ver 14.14 Distrib 5.5.30, for linux2.6 (x86_64) using readline 5.1

- Ruby-aware server used: Webrick, Mongrel, Thin, etc. If you don't understand this point, you're using Webrick.
Webrick? I used the Bitnami Redmine installer, so I'm not sure.

root@mayerredmine:/opt/bitnami/apps/redmine/htdocs# RAILS_ENV=production script/about

Environment:
Redmine version 2.3.1.stable
Ruby version 1.9.3 (x86_64-linux)
Rails version 3.2.13
Environment production
Database adapter Mysql2
Redmine plugins:
redmine_ldap_sync 2.0.0.devel

production.log - Log File (2.02 KB)

Replies (1)

RE: Internal Error on LDAP Auth - Added by Maximilian Eschenbacher about 1 month ago

The 'execution expired' happens when the 'with_timeout' block in function 'authenticate' in 'app/models/auth_source_ldap.rb' timeouts. You can set the timeout within the settings for your ldap server.

Depending on the hostname you are using for redmine to connect via ldap, this can easily happen if several of the A/AAAA records for the entered hostname are unavailable. Redmine uses Net::LDAP which in turn uses Socket.tcp which will look up all hostnames from DNS and tries to connect to them. In our testing environment with multiple active plugins and two out of three ldap servers unreachable, I was able to see Redmine go through three full ldap hostname lookup/connection procedures which took about 20 seconds (sometimes longer).

(1-1/1)