AD Data not correctly shown

Bug
, , , ,
1

I have migrated a simple NS7 server (AD/SAMBA + Mail +Nextcloud) hosted by a provider to another server.

This server became the leader node.

I set up a new server on the old NS7 host and integrated the leader node into the cluster as a worker node.

I then moved Mail and Nextcloud to the worker node and finally restored SAMBA from the backup to the worker node. This should have completed the migration.

However, the groups and users are not displayed in the Admin Gui, but they are in the user portal. Nextcloud and Mail can make good use of the login data.

image
image3030×942 198 KB

Traceback (most recent call last):
  File "/var/lib/nethserver/cluster/actions/list-domain-users/50list_users", line 33, in <module>
    users = Ldapclient.factory(**domain).list_users()
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/agent/pypkg/agent/ldapclient/__init__.py", line 29, in factory
    return LdapclientAd(**kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/agent/pypkg/agent/ldapclient/base.py", line 37, in __init__
    self.ldapconn = ldap3.Connection(self.ldapsrv,
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/agent/pyenv/lib/python3.11/site-packages/ldap3/core/connection.py", line 363, in __init__
    self._do_auto_bind()
  File "/usr/local/agent/pyenv/lib/python3.11/site-packages/ldap3/core/connection.py", line 389, in _do_auto_bind
    self.bind(read_server_info=True)
  File "/usr/local/agent/pyenv/lib/python3.11/site-packages/ldap3/core/connection.py", line 607, in bind
    response = self.post_send_single_response(self.send('bindRequest', request, controls))
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/agent/pyenv/lib/python3.11/site-packages/ldap3/strategy/sync.py", line 160, in post_send_single_response
    responses, result = self.get_response(message_id)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/agent/pyenv/lib/python3.11/site-packages/ldap3/strategy/base.py", line 370, in get_response
    raise LDAPSessionTerminatedByServerError(self.connection.last_error)
ldap3.core.exceptions.LDAPSessionTerminatedByServerError: session terminated

within the logs I found:

2024-09-15T13:08:30+02:00 [3:samba4:samba-dc] TLS ../../source4/lib/tls/tls_tstream.c:554 - An unexpected TLS packet was received.
 2024-09-15T13:23:30+02:00 [3:samba4:samba-dc] TLS ../../source4/lib/tls/tls_tstream.c:1378 - Decryption has failed.

I don’t know whether this indicates the cause or is an additional fault.

Only after I promoted the worker node to the leader node were the users/groups also displayed in the admin GUI.

Of course, it took forever until I couldn’t think of any other way out than to take this last step.

1 Like