Webtop with external LDAP?

Support
, ,
1

I tried to setup Webtop with external LDAP configured but got an error:

grafik
grafik910×890 26.5 KB

Enqueued anchor job 100 postgres.service/start.
DELETE 1
DELETE 1
INSERT 0 1
INSERT 0 1
DELETE 1
DELETE 1
INSERT 0 1
INSERT 0 1
DELETE 1
INSERT 0 1
bash: -c: line 1: unexpected EOF while looking for matching `"'
bash: -c: line 2: syntax error: unexpected end of file
Traceback (most recent call last):
  File "/home/webtop1/.config/actions/configure-module/20config", line 265, in <module>
    domain_setup(mail_domain, user_domain)
  File "/home/webtop1/.config/actions/configure-module/20config", line 19, in domain_setup
    user_domain_password = subprocess.check_output(['podman', 'run', '--rm', os.environ["WEBTOP_WEBAPP_IMAGE"], 'bash', '-c', "echo -n " + user_domain["bind_password"] + " | java -classpath /usr/share/webtop/ WebtopPassEncode"], text=True).splitlines().pop()
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/subprocess.py", line 466, in check_output
    return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/subprocess.py", line 571, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['podman', 'run', '--rm', 'ghcr.io/nethserver/webtop-webapp:1.0.15', 'bash', '-c', 'echo -n ********** | java -classpath /usr/share/webtop/ WebtopPassEncode']' returned non-zero exit status 2.
2

OK, I changed the bind password. Now I use a password without special characters and the configuration was saved…

I still can logon with user admin/admin but not with a AD Domain User.

3

tested on a remote ldap account without TLS, I cannot reproduce the issue

create an AD on NS7
set to do not ask for encryption

bind to this AD on NS8 without TLS on port 389
install mail, webtop, imapsync

I can use the domain page and the mailboxes page, and the imapsync page, I can login with ldap users to webtop

If I remove the custom template I did on NS7 and I restart the nsdc, then I cannot browse remotely the users on all pages

1 Like
4

What special characters could potentially trigger the bug? Please tell us more so we can test them!

5

I suppose. Could you confirm

1 Like
6

I had to logon as Webtop-admin and write the bind-password agn because I changed it as NS8-cluster-admin just for testing for another app…

Webtop works now, I am able to login with AD user…