Anonymous access is not allowed
Johannes Neuhaus
johannes.neuhaus at rwth-aachen.de
Sun May 20 12:46:46 CEST 2018
Dear fellow users and kolab devs,
Disclaimer: I am on CentOS 7. 389-Directory/1.3.7.5 B2018.136.418
Just yesterday I updated my Kolab installation. Unfortunately it was not
overly successful as it seems like it broke authentication. The symptom
was that I was not able to login anymore. Running kolab lm did not work
either and returned authentication failed. Digging further in the logs I
found:
[root at mail /]# tail -n 100 /var/log/kolab/pykolab.log
2018-05-20 12:25:01,692 pykolab.wallace ERROR Module
resources.heartbeat() failed with error: Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/wallace/__init__.py", line 89,
in modules_heartbeat
modules.heartbeat(module, lastrun)
File "/usr/lib/python2.7/site-packages/wallace/modules.py", line 128,
in heartbeat
return modules[name]['heartbeat'](*args, **kw)
File "/usr/lib/python2.7/site-packages/wallace/module_resources.py",
line 433, in heartbeat
resource_dns = auth.find_resource('*')
File "/usr/lib/python2.7/site-packages/pykolab/auth/__init__.py", line
220, in find_resource
result = self._auth.find_resource(address)
File "/usr/lib/python2.7/site-packages/pykolab/auth/ldap/__init__.py",
line 844, in find_resource
attrsonly=True
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line
552, in search_s
return
self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line
876, in search_ext_s
return
self._apply_method_s(SimpleLDAPObject.search_ext_s,*args,**kwargs)
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line
818, in _apply_method_s
return func(self,*args,**kwargs)
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line
546, in search_ext_s
return self.result(msgid,all=1,timeout=timeout)[1]
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line
458, in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line
462, in result2
resp_type, resp_data, resp_msgid, resp_ctrls =
self.result3(msgid,all,timeout)
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line
469, in result3
resp_ctrl_classes=resp_ctrl_classes
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line
476, in result4
ldap_result =
self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 99,
in _ldap_call
result = func(*args,**kwargs)
INAPPROPRIATE_AUTH: {'info': 'Anonymous access is not allowed.', 'desc':
'Inappropriate authentication'}
To fix this, I had to set the respective LDAP config flag in dse.ldif to
on. Is this a bug or a feature? Unfortunately, it took me quite some
time to figure out, what the problem was. I tried a fresh installation
using a virtual machine and I did not run into the problem. So I am a
bit confused, what actually went wrong. The upgrade logs looked just fine.
Best regards,
Johannes
More information about the users
mailing list