AD Integration settings not getting saved


#1

Hello, I am trying to configure LDAP/AD Integration with our AD server. I am logged in to my Graylog UI as the admin account. I am noticing a weird issue that whatever LDAP/AD settings i configure under “Authentication >> LDAP\Active Directory” page, do not get saved even though i ensure to save the changes. Its like every time i configure the AD settings , click on the “SAVE settings” button, i get a message in green saying “LDAP Settings saved successfully” and then when i refresh the page or come back to this page again, its blank as if nothing has been configured. Is this is bug ?
I am on the latest version of Graylog


(Jochen) #2

Are you using a Graylog cluster or a single Graylog node?
Are there any warning or error messages in the logs of your Graylog node(s) or in the Developer Console of your web browser?

What’s the content of the ldap_settings collection in MongoDB?

Which version is this, exactly?


#3

Hello Jochen, I have a single Graylog node. I tried to replicate it again by entering all the AD information and clicked the “SAVE LDAP Settings” button. While doing so , i had a putty session open to my graylog server & was monitoring the graylog server logs by running this command "/var/log/graylog/server# tail -f @40000000597b451730c72114.u . This file didn’t have any new entries logged. I also had a chrome dev console opened up as you suggested. The dev console shows some Error messages in RED that were already there before i clicked on the “SAVE LDAP Settings” button. Upon clicking the button, there weren’t any new messages in the dev console.

If you need to do a webex let me know.


#4

Gochen, I am on version 2.3.0

Also, i just found something interesting in the server logs. Under /var/log/graylog/server/current file , it has logged in below messages. I am assuming this is because i kept re-trying the AD integration setup multiple times from the Web UI because it didn’t save the changes so now the database within is complaining about 5 AD configurations.

.1.6%INFO [CodecFactoryUtil] Registered pre-bundled extended operation factory: 1.3.6.1.4.1.18060.0.1.5%INFO [CodecFactoryUtil] Registered pre-bundled extended operation factory: 1.3.6.1.4.1.4203.1.11.1%INFO [CodecFactoryUtil] Registered pre-bundled extended operation factory: 1.3.6.1.4.1.4203.1.11.3%INFO [CodecFactoryUtil] Registered pre-bundled extended operation factory: 1.3.6.1.4.1.1466.20037%ERROR [LdapSettingsServiceImpl] Graylog does not yet support multiple LDAP backends, but 3 configurations were found. This is a bug, ignoring LDAP config.%ERROR [LdapSettingsImpl] Unable to load role mapping%ERROR [LdapSettingsServiceImpl] Graylog does not yet support multiple LDAP backends, but 4 configurations were found. This is a bug, ignoring LDAP config.%ERROR [LdapSettingsServiceImpl] Graylog does not yet support multiple LDAP backends, but 4 configurations were found. This is a bug, ignoring LDAP config.%INFO [SessionsResource] Invalid username or password for user “shahn”%ERROR [LdapSettingsServiceImpl] Graylog does not yet support multiple LDAP backends, but 4 configurations were found. This is a bug, ignoring LDAP config.%INFO [SessionsResource] Invalid username or password for user “shahn@lan.lab”%ERROR [LdapSettingsServiceImpl] Graylog does not yet support multiple LDAP backends, but 4 configurations were found. This is a bug, ignoring LDAP config.%INFO [SessionsResource] Invalid username or password for user “shahn@lan.lab”%ERROR [LdapSettingsServiceImpl] Graylog does not yet support multiple LDAP backends, but 4 configurations were found. This is a bug, ignoring LDAP config.%INFO [SessionsResource] Invalid username or password for user “LAN\shahn”%ERROR [LdapSettingsServiceImpl] Graylog does not yet support multiple LDAP backends, but 4 configurations were found. This is a bug, ignoring LDAP config.%ERROR [LdapSettingsServiceImpl] Graylog does not yet support multiple LDAP backends, but 4 configurations were found. This is a bug, ignoring LDAP config.%ERROR [LdapSettingsServiceImpl] Graylog does not yet support multiple LDAP backends, but 4 configurations were found. This is a bug, ignoring LDAP config.%ERROR [LdapSettingsImpl] Unable to load role mapping%ERROR [LdapSettingsServiceImpl] Graylog does not yet support multiple LDAP backends, but 5 configurations were found.


(Jochen) #5

Try deleting the ldap_settings collection in MongoDB and then enter the LDAP/AD settings again in the Graylog web interface.

$ mongo
MongoDB shell version v3.4.6
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.4.6
> use graylog
switched to db graylog
> db.ldap_settings.drop()
true
> exit
bye

This is related to the following bug:


#6

Gochen,
Thanks that did it, i had to install the mongodb-clients package to be able to run the mongo command. After dropping the ldap settings , i am now able to save the configuration in the Web Interface successfully. Thank you very much.


(system) #7

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.