Cannot list users: "Communication failure" (LDAP auth)

  • Note: I've installed the OpenMediaVault package on a quite fresh Debian Wheezy (7.6).


    My Debian box was already configured to do PAM-LDAP auth: users from my LDAP server can SSH to it just fine and both getent passwd and getent group returns the LDAP users and groups.


    On OMV WebGUI, the Group tab works: all my groups are displayed with correct members. However the Users tab seems to hangs: after a while the interface displays a modal window with the message:

    Zitat

    An error has occured
    communication failure


    As I want to benefits from OMV tools to set perms on Shared Folder I need to fix this.
    I've tried to install the OMV LDAP plugin but it broke the PAM auth (could not SSH to the server using LDAP credentials anymore).


    What log file should I look into to give you more useful infos on the problem?

  • Well, it looks like my issue is different from @Moimeme's: the UID and GID I use compatible with default settings.
    I cannot test if my users (local and/or LDAP) are displayed or not on the "ACL List" because I cannot add Shared Folders" yet (it's an other issue).


    But I've noticed that my /var/log/syslog file gets filled with lot of:

    Zitat

    nslcd[23135]: [9f63fd] <group(all)> cn=sales,ou=Groupes,dc=example,dc=com: cn: denied by validnames option
    nslcd[23135]: [9f63fd] <group(all)> cn=r_and_d,ou=Groupes,dc=example,dc=com: cn: denied by validnames option
    nslcd[23135]: [9f63fd] <group(all)> cn=communication,ou=Groupes,dc=example,dc=com: cn: denied by validnames option


    and less:

    Zitat

    nslcd[23135]: [f69c3f] <group/member="john-doe"> cn=sales,ou=Groupes,dc=example,dc=com: cn: denied by validnames option


    It really is the first time I run into theses error with PAM-LDAP setup: what would OMV try that would generate this kind of error?

  • Updating the thread because I am now on OMV v2.2.12, Debian Wheezy v7.11 and the problem still exists.


    Still getting:


    Zitat von /var/log/syslog

    nslcd[23135]: [9f63fd] <group(all)> cn=sales,ou=Groupes,dc=example,dc=com: cn: denied by validnames option
    nslcd[23135]: [9f63fd] <group(all)> cn=r_and_d,ou=Groupes,dc=example,dc=com: cn: denied by validnames option
    nslcd[23135]: [9f63fd] <group(all)> cn=communication,ou=Groupes,dc=example,dc=com: cn: denied by validnames option


    and the web UI fails to list the users:


    Zitat von Web UI

    An error has occured
    communication failure

    And fails to list the users when modifying a group:


    Zitat von Web UI

    Error:
    Gateway Time-out



    I have about 460 users and 60 groups in the LDAP directory.


    Debian recognize them (and I can log as them via SSH) :

    Bash
    getent passwd | wc -l

    500

    Bash
    getent group | wc -l

    120


    Could it be a simple slow response issue?
    The `getent passwd` commands takes less than a second to run.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!