LDAP Import users list empty!

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
JasonW
Posts: 8
Joined: Fri Apr 03, 2020 12:42 pm

LDAP Import users list empty!

Post by JasonW »

Hey Forum, we've installed the trial version of the latest Nagios XI and trying to input users from the "LDAP / Active Directory Import Users" page we get a blank list.

FWIW, using check_ldaps to test authentication works fine. Tailing /var/log/httpd/ssl_error_log (I got no error from the regular httpd error log) gives me this when I try to import:

[Wed Sep 23 15:54:15.140246 2020] [:error] [pid 80960] [client xxx.xxx.xxx.xxx:65301] PHP Notice: Undefined variable: list_html in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/index.php on line 736, referer: https://myfqdn/nagiosxi/includes/compon ... /index.php

Also checking our LDAP logs we can see this series of events:

conn=17265138 fd=42 ACCEPT from IP=xxx.xxx.xxx.xxx:41600 (IP=xxx.xxx.xxx.xxx:636)
conn=17265138 fd=42 TLS established tls_ssf=256 ssf=256 tls_proto=TLSv1.2 tls_cipher=AES256-GCM-SHA384
conn=17265138 op=0 BIND dn="uid=xxx,ou=xxx,dc=xxx,dc=xxx" method=128
conn=17265138 op=0 BIND dn="uid=vxxx,ou=xxx,dc=xxx,dc=xxx" mech=SIMPLE ssf=0
conn=17265138 op=0 RESULT tag=97 err=0 text=
conn=17265138 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)" <----note! maybe not passing base DN info?
conn=17265138 op=1 SRCH attr=namingcontexts
conn=17265138 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
conn=17265138 op=2 UNBIND
conn=17265138 fd=42 closed

So the base DN is of course specified in the ldap server config, as well I know it's correct as mentioned before I use it on the command line while using check_ldaps.

Any suggestions?

Thanks!
Top
JasonW
Posts: 8
Joined: Fri Apr 03, 2020 12:42 pm

Re: LDAP Import users list empty!

Post by JasonW »

bumping for visibility. We're demoing a bunch of monitoring solutions, I'd really like to get LDAP working with Nagios.... any help anyone could offer would be amazing!
Thanks!
Top
benjaminsmith
Posts: 5324
Joined: Wed Aug 22, 2018 4:39 pm
Location: saint paul

Re: LDAP Import users list empty!

Post by benjaminsmith »

Hi Jason,

Thanks for downloading a trial version of Nagios XI and welcome to the support forum.

To help troubleshoot this further, please enable debug logging by following this KB article:

https://support.nagios.com/kb/article/a ... n-600.html

Then run this tail command and leave it running.

Code: Select all

tail -Fn0 /var/log/httpd/error_log /var/log/httpd/ssl_error_log
Then try the import again and send us the entire output of the tail command above so that we can see what is occurring.

Please PM a copy of your profile as well, you can download it from Admin > System Profile > Download Profile.

--Benjamin
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
Top
JasonW
Posts: 8
Joined: Fri Apr 03, 2020 12:42 pm

Re: LDAP Import users list empty!

Post by JasonW »

Ok I've done all that..the log tail is below (long!)

Code: Select all

ldap_url_parse_ext(ldap://localhost/)
ldap_init: trying /etc/openldap/ldap.conf
ldap_init: using /etc/openldap/ldap.conf
ldap_init: HOME env is NULL
ldap_init: LDAPCONF env is NULL
ldap_init: LDAPRC env is NULL
ldap_create
ldap_url_parse_ext(ldaps://xxx:636)
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP xxx:636
ldap_new_socket: 20
ldap_prepare_socket: 20
ldap_connect_to_host: Trying xxx:636
ldap_pvt_connect: fd: 20 tm: -1 async: 0
attempting to connect: 
connect success
TLSMC: MozNSS compatibility interception begins.
tlsmc_intercept_initialization: INFO: entry options follow:
tlsmc_intercept_initialization: INFO: cacertdir = `/etc/openldap/cacerts'
tlsmc_intercept_initialization: INFO: certfile = `(null)'
tlsmc_intercept_initialization: INFO: keyfile = `(null)'
tlsmc_convert: INFO: trying to open NSS DB with CACertDir = `/etc/openldap/cacerts'.
tlsmc_open_nssdb: INFO: trying to initialize moznss using security dir `/etc/openldap/cacerts` prefix ``.
tlsmc_open_nssdb: WARN: could not initialize MozNSS context - error -8015.
tlsmc_convert: INFO: cannot open the NSS DB, expecting PEM configuration is present.
tlsmc_intercept_initialization: INFO: altered options follow:
tlsmc_intercept_initialization: INFO: cacertdir = `/etc/openldap/cacerts'
tlsmc_intercept_initialization: INFO: certfile = `(null)'
tlsmc_intercept_initialization: INFO: keyfile = `(null)'
tlsmc_intercept_initialization: INFO: successfully intercepted TLS initialization. Continuing with OpenSSL only.
TLSMC: MozNSS compatibility interception ends.
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 2, err: 0, subject: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
TLS certificate verification: depth: 1, err: 0, subject: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA OV SSL CA 2018, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
TLS certificate verification: depth: 0, err: 0, subject: /C=CA/ST=xxx/L=xxxn/O=xxx/CN=xxx, issuer: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA OV SSL CA 2018
TLS trace: SSL_connect:SSLv3 read server certificate A
TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
TLS trace: SSL_connect:SSLv3 flush data
TLS trace: SSL_connect:SSLv3 read server session ticket A
TLS trace: SSL_connect:SSLv3 read finished A
ldap_open_defconn: successful
ldap_send_server_request
ldap_result ld 0x5649d3239180 msgid 1
wait4msg ld 0x5649d3239180 msgid 1 (infinite timeout)
wait4msg continue ld 0x5649d3239180 msgid 1 all 1
** ld 0x5649d3239180 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d3239180 Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d3239180 request count 1 (abandoned 0)
** ld 0x5649d3239180 Response Queue:
   Empty
  ld 0x5649d3239180 response count 0
ldap_chkResponseList ld 0x5649d3239180 msgid 1 all 1
ldap_chkResponseList returns ld 0x5649d3239180 NULL
ldap_int_select
read1msg: ld 0x5649d3239180 msgid 1 all 1
read1msg: ld 0x5649d3239180 msgid 1 message type bind
read1msg: ld 0x5649d3239180 0 new referrals
read1msg:  mark request completed, ld 0x5649d3239180 msgid 1
request done: ld 0x5649d3239180 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_parse_result
ldap_msgfree
ldap_search
put_filter: "objectClass=*"
put_filter: default
put_simple_filter: "objectClass=*"
ldap_build_search_req ATTRS: namingcontexts
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x5649d3239180 msgid 2
wait4msg ld 0x5649d3239180 msgid 2 (infinite timeout)
wait4msg continue ld 0x5649d3239180 msgid 2 all 1
** ld 0x5649d3239180 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d3239180 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d3239180 request count 1 (abandoned 0)
** ld 0x5649d3239180 Response Queue:
   Empty
  ld 0x5649d3239180 response count 0
ldap_chkResponseList ld 0x5649d3239180 msgid 2 all 1
ldap_chkResponseList returns ld 0x5649d3239180 NULL
ldap_int_select
read1msg: ld 0x5649d3239180 msgid 2 all 1
read1msg: ld 0x5649d3239180 msgid 2 message type search-entry
wait4msg continue ld 0x5649d3239180 msgid 2 all 1
** ld 0x5649d3239180 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d3239180 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d3239180 request count 1 (abandoned 0)
** ld 0x5649d3239180 Response Queue:
 * msgid 2,  type 100
  ld 0x5649d3239180 response count 1
ldap_chkResponseList ld 0x5649d3239180 msgid 2 all 1
ldap_chkResponseList returns ld 0x5649d3239180 NULL
ldap_int_select
read1msg: ld 0x5649d3239180 msgid 2 all 1
read1msg: ld 0x5649d3239180 msgid 2 message type search-result
read1msg: ld 0x5649d3239180 0 new referrals
read1msg:  mark request completed, ld 0x5649d3239180 msgid 2
request done: ld 0x5649d3239180 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
adding response ld 0x5649d3239180 msgid 2 type 101:
ldap_parse_result
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_msgfree
ldap_free_connection 1 1
ldap_send_unbind
TLS trace: SSL3 alert write:warning:close notify
ldap_free_connection: actually freed
ldap_create
ldap_url_parse_ext(ldaps://xxx:636)
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP xxx:636
ldap_new_socket: 20
ldap_prepare_socket: 20
ldap_connect_to_host: Trying xxxxxx:636
ldap_pvt_connect: fd: 20 tm: -1 async: 0
attempting to connect: 
connect success
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 2, err: 0, subject: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
TLS certificate verification: depth: 1, err: 0, subject: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA OV SSL CA 2018, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
TLS certificate verification: depth: 0, err: 0, subject: /C=CA/ST=xxx/L=xxx/O=xxx/CN=xxx, issuer: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA OV SSL CA 2018
TLS trace: SSL_connect:SSLv3 read server certificate A
TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
TLS trace: SSL_connect:SSLv3 flush data
TLS trace: SSL_connect:SSLv3 read server session ticket A
TLS trace: SSL_connect:SSLv3 read finished A
ldap_open_defconn: successful
ldap_send_server_request
ldap_result ld 0x5649d2ac6d00 msgid 1
wait4msg ld 0x5649d2ac6d00 msgid 1 (infinite timeout)
wait4msg continue ld 0x5649d2ac6d00 msgid 1 all 1
** ld 0x5649d2ac6d00 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d2ac6d00 Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ac6d00 request count 1 (abandoned 0)
** ld 0x5649d2ac6d00 Response Queue:
   Empty
  ld 0x5649d2ac6d00 response count 0
ldap_chkResponseList ld 0x5649d2ac6d00 msgid 1 all 1
ldap_chkResponseList returns ld 0x5649d2ac6d00 NULL
ldap_int_select
read1msg: ld 0x5649d2ac6d00 msgid 1 all 1
read1msg: ld 0x5649d2ac6d00 msgid 1 message type bind
read1msg: ld 0x5649d2ac6d00 0 new referrals
read1msg:  mark request completed, ld 0x5649d2ac6d00 msgid 1
request done: ld 0x5649d2ac6d00 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_parse_result
ldap_msgfree
ldap_search
put_filter: "objectClass=*"
put_filter: default
put_simple_filter: "objectClass=*"
ldap_build_search_req ATTRS: namingcontexts
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x5649d2ac6d00 msgid 2
wait4msg ld 0x5649d2ac6d00 msgid 2 (infinite timeout)
wait4msg continue ld 0x5649d2ac6d00 msgid 2 all 1
** ld 0x5649d2ac6d00 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d2ac6d00 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ac6d00 request count 1 (abandoned 0)
** ld 0x5649d2ac6d00 Response Queue:
   Empty
  ld 0x5649d2ac6d00 response count 0
ldap_chkResponseList ld 0x5649d2ac6d00 msgid 2 all 1
ldap_chkResponseList returns ld 0x5649d2ac6d00 NULL
ldap_int_select
read1msg: ld 0x5649d2ac6d00 msgid 2 all 1
read1msg: ld 0x5649d2ac6d00 msgid 2 message type search-entry
wait4msg continue ld 0x5649d2ac6d00 msgid 2 all 1
** ld 0x5649d2ac6d00 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d2ac6d00 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ac6d00 request count 1 (abandoned 0)
** ld 0x5649d2ac6d00 Response Queue:
 * msgid 2,  type 100
  ld 0x5649d2ac6d00 response count 1
ldap_chkResponseList ld 0x5649d2ac6d00 msgid 2 all 1
ldap_chkResponseList returns ld 0x5649d2ac6d00 NULL
ldap_int_select
read1msg: ld 0x5649d2ac6d00 msgid 2 all 1
read1msg: ld 0x5649d2ac6d00 msgid 2 message type search-result
read1msg: ld 0x5649d2ac6d00 0 new referrals
read1msg:  mark request completed, ld 0x5649d2ac6d00 msgid 2
request done: ld 0x5649d2ac6d00 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
adding response ld 0x5649d2ac6d00 msgid 2 type 101:
ldap_parse_result
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_msgfree
ldap_search
put_filter: "(&(objectClass=*)(!(distinguishedname=dc=xxx,dc=ca)))"
put_filter: AND
put_filter_list "(objectClass=*)(!(distinguishedname=dc=xxx,dc=ca))"
put_filter: "(objectClass=*)"
put_filter: simple
put_simple_filter: "objectClass=*"
put_filter: "(!(distinguishedname=dc=xxx,dc=ca))"
put_filter: NOT
put_filter_list "(distinguishedname=dc=xxx,dc=ca)"
put_filter: "(distinguishedname=dc=xxx,dc=ca)"
put_filter: simple
put_simple_filter: "distinguishedname=dc=xxx,dc=ca"
ldap_build_search_req ATTRS: *
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x5649d2ac6d00 msgid 3
wait4msg ld 0x5649d2ac6d00 msgid 3 (infinite timeout)
wait4msg continue ld 0x5649d2ac6d00 msgid 3 all 1
** ld 0x5649d2ac6d00 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d2ac6d00 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ac6d00 request count 1 (abandoned 0)
** ld 0x5649d2ac6d00 Response Queue:
   Empty
  ld 0x5649d2ac6d00 response count 0
ldap_chkResponseList ld 0x5649d2ac6d00 msgid 3 all 1
ldap_chkResponseList returns ld 0x5649d2ac6d00 NULL
ldap_int_select
read1msg: ld 0x5649d2ac6d00 msgid 3 all 1
read1msg: ld 0x5649d2ac6d00 msgid 3 message type search-entry
wait4msg continue ld 0x5649d2ac6d00 msgid 3 all 1
** ld 0x5649d2ac6d00 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d2ac6d00 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ac6d00 request count 1 (abandoned 0)
** ld 0x5649d2ac6d00 Response Queue:
 * msgid 3,  type 100
  ld 0x5649d2ac6d00 response count 1
ldap_chkResponseList ld 0x5649d2ac6d00 msgid 3 all 1
ldap_chkResponseList returns ld 0x5649d2ac6d00 NULL
ldap_int_select
read1msg: ld 0x5649d2ac6d00 msgid 3 all 1
read1msg: ld 0x5649d2ac6d00 msgid 3 message type search-entry
adding response ld 0x5649d2ac6d00 msgid 3 type 100:
wait4msg continue ld 0x5649d2ac6d00 msgid 3 all 1
** ld 0x5649d2ac6d00 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d2ac6d00 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ac6d00 request count 1 (abandoned 0)
** ld 0x5649d2ac6d00 Response Queue:
 * msgid 3,  type 100
   chained responses:
  * msgid 3,  type 100
  ld 0x5649d2ac6d00 response count 1
ldap_chkResponseList ld 0x5649d2ac6d00 msgid 3 all 1
ldap_chkResponseList returns ld 0x5649d2ac6d00 NULL
ldap_int_select
read1msg: ld 0x5649d2ac6d00 msgid 3 all 1
read1msg: ld 0x5649d2ac6d00 msgid 3 message type search-result
read1msg: ld 0x5649d2ac6d00 0 new referrals
read1msg:  mark request completed, ld 0x5649d2ac6d00 msgid 3
request done: ld 0x5649d2ac6d00 msgid 3
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 3, msgid 3)
adding response ld 0x5649d2ac6d00 msgid 3 type 101:
ldap_parse_result
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_msgfree
ldap_free_connection 1 1
ldap_send_unbind
TLS trace: SSL3 alert write:warning:close notify
ldap_free_connection: actually freed
ldap_url_parse_ext(ldap://localhost/)
ldap_init: trying /etc/openldap/ldap.conf
ldap_init: using /etc/openldap/ldap.conf
ldap_init: HOME env is NULL
ldap_init: LDAPCONF env is NULL
ldap_init: LDAPRC env is NULL
ldap_create
ldap_url_parse_ext(ldaps://xxx:636)
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP xxx:636
ldap_new_socket: 20
ldap_prepare_socket: 20
ldap_connect_to_host: Trying xxxxxx:636
ldap_pvt_connect: fd: 20 tm: -1 async: 0
attempting to connect: 
connect success
TLSMC: MozNSS compatibility interception begins.
tlsmc_intercept_initialization: INFO: entry options follow:
tlsmc_intercept_initialization: INFO: cacertdir = `/etc/openldap/cacerts'
tlsmc_intercept_initialization: INFO: certfile = `(null)'
tlsmc_intercept_initialization: INFO: keyfile = `(null)'
tlsmc_convert: INFO: trying to open NSS DB with CACertDir = `/etc/openldap/cacerts'.
tlsmc_open_nssdb: INFO: trying to initialize moznss using security dir `/etc/openldap/cacerts` prefix ``.
tlsmc_open_nssdb: WARN: could not initialize MozNSS context - error -8015.
tlsmc_convert: INFO: cannot open the NSS DB, expecting PEM configuration is present.
tlsmc_intercept_initialization: INFO: altered options follow:
tlsmc_intercept_initialization: INFO: cacertdir = `/etc/openldap/cacerts'
tlsmc_intercept_initialization: INFO: certfile = `(null)'
tlsmc_intercept_initialization: INFO: keyfile = `(null)'
tlsmc_intercept_initialization: INFO: successfully intercepted TLS initialization. Continuing with OpenSSL only.
TLSMC: MozNSS compatibility interception ends.
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 2, err: 0, subject: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
TLS certificate verification: depth: 1, err: 0, subject: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA OV SSL CA 2018, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
TLS certificate verification: depth: 0, err: 0, subject: /C=CA/ST=xxx/L=xxx/O=xxx/CN=xxx, issuer: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA OV SSL CA 2018
TLS trace: SSL_connect:SSLv3 read server certificate A
TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
TLS trace: SSL_connect:SSLv3 flush data
TLS trace: SSL_connect:SSLv3 read server session ticket A
TLS trace: SSL_connect:SSLv3 read finished A
ldap_open_defconn: successful
ldap_send_server_request
ldap_result ld 0x5649d31962d0 msgid 1
wait4msg ld 0x5649d31962d0 msgid 1 (infinite timeout)
wait4msg continue ld 0x5649d31962d0 msgid 1 all 1
** ld 0x5649d31962d0 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d31962d0 Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d31962d0 request count 1 (abandoned 0)
** ld 0x5649d31962d0 Response Queue:
   Empty
  ld 0x5649d31962d0 response count 0
ldap_chkResponseList ld 0x5649d31962d0 msgid 1 all 1
ldap_chkResponseList returns ld 0x5649d31962d0 NULL
ldap_int_select
read1msg: ld 0x5649d31962d0 msgid 1 all 1
read1msg: ld 0x5649d31962d0 msgid 1 message type bind
read1msg: ld 0x5649d31962d0 0 new referrals
read1msg:  mark request completed, ld 0x5649d31962d0 msgid 1
request done: ld 0x5649d31962d0 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_parse_result
ldap_msgfree
ldap_search
put_filter: "objectClass=*"
put_filter: default
put_simple_filter: "objectClass=*"
ldap_build_search_req ATTRS: namingcontexts
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x5649d31962d0 msgid 2
wait4msg ld 0x5649d31962d0 msgid 2 (infinite timeout)
wait4msg continue ld 0x5649d31962d0 msgid 2 all 1
** ld 0x5649d31962d0 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d31962d0 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d31962d0 request count 1 (abandoned 0)
** ld 0x5649d31962d0 Response Queue:
   Empty
  ld 0x5649d31962d0 response count 0
ldap_chkResponseList ld 0x5649d31962d0 msgid 2 all 1
ldap_chkResponseList returns ld 0x5649d31962d0 NULL
ldap_int_select
read1msg: ld 0x5649d31962d0 msgid 2 all 1
read1msg: ld 0x5649d31962d0 msgid 2 message type search-entry
wait4msg continue ld 0x5649d31962d0 msgid 2 all 1
** ld 0x5649d31962d0 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d31962d0 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d31962d0 request count 1 (abandoned 0)
** ld 0x5649d31962d0 Response Queue:
 * msgid 2,  type 100
  ld 0x5649d31962d0 response count 1
ldap_chkResponseList ld 0x5649d31962d0 msgid 2 all 1
ldap_chkResponseList returns ld 0x5649d31962d0 NULL
ldap_int_select
read1msg: ld 0x5649d31962d0 msgid 2 all 1
read1msg: ld 0x5649d31962d0 msgid 2 message type search-result
read1msg: ld 0x5649d31962d0 0 new referrals
read1msg:  mark request completed, ld 0x5649d31962d0 msgid 2
request done: ld 0x5649d31962d0 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
adding response ld 0x5649d31962d0 msgid 2 type 101:
ldap_parse_result
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_msgfree
ldap_search
put_filter: "(&(objectClass=*)(!(distinguishedname=dc=xxx,dc=ca)))"
put_filter: AND
put_filter_list "(objectClass=*)(!(distinguishedname=dc=xxx,dc=ca))"
put_filter: "(objectClass=*)"
put_filter: simple
put_simple_filter: "objectClass=*"
put_filter: "(!(distinguishedname=dc=xxx,dc=ca))"
put_filter: NOT
put_filter_list "(distinguishedname=dc=xxx,dc=ca)"
put_filter: "(distinguishedname=dc=xxx,dc=ca)"
put_filter: simple
put_simple_filter: "distinguishedname=dc=xxx,dc=ca"
ldap_build_search_req ATTRS: *
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x5649d31962d0 msgid 3
wait4msg ld 0x5649d31962d0 msgid 3 (infinite timeout)
wait4msg continue ld 0x5649d31962d0 msgid 3 all 1
** ld 0x5649d31962d0 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d31962d0 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d31962d0 request count 1 (abandoned 0)
** ld 0x5649d31962d0 Response Queue:
   Empty
  ld 0x5649d31962d0 response count 0
ldap_chkResponseList ld 0x5649d31962d0 msgid 3 all 1
ldap_chkResponseList returns ld 0x5649d31962d0 NULL
ldap_int_select
read1msg: ld 0x5649d31962d0 msgid 3 all 1
read1msg: ld 0x5649d31962d0 msgid 3 message type search-entry
wait4msg continue ld 0x5649d31962d0 msgid 3 all 1
** ld 0x5649d31962d0 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d31962d0 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d31962d0 request count 1 (abandoned 0)
** ld 0x5649d31962d0 Response Queue:
 * msgid 3,  type 100
  ld 0x5649d31962d0 response count 1
ldap_chkResponseList ld 0x5649d31962d0 msgid 3 all 1
ldap_chkResponseList returns ld 0x5649d31962d0 NULL
ldap_int_select
read1msg: ld 0x5649d31962d0 msgid 3 all 1
read1msg: ld 0x5649d31962d0 msgid 3 message type search-entry
adding response ld 0x5649d31962d0 msgid 3 type 100:
wait4msg continue ld 0x5649d31962d0 msgid 3 all 1
** ld 0x5649d31962d0 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:49:59 2020


** ld 0x5649d31962d0 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d31962d0 request count 1 (abandoned 0)
** ld 0x5649d31962d0 Response Queue:
 * msgid 3,  type 100
   chained responses:
  * msgid 3,  type 100
  ld 0x5649d31962d0 response count 1
ldap_chkResponseList ld 0x5649d31962d0 msgid 3 all 1
ldap_chkResponseList returns ld 0x5649d31962d0 NULL
ldap_int_select
read1msg: ld 0x5649d31962d0 msgid 3 all 1
read1msg: ld 0x5649d31962d0 msgid 3 message type search-result
read1msg: ld 0x5649d31962d0 0 new referrals
read1msg:  mark request completed, ld 0x5649d31962d0 msgid 3
request done: ld 0x5649d31962d0 msgid 3
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 3, msgid 3)
adding response ld 0x5649d31962d0 msgid 3 type 101:
ldap_parse_result
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_msgfree
ldap_free_connection 1 1
ldap_send_unbind
TLS trace: SSL3 alert write:warning:close notify
ldap_free_connection: actually freed
ldap_create
ldap_url_parse_ext(ldaps://xxx:636)
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP xxx:636
ldap_new_socket: 20
ldap_prepare_socket: 20
ldap_connect_to_host: Trying xxxxxx:636
ldap_pvt_connect: fd: 20 tm: -1 async: 0
attempting to connect: 
connect success
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 2, err: 0, subject: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
TLS certificate verification: depth: 1, err: 0, subject: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA OV SSL CA 2018, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
TLS certificate verification: depth: 0, err: 0, subject: /C=CA/ST=xxx/L=xxx/O=xxx/CN=xxx, issuer: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA OV SSL CA 2018
TLS trace: SSL_connect:SSLv3 read server certificate A
TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
TLS trace: SSL_connect:SSLv3 flush data
TLS trace: SSL_connect:SSLv3 read server session ticket A
TLS trace: SSL_connect:SSLv3 read finished A
ldap_open_defconn: successful
ldap_send_server_request
ldap_result ld 0x5649d2ce9300 msgid 1
wait4msg ld 0x5649d2ce9300 msgid 1 (infinite timeout)
wait4msg continue ld 0x5649d2ce9300 msgid 1 all 1
** ld 0x5649d2ce9300 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:50:00 2020


** ld 0x5649d2ce9300 Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ce9300 request count 1 (abandoned 0)
** ld 0x5649d2ce9300 Response Queue:
   Empty
  ld 0x5649d2ce9300 response count 0
ldap_chkResponseList ld 0x5649d2ce9300 msgid 1 all 1
ldap_chkResponseList returns ld 0x5649d2ce9300 NULL
ldap_int_select
read1msg: ld 0x5649d2ce9300 msgid 1 all 1
read1msg: ld 0x5649d2ce9300 msgid 1 message type bind
read1msg: ld 0x5649d2ce9300 0 new referrals
read1msg:  mark request completed, ld 0x5649d2ce9300 msgid 1
request done: ld 0x5649d2ce9300 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_parse_result
ldap_msgfree
ldap_search
put_filter: "objectClass=*"
put_filter: default
put_simple_filter: "objectClass=*"
ldap_build_search_req ATTRS: namingcontexts
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x5649d2ce9300 msgid 2
wait4msg ld 0x5649d2ce9300 msgid 2 (infinite timeout)
wait4msg continue ld 0x5649d2ce9300 msgid 2 all 1
** ld 0x5649d2ce9300 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:50:00 2020


** ld 0x5649d2ce9300 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ce9300 request count 1 (abandoned 0)
** ld 0x5649d2ce9300 Response Queue:
   Empty
  ld 0x5649d2ce9300 response count 0
ldap_chkResponseList ld 0x5649d2ce9300 msgid 2 all 1
ldap_chkResponseList returns ld 0x5649d2ce9300 NULL
ldap_int_select
read1msg: ld 0x5649d2ce9300 msgid 2 all 1
read1msg: ld 0x5649d2ce9300 msgid 2 message type search-entry
wait4msg continue ld 0x5649d2ce9300 msgid 2 all 1
** ld 0x5649d2ce9300 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:50:00 2020


** ld 0x5649d2ce9300 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ce9300 request count 1 (abandoned 0)
** ld 0x5649d2ce9300 Response Queue:
 * msgid 2,  type 100
  ld 0x5649d2ce9300 response count 1
ldap_chkResponseList ld 0x5649d2ce9300 msgid 2 all 1
ldap_chkResponseList returns ld 0x5649d2ce9300 NULL
ldap_int_select
read1msg: ld 0x5649d2ce9300 msgid 2 all 1
read1msg: ld 0x5649d2ce9300 msgid 2 message type search-result
read1msg: ld 0x5649d2ce9300 0 new referrals
read1msg:  mark request completed, ld 0x5649d2ce9300 msgid 2
request done: ld 0x5649d2ce9300 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
adding response ld 0x5649d2ce9300 msgid 2 type 101:
ldap_parse_result
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_msgfree
ldap_search
put_filter: "(&(objectClass=*)(!(distinguishedname=dc=xxx,dc=ca)))"
put_filter: AND
put_filter_list "(objectClass=*)(!(distinguishedname=dc=xxx,dc=ca))"
put_filter: "(objectClass=*)"
put_filter: simple
put_simple_filter: "objectClass=*"
put_filter: "(!(distinguishedname=dc=xxx,dc=ca))"
put_filter: NOT
put_filter_list "(distinguishedname=dc=xxx,dc=ca)"
put_filter: "(distinguishedname=dc=xxx,dc=ca)"
put_filter: simple
put_simple_filter: "distinguishedname=dc=xxx,dc=ca"
ldap_build_search_req ATTRS: *
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x5649d2ce9300 msgid 3
wait4msg ld 0x5649d2ce9300 msgid 3 (infinite timeout)
wait4msg continue ld 0x5649d2ce9300 msgid 3 all 1
** ld 0x5649d2ce9300 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:50:00 2020


** ld 0x5649d2ce9300 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ce9300 request count 1 (abandoned 0)
** ld 0x5649d2ce9300 Response Queue:
   Empty
  ld 0x5649d2ce9300 response count 0
ldap_chkResponseList ld 0x5649d2ce9300 msgid 3 all 1
ldap_chkResponseList returns ld 0x5649d2ce9300 NULL
ldap_int_select
read1msg: ld 0x5649d2ce9300 msgid 3 all 1
read1msg: ld 0x5649d2ce9300 msgid 3 message type search-entry
wait4msg continue ld 0x5649d2ce9300 msgid 3 all 1
** ld 0x5649d2ce9300 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:50:00 2020


** ld 0x5649d2ce9300 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ce9300 request count 1 (abandoned 0)
** ld 0x5649d2ce9300 Response Queue:
 * msgid 3,  type 100
  ld 0x5649d2ce9300 response count 1
ldap_chkResponseList ld 0x5649d2ce9300 msgid 3 all 1
ldap_chkResponseList returns ld 0x5649d2ce9300 NULL
ldap_int_select
read1msg: ld 0x5649d2ce9300 msgid 3 all 1
read1msg: ld 0x5649d2ce9300 msgid 3 message type search-entry
adding response ld 0x5649d2ce9300 msgid 3 type 100:
wait4msg continue ld 0x5649d2ce9300 msgid 3 all 1
** ld 0x5649d2ce9300 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:50:00 2020


** ld 0x5649d2ce9300 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ce9300 request count 1 (abandoned 0)
** ld 0x5649d2ce9300 Response Queue:
 * msgid 3,  type 100
   chained responses:
  * msgid 3,  type 100
  ld 0x5649d2ce9300 response count 1
ldap_chkResponseList ld 0x5649d2ce9300 msgid 3 all 1
ldap_chkResponseList returns ld 0x5649d2ce9300 NULL
ldap_int_select
read1msg: ld 0x5649d2ce9300 msgid 3 all 1
read1msg: ld 0x5649d2ce9300 msgid 3 message type search-result
read1msg: ld 0x5649d2ce9300 0 new referrals
read1msg:  mark request completed, ld 0x5649d2ce9300 msgid 3
request done: ld 0x5649d2ce9300 msgid 3
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 3, msgid 3)
adding response ld 0x5649d2ce9300 msgid 3 type 101:
ldap_parse_result
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_msgfree
ldap_free_connection 1 1
ldap_send_unbind
TLS trace: SSL3 alert write:warning:close notify
ldap_free_connection: actually freed
ldap_create
ldap_url_parse_ext(ldaps://xxx:636)
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP xxx:636
ldap_new_socket: 20
ldap_prepare_socket: 20
ldap_connect_to_host: Trying xxxxxx:636
ldap_pvt_connect: fd: 20 tm: -1 async: 0
attempting to connect: 
connect success
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 2, err: 0, subject: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
TLS certificate verification: depth: 1, err: 0, subject: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA OV SSL CA 2018, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
TLS certificate verification: depth: 0, err: 0, subject: /C=CA/ST=xxx/L=xxx/O=xxx/CN=xxx, issuer: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign RSA OV SSL CA 2018
TLS trace: SSL_connect:SSLv3 read server certificate A
TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
TLS trace: SSL_connect:SSLv3 flush data
TLS trace: SSL_connect:SSLv3 read server session ticket A
TLS trace: SSL_connect:SSLv3 read finished A
ldap_open_defconn: successful
ldap_send_server_request
ldap_result ld 0x5649d2ce5810 msgid 1
wait4msg ld 0x5649d2ce5810 msgid 1 (infinite timeout)
wait4msg continue ld 0x5649d2ce5810 msgid 1 all 1
** ld 0x5649d2ce5810 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:50:00 2020


** ld 0x5649d2ce5810 Outstanding Requests:
 * msgid 1,  origid 1, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ce5810 request count 1 (abandoned 0)
** ld 0x5649d2ce5810 Response Queue:
   Empty
  ld 0x5649d2ce5810 response count 0
ldap_chkResponseList ld 0x5649d2ce5810 msgid 1 all 1
ldap_chkResponseList returns ld 0x5649d2ce5810 NULL
ldap_int_select
read1msg: ld 0x5649d2ce5810 msgid 1 all 1
read1msg: ld 0x5649d2ce5810 msgid 1 message type bind
read1msg: ld 0x5649d2ce5810 0 new referrals
read1msg:  mark request completed, ld 0x5649d2ce5810 msgid 1
request done: ld 0x5649d2ce5810 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_parse_result
ldap_msgfree
ldap_search
put_filter: "objectClass=*"
put_filter: default
put_simple_filter: "objectClass=*"
ldap_build_search_req ATTRS: namingcontexts
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x5649d2ce5810 msgid 2
wait4msg ld 0x5649d2ce5810 msgid 2 (infinite timeout)
wait4msg continue ld 0x5649d2ce5810 msgid 2 all 1
** ld 0x5649d2ce5810 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:50:00 2020


** ld 0x5649d2ce5810 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ce5810 request count 1 (abandoned 0)
** ld 0x5649d2ce5810 Response Queue:
   Empty
  ld 0x5649d2ce5810 response count 0
ldap_chkResponseList ld 0x5649d2ce5810 msgid 2 all 1
ldap_chkResponseList returns ld 0x5649d2ce5810 NULL
ldap_int_select
read1msg: ld 0x5649d2ce5810 msgid 2 all 1
read1msg: ld 0x5649d2ce5810 msgid 2 message type search-entry
wait4msg continue ld 0x5649d2ce5810 msgid 2 all 1
** ld 0x5649d2ce5810 Connections:
* host: xxx  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Fri Sep 25 10:50:00 2020


** ld 0x5649d2ce5810 Outstanding Requests:
 * msgid 2,  origid 2, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x5649d2ce5810 request count 1 (abandoned 0)
** ld 0x5649d2ce5810 Response Queue:
 * msgid 2,  type 100
  ld 0x5649d2ce5810 response count 1
ldap_chkResponseList ld 0x5649d2ce5810 msgid 2 all 1
ldap_chkResponseList returns ld 0x5649d2ce5810 NULL
ldap_int_select
read1msg: ld 0x5649d2ce5810 msgid 2 all 1
read1msg: ld 0x5649d2ce5810 msgid 2 message type search-result
read1msg: ld 0x5649d2ce5810 0 new referrals
read1msg:  mark request completed, ld 0x5649d2ce5810 msgid 2
request done: ld 0x5649d2ce5810 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
adding response ld 0x5649d2ce5810 msgid 2 type 101:
ldap_parse_result
ldap_first_attribute
ldap_get_values_len
ldap_next_attribute
ldap_get_dn
ldap_msgfree

==> /var/log/httpd/ssl_error_log <==
[Fri Sep 25 10:50:00.284055 2020] [:error] [pid 1840] [client xxx.xxx.xxx:64263] PHP Notice:  Undefined variable: list_html in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/index.php on line 736, referer: https://xxx.xxx.xxx.ca/nagiosxi/includes/components/ldap_ad_integration/index.php

==> /var/log/httpd/error_log <==
ldap_free_connection 1 1
ldap_send_unbind
TLS trace: SSL3 alert write:warning:close notify
ldap_free_connection: actually freed
I've pm'd you the profile as well.

As an update, while the listing user is still broken, I am able to manually add ldap users but I had to install "mod_ldap" for Apache (system is running on CentOS 7). Shouldn't that be installed with the fullinstall? Anyway...

Thanks again!
Top
benjaminsmith
Posts: 5324
Joined: Wed Aug 22, 2018 4:39 pm
Location: saint paul

Re: LDAP Import users list empty!

Post by benjaminsmith »

Hi,

The logs look pretty good, it's successfully connecting but not retrieving results back.

Can you verify that you are using the correct based DN and post or PM a screenshot of your LDAP settings? Also, please provide some specifics about the LDAP server that you are using?

Regards,
Benjamin
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
Top
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: LDAP Import users list empty!

Post by ssax »

In addition to what @bsmith posted (please follow them).

You shouldn't need mod_ldap for it to work.

Do you have php-ldap installed? Please send me the full output of this command:

Code: Select all

rpm -qa | grep php-
If you go to import and the credentials work but no users are listed, see the section No Users Returned section of this guide as that's likely what the issue is:

https://support.nagios.com/kb/article/a ... n-600.html
Top
JasonW
Posts: 8
Joined: Fri Apr 03, 2020 12:42 pm

Re: LDAP Import users list empty!

Post by JasonW »

Hi

So php-ldap is installed:

[root@xxx ~]$ rpm -qa | grep php-
php-common-5.4.16-48.el7.x86_64
php-5.4.16-48.el7.x86_64
php-ldap-5.4.16-48.el7.x86_64
php-snmp-5.4.16-48.el7.x86_64
php-pdo-5.4.16-48.el7.x86_64
php-xml-5.4.16-48.el7.x86_64
php-devel-5.4.16-48.el7.x86_64
php-pgsql-5.4.16-48.el7.x86_64
php-process-5.4.16-48.el7.x86_64
php-pecl-ssh2-0.12-1.el7.x86_64
php-mbstring-5.4.16-48.el7.x86_64
php-mssql-5.4.16-9.el7.x86_64
php-gd-5.4.16-48.el7.x86_64
php-cli-5.4.16-48.el7.x86_64
php-mysql-5.4.16-48.el7.x86_64
php-pear-1.9.4-21.el7.noarch
php-imap-5.4.16-9.el7.x86_64


I think the answers to the other questions are in the original post... the error that I get is from that index.php file which shows up in the ssl_error_log:

[Wed Sep 23 15:54:15.140246 2020] [:error] [pid 80960] [client xxx.xxx.xxx.xxx:65301] PHP Notice: Undefined variable: list_html in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/index.php on line 736, referer: https://myfqdn/nagiosxi/includes/compon ... /index.php

As well from our ldap logs, you can see the base dn is not being passed to the ldap server during the SRCH function:

ACCEPT from IP=xxx.xxx.xxx.xxx:41600 (IP=xxx.xxx.xxx.xxx:636)
TLS established tls_ssf=256 ssf=256 tls_proto=TLSv1.2 tls_cipher=AES256-GCM-SHA384
BIND dn="uid=xxx,ou=xxx,dc=xxx,dc=xxx" method=128
BIND dn="uid=vxxx,ou=xxx,dc=xxx,dc=xxx" mech=SIMPLE ssf=0
RESULT tag=97 err=0 text=
SRCH base="" scope=0 deref=0 filter="(objectClass=*)" <----note! maybe not passing base DN info?
SRCH attr=namingcontexts
SEARCH RESULT tag=101 err=0 nentries=1 text=
UNBIND
closed

We're a large organization that is using our ldap servers for multiple other services with the same ou/uid information, As for @ssax's suggestion, the "No users returned" section doesn't really have any help for Nagios XI except for the user not having authorization. We use that user for other services, but I will doublecheck.

There must be something with that undefined variable/missing search base bn error...
Top
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: LDAP Import users list empty!

Post by ssax »

If you look at the code that that PHP notice is valid but not a problem, it's only saying that because it's trying to add something ".=" to an unset variable (which if you look at the code is not set in the function so a valid notice but it has no effect on the functionality), I get the same thing on mine.

The baseDN is not sent on purpose where you are referring to, it's getting the namingContexts.

Once you type in your auth server creds on the import and then click Next what do you see? Do you see any containers/OUs? (please attach a screenshot of what you see if anything so I can see what you're seeing to craft the next steps for debugging why the objects aren't shown).

If there is nothing listed it's likely because it's getting the wrong objectClass for the items and doesn't match so it's not being shown. This is the #1 issue for all LDAP integration issues behind certificate issues.

Is the user you're authing with when doing the import under the baseDN you have set in XI? I'm wondering if that specific user has a different DN path than what is set in XI.
Top
Locked

Return to “Nagios XI”