500 after login by using LDAP, rake tasks say all is ok

Hello everyone,
i have following problem. Rake task for validation is showing what I expect:
LDAP anonymous connection and single user defined in system LDAP database:
Checking LDAP …
Server: ldapmain
LDAP authentication… Anonymous. No bind_dn or password configured
LDAP users with access to your GitLab server (only showing the first 100 results)
_ DN: uid=…,ou=…,dc=… uid: …_
Checking LDAP … Finished

When I try to use this user (using what is printed in uid as login name) I still getting error 500 something went wrong on our end.

I found following output in my gitlab logs:
==> /var/log/gitlab/gitlab-monitor/current <==
2017-06-03_15:20:17.99890 ::1 - - [03/Jun/2017:17:20:17 CEST] “GET /process HTTP/1.1” 200 2225
2017-06-03_15:20:17.99896 - -> /process

==> /var/log/gitlab/gitlab-rails/production.log <==
Started POST “/users/auth/ldapmain/callback” for 10.10.10.2 at 2017-06-03 17:20:19 +0200

==> /var/log/gitlab/unicorn/unicorn_stdout.log <==
I, [2017-06-03T17:20:19.845617 #2027] INFO – omniauth: (ldapmain) Callback phase initiated.

==> /var/log/gitlab/gitlab-rails/production.log <==

ArgumentError (method MUST be provided):
_ lib/gitlab/middleware/multipart.rb:93:in call'_ _ lib/gitlab/request_profiler/middleware.rb:14:in call’_
_ lib/gitlab/middleware/go.rb:16:in call'_ _ lib/gitlab/etag_caching/middleware.rb:10:in call’_
_ lib/gitlab/request_context.rb:18:in `call’_

==> /var/log/gitlab/gitlab-workhorse/current <==
2017-06-03_15:20:19.85093 2017/06/03 17:20:19 ErrorPage: serving predefined error page: 500
2017-06-03_15:20:19.85123 gitlab.a-d.cz @ - - [2017-06-03 17:20:19.829714952 +0200 CEST] “POST /users/auth/ldapmain/callback HTTP/1.1” 500 2911 “http://gitlab.a-d.cz/users/sign_in” “Mozilla/5.0 (X11; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0” 0.021367

==> /var/log/gitlab/nginx/gitlab_access.log <==
10.10.10.2 - - [03/Jun/2017:17:20:19 +0200] “POST /users/auth/ldapmain/callback HTTP/1.1” 500 2911 “http://gitlab.a-d.cz/users/sign_in” “Mozilla/5.0 (X11; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0”

I spend some time by finding solution, checking other solved problems but no one has same output like me. I’m expecting problem is in output from production.log. However I’m not able to find out what I did wrong and how to solve problem.
Please help me to find where is problem,

1 Like

Exactly same problem here. Did you find a solution?

Hi,
no I spent a lot of time to try to fix problem and restore in my memory what I could do possibly wrong.
So far I’m consider to completely remove Gitlab, and try to install it from fresh latest version and after that just update LDAP settings.

I remember one post install step where I change port number of gitlab from 8080 to just 80. Not sure if this can be source of problem or not. Primary reason why I consider to start from fresh is because after update some database structure problems are appear in log. And as bonus my Gitlab installation is still empty without project. I need to solve LDAP login before I will allow users to use it.

However to find what was exactly wrong we can share configuration dump from gitlab and try to compare settings.
I will share my in next post and lets hope there will be someone who will see what we are not able to see.

As I have promised here is dump of my current active configuration, I have replaced some critical data by stars:
{
“gitlab”: {
“bootstrap”: {},
“omnibus-gitconfig”: {},
“manage-accounts”: {},
“manage-storage-directories”: {},
“user”: {
“home”: “/var/opt/gitlab”,
“git_user_email”: “@.*.cz"
},
“redis”: {},
“gitlab-rails”: {
“ldap_enabled”: true,
“ldap_servers”: {
“main”: {
“label”: “LDAP”,
“host”: “localhost”,
“port”: 389,
“uid”: “uid”,
“active_directory”: false,
“allow_username_or_email_login”: false,
“block_auto_created_users”: false,
“base”: "ou=people,dc=
.cz",
“user_filter”: “”,
“attributes”: {
“username”: [
“uid”,
“userid”,
“sAMAccountName”
],
“email”: [
“mail”,
“email”,
“userPrincipalName”
],
“name”: “cn”,
“first_name”: “givenName”,
“last_name”: “sn”
}
}
},
“secret_key_base”: "
",
“db_key_base”: "
",
“otp_key_base”: "
",
“jws_private_key”: "
",
“stuck_ci_jobs_worker_cron”: null,
“gitlab_host”: "gitlab.
.cz",
“gitlab_email_from”: "gitlab@gitlab.
.cz",
“gitlab_https”: false,
“gitlab_port”: 80,
“shared_path”: “/var/opt/gitlab/gitlab-rails/shared”,
“artifacts_path”: “/var/opt/gitlab/gitlab-rails/shared/artifacts”,
“lfs_storage_path”: “/var/opt/gitlab/gitlab-rails/shared/lfs-objects”,
“pages_path”: “/var/opt/gitlab/gitlab-rails/shared/pages”,
“repositories_storages”: {
“default”: {
“path”: “/var/opt/gitlab/git-data/repositories”,
“gitaly_address”: “unix:/var/opt/gitlab/gitaly/gitaly.socket”
}
},
“trusted_proxies”: [ ],
“gitaly_enabled”: true,
“db_username”: “gitlab”,
“db_host”: null,
“db_port”: 5432
},
“gitlab-ci”: {},
“gitlab-shell”: {
“secret_token”: "
",
“auth_file”: “/var/opt/gitlab/.ssh/authorized_keys”
},
“unicorn”: {},
“sidekiq”: {},
“sidekiq-cluster”: null,
“gitlab-workhorse”: {
“secret_token”: "
***”,
“auth_socket”: “/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket”
},
“mailroom”: { },
“nginx”: {
“proxy_set_headers”: {
“Host”: “$http_host_with_default”,
“X-Real-IP”: “$remote_addr”,
“X-Forwarded-For”: “$proxy_add_x_forwarded_for”,
“Upgrade”: “$http_upgrade”,
“Connection”: “connection_upgrade", "X-Forwarded-Proto": "http" }, "real_ip_trusted_addresses": [ ], "listen_port": 80 }, "mattermost-nginx": { "listen_port": null }, "pages-nginx": { "listen_port": null }, "registry-nginx": { }, "logging": { }, "remote-syslog": { }, "logrotate": { }, "high-availability": { }, "postgresql": { }, "web-server": { }, "mattermost": { "email_invite_salt": "************************************", "file_public_link_salt": "********************************", "sql_at_rest_encrypt_key": "******************************", "sql_data_source": "user=gitlab_mattermost host=/var/opt/gitlab/postgresql port=5432 dbname=mattermost_production", "sql_data_source_replicas": [ "user=gitlab_mattermost host=/var/opt/gitlab/postgresql port=5432 dbname=mattermost_production" ] }, "external-url": "http://gitlab.*******.cz", "mattermost-external-url": null, "pages-external-url": null, "gitlab-pages": { }, "registry": { "http_secret": "******************************************", "internal_certificate": "*********************************", "internal_key": "*****************************************" }, "gitaly": { "env": { "PATH": "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/bin:/usr/bin", "HOME": "/var/opt/gitlab" }, "storage": [{ "name": "default", "path": "/var/opt/gitlab/git-data/repositories" }]}, "node-exporter": { "flags": { "web.listen-address": "localhost:9100", "collector.textfile.directory": "/var/opt/gitlab/node-exporter/textfile_collector"}}, "prometheus": { "scrape_configs": [ { "job_name": "prometheus", "static_configs": [ { "targets": [ "localhost:9090"]}]}, { "job_name": "redis", "static_configs": [ { "targets": [ "localhost:9121"]}]}, { "job_name": "postgres", "static_configs": [ { "targets": [ "localhost:9187"]}]}, { "job_name": "node", "static_configs": [ { "targets": [ "localhost:9100"]}]}, { "job_name": "gitlab_monitor_database", "metrics_path": "/database", "static_configs": [ { "targets": [ "localhost:9168"]}]}, { "job_name": "gitlab_monitor_sidekiq", "metrics_path": "/sidekiq", "static_configs": [ { "targets": [ "localhost:9168"]}]}, { "job_name": "gitlab_monitor_process", "metrics_path": "/process", "static_configs": [ { "targets": [ "localhost:9168"]}]}, { "job_name": "kubernetes-nodes", "scheme": "https", "tls_config": { "ca_file": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt", "insecure_skip_verify": true }, "bearer_token_file": "/var/run/secrets/kubernetes.io/serviceaccount/token", "kubernetes_sd_configs": [ { "role": "node", "api_server": "https://kubernetes.default.svc:443", "tls_config": { "ca_file": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt" }, "bearer_token_file": "/var/run/secrets/kubernetes.io/serviceaccount/token" } ], "relabel_configs": [ { "action": "labelmap", "regex": "__meta_kubernetes_node_label_(.+)" }, { "source_labels": [ "__address__" ], "target_label": "__address__", "regex": "([^:;]+):([0-9]+)", "replacement": "{1}:10255”
},
{
“source_labels”: [
scheme
],
“target_label”: “scheme”,
“regex”: “https”,
“replacement”: “http”}],
“metric_relabel_configs”: [
{
“source_labels”: [
“pod_name”
],
“target_label”: “environment”,
“regex”: “(.+)-.±.+”}]}],
“flags”: {
“web.listen-address”: “localhost:9090”,
“storage.local.path”: “/var/opt/gitlab/prometheus/data”,
“storage.local.chunk-encoding-version”: “2”,
“storage.local.target-heap-size”: “355836723”,
“config.file”: “/var/opt/gitlab/prometheus/prometheus.yml”}},
“redis-exporter”: {
“enable”: true,
“flags”: {
“web.listen-address”: “localhost:9121”,
“redis.addr”: “unix:///var/opt/gitlab/redis/redis.socket”}},
“postgres-exporter”: {
“enable”: true,
“flags”: {
“web.listen-address”: “localhost:9187”
}
},
“gitlab-monitor”: { },
“prometheus-monitoring”: { },
“pgbouncer”: { },
“sentinel”: { }
},
“roles”: {
“geo-primary”: { },
“geo-secondary”: { },
“redis-sentinel”: { },
“redis-master”: { },
“redis-slave”: { }
}
}

Hi,

I had the same issue with a gitlab 9.x installation.
You may not need the solution any more but for other people facing the same issue, here is how it worked for me:

  • you have to set the method config key to define the encryption method
    method: ‘plain’ # “tls” or “ssl” or “plain”

this option is later replaced by the encryption key but for this version of gitlab, it was required.