I am having an issue with LDAP authentication. Our gitlab-ce installation is self-hosted in a docker container. The issue started when I updated Ubuntu via apt update/upgrade. I started getting the error listed in the screenshot below:
I went ahead and updated the gitlab container thinking that it might fix the issue, but the same error applies.
This is on our development server - the production server running older versions of ubuntu and gitlab works fine.
Here is some additional information in hopes that someone else is having a similar issue.
$ uname -a
Linux BDCD-GITLAB01 4.15.0-42-generic #45-Ubuntu SMP Thu Nov 15 19:32:57 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
$ sudo docker exec -t gitlab gitlab-rake gitlab:ldap:check --trace
** Invoke gitlab:ldap:check (first_time)
** Invoke gitlab_environment (first_time)
** Invoke environment (first_time)
** Execute environment
** Execute gitlab_environment
** Execute gitlab:ldap:check
Checking LDAP âŚ
Server: ldapmain
rake aborted!
Net::LDAP::Error: Connection timed out - user specified timeout
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/net-ldap-0.16.0/lib/net/ldap/connection.rb:72:in open_connection' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/net-ldap-0.16.0/lib/net/ldap/connection.rb:698:in
socketâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/net-ldap-0.16.0/lib/net/ldap.rb:1321:in new_connection' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/net-ldap-0.16.0/lib/net/ldap.rb:713:in
block in openâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/net-ldap-0.16.0/lib/net/ldap/instrumentation.rb:19:in instrument' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/net-ldap-0.16.0/lib/net/ldap.rb:711:in
openâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/net-ldap-0.16.0/lib/net/ldap.rb:644:in open' /opt/gitlab/embedded/service/gitlab-rails/lib/gitlab/auth/ldap/adapter.rb:13:in
openâ
/opt/gitlab/embedded/service/gitlab-rails/lib/tasks/gitlab/check.rake:262:in block in check_ldap' /opt/gitlab/embedded/service/gitlab-rails/lib/tasks/gitlab/check.rake:258:in
eachâ
/opt/gitlab/embedded/service/gitlab-rails/lib/tasks/gitlab/check.rake:258:in check_ldap' /opt/gitlab/embedded/service/gitlab-rails/lib/tasks/gitlab/check.rake:247:in
block (3 levels) in <top (required)>â
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/task.rb:271:in block in execute' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/task.rb:271:in
eachâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/task.rb:271:in execute' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/task.rb:213:in
block in invoke_with_call_chainâ
/opt/gitlab/embedded/lib/ruby/2.4.0/monitor.rb:214:in mon_synchronize' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/task.rb:193:in
invoke_with_call_chainâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/task.rb:182:in invoke' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/application.rb:160:in
invoke_taskâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/application.rb:116:in block (2 levels) in top_level' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/application.rb:116:in
eachâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/application.rb:116:in block in top_level' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/application.rb:125:in
run_with_threadsâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/application.rb:110:in top_level' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/application.rb:83:in
block in runâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/application.rb:186:in standard_exception_handling' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/lib/rake/application.rb:80:in
runâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/rake-12.3.1/exe/rake:27:in <top (required)>' /opt/gitlab/embedded/bin/rake:23:in
loadâ
/opt/gitlab/embedded/bin/rake:23:in <top (required)>' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/cli/exec.rb:74:in
loadâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/cli/exec.rb:74:in kernel_load' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/cli/exec.rb:28:in
runâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/cli.rb:424:in exec' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/vendor/thor/lib/thor/command.rb:27:in
runâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/vendor/thor/lib/thor/invocation.rb:126:in invoke_command' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/vendor/thor/lib/thor.rb:387:in
dispatchâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/cli.rb:27:in dispatch' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/vendor/thor/lib/thor/base.rb:466:in
startâ
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/cli.rb:18:in start' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/exe/bundle:30:in
block in <top (required)>â
/opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/lib/bundler/friendly_errors.rb:124:in with_friendly_errors' /opt/gitlab/embedded/lib/ruby/gems/2.4.0/gems/bundler-1.16.6/exe/bundle:22:in
<top (required)>â
/opt/gitlab/embedded/bin/bundle:23:in load' /opt/gitlab/embedded/bin/bundle:23:in
â
Tasks: TOP => gitlab:ldap:check
$ sudo docker exec -t gitlab gitlab-rake gitlab:env:info
System information
System:
Current User: git
Using RVM: no
Ruby Version: 2.4.5p335
Gem Version: 2.7.6
Bundler Version:1.16.6
Rake Version: 12.3.1
Redis Version: 3.2.12
Git Version: 2.18.1
Sidekiq Version:5.2.1
Go Version: unknown
GitLab information
Version: 11.5.4
Revision: 315df49
Directory: /opt/gitlab/embedded/service/gitlab-rails
DB Adapter: postgresql
URL: https://sas-gitlab-dev.xxx.com
HTTP Clone URL: https://sas-gitlab-dev.xxx.com/some-group/some-project.git
SSH Clone URL: git@sas-gitlab-dev.xxx.com:some-group/some-project.git
Using LDAP: yes
Using Omniauth: yes
Omniauth Providers:
GitLab Shell
Version: 8.4.1
Repository storage paths:
- default: /var/opt/gitlab/git-data/repositories
Hooks: /opt/gitlab/embedded/service/gitlab-shell/hooks
Git: /opt/gitlab/embedded/bin/git
gitlab.rb:
gitlab_rails[âldap_serversâ] = YAML.load <<-âEOSâ
main: # âmainâ is the GitLab âprovider IDâ of this LDAP server
label: âLDAPâ
host: âxxx.comâ
port: 389
uid: âuserPrincipalNameâ
bind_dn: âCN=SAS_LDAP Account,OU=Service Accounts,DC=xxx,DC=comâ
password: âxxxâ
encryption: âplainâ # âstart_tlsâ or âsimple_tlsâ or âplainâ
verify_certificates: true
ca_cert: ââ
ssl_version: ââ
timeout: 10
active_directory: true
allow_username_or_email_login: false
block_auto_created_users: false
base: âDC=xxx,DC=comâ
user_filter: ââ
attributes:
username: [âuidâ, âuseridâ, âsAMAccountNameâ]
email: [âmailâ, âemailâ, âuserPrincipalNameâ]
name: âcnâ
first_name: âgivenNameâ
last_name: âsnâ
EOS
I have tried changing âverify_certificatesâ to âfalseâ with the same error. I believe that it has something to do with either the docker distribution or the ubuntu update since it also failed with gitlab 11.2.3.
If anyone has similar issues of found a fix, Iâd appreciate a reply - thanks.