LDAP - Getaddrinfo: temporary failure in name resolution

I am running the omnibus version of Gitlab as a docker container.

If I exec into the container and ping the LDAP host I have defined in my ldap settings for the gitlab.rb file, the ping works. This seems to confirm that DNS is working properly within the container itself.

In my gitlab.rb file I defined my LDAP host as the IP address, not hostname or FQDN, hoping that would help avoid this issue.

However, if I try to run gitlab-rake gitlab:ldap:check (from within the container) that is when I get the error
Exception: getaddrinfo: Temporary failure in name resolution

I did try to look for some log errors. docker logs -f <container_id> | grep ldapmain
The log line that seems to sum it up best is here.
2022-08-25T14:23:22.317Z: (ldapmain) Authentication failure! ldap error: Net::LDAP::Error, getaddrinfo: Temporary failure in name resolution {"severity":"ERROR","time":"2022-08-25T14:23:22.317Z","correlation_id":"some_string_here","message":"(ldapmain) Authentication failure! ldap_error: Net::LDAP::Error, getaddrinfo: Temporary failure in name resolution"}

So, it sort of seem that this specific function is failing but the container itself can perform DNS lookups without issue. I could be wrong here, if so, set me straight.

I hope this is enough info that someone can assist troubleshooting. My system is air gapped and requires further approvals to get more logs etc. :slightly_smiling_face: Thanks.

I found the issue. The error message is a red herring. Nothing is wrong with DNS at all.

gitlab.rb had a typo in the line:
‘bind_dn’ => ‘_the_full_dn_of_the_user_you_will_bind_with’,
In my case there was an extra set of single quotes because the dn contained spaces and I couldn’t tell if it was needed or not based on the example config. Pro tip copy the value that you find in AD using ADSI edit.