Sign in 500 error with LDAP enabled after upgrade

jhudson · August 11, 2016, 12:31pm

We are using Gitlab Omnibus with LDAP (Active Directory) enabled. After upgrade from 8.9.3 to 8.10.3, the initial sign in page gives a 500 error if gitlab_rails[‘ldap_enabled’] = true. The relevant log entry is shown below:

We have tried upgrading to 8.10.4 and 8.10.5 but the error persists.

sudo gitlab-rake gitlab:ldap:check RAILS_ENV=production shows 100 results correctly.

sudo gitlab-rake gitlab:check shows all results green.

If cannot find any similar issues reported. We have had to disable LDAP authentication until we can solve this problem. Can anybody help?

==> /var/log/gitlab/nginx/gitlab_access.log <==
10.10.3.128 - - [11/Aug/2016:12:10:39 +0100] “GET /users/sign_in HTTP/2.0” 500 2440 “https://git3.matchesremote.com/” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36”

==> /var/log/gitlab/gitlab-rails/production.log <==
Started GET “/users/sign_in” for 10.10.3.128 at 2016-08-11 12:10:44 +0100
Processing by SessionsController#new as HTML
Completed 500 Internal Server Error in 52ms (ActiveRecord: 3.1ms)

ActionView::Template::Error (undefined method user_omniauth_callback_path' for #<#<Class:0x000000067efaa8>:0x000000080a5840>): 1: = form_tag(user_omniauth_callback_path(server['provider_name']), id: 'new_ldap_user' ) do 2: = text_field_tag :username, nil, {class: "form-control top", placeholder: "#{server['label']} Login", autofocus: "autofocus"} 3: = password_field_tag :password, nil, {class: "form-control bottom", placeholder: "Password"} 4: - if devise_mapping.rememberable? app/views/devise/sessions/_new_ldap.html.haml:1:in _app_views_devise_sessions__new_ldap_html_haml___428518902322066188_64039380’
app/views/devise/shared/_signin_box.html.haml:26:in block in _app_views_devise_shared__signin_box_html_haml___1293687526134571913_63486120' app/views/devise/shared/_signin_box.html.haml:24:in each’
app/views/devise/shared/_signin_box.html.haml:24:in each_with_index' app/views/devise/shared/_signin_box.html.haml:24:in _app_views_devise_shared__signin_box_html_haml___1293687526134571913_63486120’
app/views/devise/sessions/new.html.haml:4:in _app_views_devise_sessions_new_html_haml__376663571197512617_62072800' app/controllers/sessions_controller.rb:24:in new’
lib/gitlab/middleware/go.rb:16:in `call’

==> /var/log/gitlab/gitlab-workhorse/current <==
2016-08-11_11:10:44.52574 2016/08/11 12:10:44 ErrorPage: serving predefined error page: 500

vgerris · March 4, 2021, 1:36pm

hi, a bit old I see but it popped up in google when I searched. I had the same issue, it was caused by the LDAP setup not being correct.

check out this documentation:
https://gitlab1100.local/help/administration/auth/ldap

Make sure to test your bind user and make sure the base dn and ldap classes match the one you have in your directory server.

you can check on the server what accounts you get back by running :
gitlab-rake gitlab:ldap:check RAILS_ENV=production

That shows the full LDAP cn.
If that works and you get a 500, your base dn might not match those results.

Good luck if you may come across here like I did