Issue with Firefox and possibly AD Authentication involvement

Help
1

Ok….another weird problem…

TLDR: Firefox doesn’t work with LibreNMS and AD authentication.

So the boss likes LibreNMS, but didn’t like the fact that I was using Local Accounts. So…I got AD authentication working. I’m able to log in with Chrome and my AD account.

I asked a teammate to log in and he received the following error when using Firefox:

image (2)
image (2)1226×398 26.4 KB

Here is what the logs say:

[2025-11-04T14:36:56][CRITICAL] Exception: TypeError ldap_get_entries(): Argument #2 ($result) must be of type LDAP\Result, false given @ /opt/librenms/LibreNMS/Authentication/ActiveDirectoryAuthorizer.php:121
#0 /opt/librenms/LibreNMS/Authentication/ActiveDirectoryAuthorizer.php(121): ldap_get_entries()
#1 /opt/librenms/app/Providers/LegacyUserProvider.php(94): LibreNMS\Authentication\ActiveDirectoryAuthorizer->userExists()
#2 /opt/librenms/vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php(216): App\Providers\LegacyUserProvider->retrieveByToken()
#3 /opt/librenms/vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php(187): Illuminate\Auth\SessionGuard->userFromRecaller()
#4 /opt/librenms/vendor/laravel/framework/src/Illuminate/Auth/GuardHelpers.php(56): Illuminate\Auth\SessionGuard->user()
#5 /opt/librenms/app/Http/Middleware/LegacyExternalAuth.php(22): Illuminate\Auth\SessionGuard->check()
#6 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): App\Http\Middleware\LegacyExternalAuth->handle()
#7 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(87): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#8 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle()
#9 /opt/librenms/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(48): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#10 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\View\Middleware\ShareErrorsFromSession->handle()
#11 /opt/librenms/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(120): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#12 /opt/librenms/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(63): Illuminate\Session\Middleware\StartSession->handleStatefulRequest()
#13 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Session\Middleware\StartSession->handle()
#14 /opt/librenms/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(36): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#15 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle()
#16 /opt/librenms/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(74): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#17 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Cookie\Middleware\EncryptCookies->handle()
#18 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#19 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Router.php(821): Illuminate\Pipeline\Pipeline->then()
#20 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Router.php(800): Illuminate\Routing\Router->runRouteWithinStack()
#21 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Router.php(764): Illuminate\Routing\Router->runRoute()
#22 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Router.php(753): Illuminate\Routing\Router->dispatchToRoute()
#23 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(200): Illuminate\Routing\Router->dispatch()
#24 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(180): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http{closure}()
#25 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#26 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ConvertEmptyStringsToNull.php(31): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
#27 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull->handle()
#28 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#29 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(51): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
#30 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Foundation\Http\Middleware\TrimStrings->handle()
#31 /opt/librenms/vendor/laravel/framework/src/Illuminate/Http/Middleware/ValidatePostSize.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#32 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Http\Middleware\ValidatePostSize->handle()
#33 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(109): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#34 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance->handle()
#35 /opt/librenms/vendor/laravel/framework/src/Illuminate/Http/Middleware/HandleCors.php(48): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#36 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Http\Middleware\HandleCors->handle()
#37 /opt/librenms/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(58): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#38 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Http\Middleware\TrustProxies->handle()
#39 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/InvokeDeferredCallbacks.php(22): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#40 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Foundation\Http\Middleware\InvokeDeferredCallbacks->handle()
#41 /opt/librenms/vendor/laravel/framework/src/Illuminate/Http/Middleware/ValidatePathEncoding.php(26): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#42 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(219): Illuminate\Http\Middleware\ValidatePathEncoding->handle()
#43 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(137): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
#44 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(175): Illuminate\Pipeline\Pipeline->then()
#45 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(144): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter()
#46 /opt/librenms/html/index.php(51): Illuminate\Foundation\Http\Kernel->handle()
#47 {main}

I had another teammate try logging in with Edge and he was able to get in just fine. I returned to the original teammate and had him use Edge and he was able to get in.

Any idea what is happening with Firefox?

2

Has your friend previously logged in to LibreNMS on Firefox? If so (and had “remember me” enabled), it might be a problem with the browser’s saved session (it happened to me too). Clearing the browser’s cache or cookies for that domain solved the problem.

3

It is not browser related. LibreNMS is trying to connect with your friends credentials and failing in some way. The error handling could be better but:
It looks like the user:

  1. authenticates

  2. binds

  3. tries to do an ldap search and fails

    In Active Directory, all users are allowed to search by default. Likely someone changed that for the user in question.

4

Oh, and likely one way to get around this is to set up a BIND user (which will be used to run the search instead of the logged in user if it exists)

5

Third update as @devhubpl mentioned, the user has enabled the “remember me” checkbox, which requires a bind user with Active Directory. (because the user does not give their credentials to do the search to check that the user is still valid (not disabled etc))

1 Like