LDAP & "remember me" issue

Hello,

I have an issue with LibreNMS.

I use LDAP authentication et when I use “Remember me” option in login page, one or two days after I have a " Whoops, looks like something went wrong. Check your librenms.log.".

I found a work around : remove cookies from LibreNMS and after this, I can login again (that’s not a login problem).

[2019-08-09 16:22:18] production.ERROR: ldap_search(): Search: No such object {"exception":"[object] (ErrorException(code: 0): ldap_search(): Search: No such object at /opt/librenms/LibreNMS/Authentication/LdapAuthorizer.php:64)
[stacktrace]
#0 [internal function]: Illuminate\\Foundation\\Bootstrap\\HandleExceptions->handleError(2, 'ldap_search(): ...', '/opt/librenms/L...', 64, Array)
#1 /opt/librenms/LibreNMS/Authentication/LdapAuthorizer.php(64): ldap_search(Resource id #8, 'ou=Informatique...', '(uid=<USERNAME>)')
#2 /opt/librenms/app/Providers/LegacyUserProvider.php(86): LibreNMS\\Authentication\\LdapAuthorizer->userExists('<USERNAME>')
#3 /opt/librenms/vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php(169): App\\Providers\\LegacyUserProvider->retrieveByToken('2', 'cXOivChYZ22ffNj...')
#4 /opt/librenms/vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php(139): Illuminate\\Auth\\SessionGuard->userFromRecaller(Object(Illuminate\\Auth\\Recaller))
#5 /opt/librenms/vendor/laravel/framework/src/Illuminate/Auth/AuthManager.php(54): Illuminate\\Auth\\SessionGuard->user()
#6 [internal function]: Illuminate\\Auth\\AuthManager->Illuminate\\Auth\\{closure}(NULL)
#7 /opt/librenms/vendor/laravel/framework/src/Illuminate/Auth/AuthServiceProvider.php(86): call_user_func(Object(Closure), NULL)
#8 [internal function]: Illuminate\\Auth\\AuthServiceProvider->Illuminate\\Auth\\{closure}(NULL)
#9 /opt/librenms/vendor/laravel/framework/src/Illuminate/Http/Request.php(513): call_user_func(Object(Closure), NULL)
#10 /opt/librenms/app/Http/Middleware/SetLocale.php(23): Illuminate\\Http\\Request->user()
#11 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(163): App\\Http\\Middleware\\SetLocale->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#12 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#13 /opt/librenms/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(63): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#14 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(163): Illuminate\\Session\\Middleware\\StartSession->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#15 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#16 /opt/librenms/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#17 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(163): Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#18 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#19 /opt/librenms/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(66): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#20 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(163): Illuminate\\Cookie\\Middleware\\EncryptCookies->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#21 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#22 /opt/librenms/app/Http/Middleware/CheckInstalled.php(46): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#23 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(163): App\\Http\\Middleware\\CheckInstalled->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#24 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#25 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#26 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Router.php(684): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#27 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Router.php(659): Illuminate\\Routing\\Router->runRouteWithinStack(Object(Illuminate\\Routing\\Route), Object(Illuminate\\Http\\Request))
#28 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Router.php(625): Illuminate\\Routing\\Router->runRoute(Object(Illuminate\\Http\\Request), Object(Illuminate\\Routing\\Route))
#29 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Router.php(614): Illuminate\\Routing\\Router->dispatchToRoute(Object(Illuminate\\Http\\Request))
#30 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\\Routing\\Router->dispatch(Object(Illuminate\\Http\\Request))
#31 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}(Object(Illuminate\\Http\\Request))
#32 /opt/librenms/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#33 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(163): Fideloper\\Proxy\\TrustProxies->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#34 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#35 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(31): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#36 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(163): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#37 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#38 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(31): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#39 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(163): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#40 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#41 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#42 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(163): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#43 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#44 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(62): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#45 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(163): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle(Object(Illuminate\\Http\\Request), Object(Closure))
#46 /opt/librenms/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request))
#47 /opt/librenms/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\\Routing\\Pipeline->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request))
#48 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(151): Illuminate\\Pipeline\\Pipeline->then(Object(Closure))
#49 /opt/librenms/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(Illuminate\\Http\\Request))
#50 /opt/librenms/html/index.php(53): Illuminate\\Foundation\\Http\\Kernel->handle(Object(Illuminate\\Http\\Request))
#51 {main}
"}

I forget, when it’s happen, I can’t access to nothing, same to login page.

LibreNMS tries to search for the user, but gets no results. Is your bind user correct and able to search?

Yes and if I open with another browser, that’s work perfectly.
And if I do not enable “remember me” option, I never had problem.

We’ve been running into this issue for some time now. It doesn’t happen all the time, just occasionally. Our work around has been, just deleting the bad cookie and moving on. I’d love to find a solution to this. Has anyone figured out the root cause yet?

We’re using OpenLDAP.

We still got the same issue and it’s getting really annoying. Is there some plan how to fix this? Any rough estimate or something? Also willing to help if you need any.

Did you also use “OpenLDAP”?
I think this is the best way to reproduce this bug.

We hooked it up to a univention LDAP. I’m pretty sure this is openldap underneath.

Maybe we found our issue. We don’t use a bind user so it tries to bind as the user you try to login I guess? But that session is probably timed out by then so the bind fails. We’ll create a separate bind user and try if that solves the problem for us. I’ll get back here if it does. If I forget just ping me.

@Ricardo you can’t bind as the login user when using “remember me”, we don’t have the password. This is why a bind user is required.

Seems like the real fix here is to disable the remember me checkbox for ldap and ad users without a bind user. But unfortunately, that would disable even for those that don’t require a bind user (allow anon search).

In our case we don’t allow anon search. That’s why we need a bind user. But so far we didn’t configure one. We’re testing it now with a bind user. Maybe this solves the issue.

Another solution would be to return to the login page when this error happens …

1 Like

Is there a solution to this problem? I am having this issue with a new install and I have a bind user.