PHP Fatal error: Uncaught FusionDirectory\\Ldap\\Exception: Invalid credentials (49)
Following #53 (closed), I was able to run correctly the FusionDirectory php-fpm container. While starting, the container runs the script deploy-schema.sh, and it seems the script is unable to connect the ldap schemas, here is the container output (I let the passwords visible, there may be a bad character I didnt know about, I will change them afterwards):
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
PLAY [localhost] ***************************************************************
TASK [Gathering Facts] *********************************************************
ok: [localhost]
TASK [Assert variables] ********************************************************
ok: [localhost] => (item={'name': 'CUSTOMERID', 'value': 'OW2'})
ok: [localhost] => (item={'name': 'LDAP_HOST', 'value': 'fusioniam-openldap-ltb'})
ok: [localhost] => (item={'name': 'LDAP_PORT', 'value': '33389'})
ok: [localhost] => (item={'name': 'LDAP_PROTO', 'value': 'ldap'})
ok: [localhost] => (item={'name': 'LDAP_STARTTLS', 'value': 'true'})
ok: [localhost] => (item={'name': 'SSO_DOMAIN', 'value': 'sso.ow2.org'})
ok: [localhost] => (item={'name': 'VHOST_NAME', 'value': 'fusiondirectory.ow2.org'})
ok: [localhost] => (item={'name': 'FUSIONDIRECTORY_LDAP_PASSWORD', 'value': 'm8sY?v3RzQ@?Nyty'})
ok: [localhost] => (item={'name': 'FUSIONDIRECTORY_LDAP_USERNAME', 'value': 'fd-admin'})
ok: [localhost] => (item={'name': 'ACCCONFIGROOTPW', 'value': 'Hy!d32G936&bjl?AZadkfj'})
TASK [Deploy fusiondirectory.conf file] ****************************************
changed: [localhost]
TASK [Deploy vhost] ************************************************************
changed: [localhost]
TASK [Deploy / redeploy schemas] ***********************************************
failed: [localhost] (item=audit-fd-conf) => {"ansible_loop_var": "item", "changed": true, "cmd": "/deploy-schema.sh \"audit-fd-conf\"", "delta": "0:00:00.210142", "end": "2023-10-17 07:42:34.147243", "item": "audit-fd-conf", "msg": "non-zero return code", "rc": 1, "start": "2023-10-17 07:42:33.937101", "stderr": "PHP Fatal error: Uncaught FusionDirectory\\Ldap\\Exception: Invalid credentials (49) in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php:117\nStack trace:\n#0 /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Link.php(111): FusionDirectory\\Ldap\\Result->assert()\n#1 /usr/local/share/fusiondirectory/tools/FusionDirectory/Tools/InsertSchema.php(117): FusionDirectory\\Ldap\\Link->bind()\n#2 /usr/local/share/fusiondirectory/tools/fusiondirectory-schema-manager(29): FusionDirectory\\Tools\\InsertSchema->run()\n#3 {main}\n thrown in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php on line 117", "stderr_lines": ["PHP Fatal error: Uncaught FusionDirectory\\Ldap\\Exception: Invalid credentials (49) in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php:117", "Stack trace:", "#0 /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Link.php(111): FusionDirectory\\Ldap\\Result->assert()", "#1 /usr/local/share/fusiondirectory/tools/FusionDirectory/Tools/InsertSchema.php(117): FusionDirectory\\Ldap\\Link->bind()", "#2 /usr/local/share/fusiondirectory/tools/fusiondirectory-schema-manager(29): FusionDirectory\\Tools\\InsertSchema->run()", "#3 {main}", " thrown in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php on line 117"], "stdout": "Deploying schema: audit-fd-conf\nProblem while getting installed schema, aborting", "stdout_lines": ["Deploying schema: audit-fd-conf", "Problem while getting installed schema, aborting"]}
failed: [localhost] (item=audit-fd) => {"ansible_loop_var": "item", "changed": true, "cmd": "/deploy-schema.sh \"audit-fd\"", "delta": "0:00:00.248826", "end": "2023-10-17 07:42:34.703880", "item": "audit-fd", "msg": "non-zero return code", "rc": 1, "start": "2023-10-17 07:42:34.455054", "stderr": "PHP Fatal error: Uncaught FusionDirectory\\Ldap\\Exception: Invalid credentials (49) in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php:117\nStack trace:\n#0 /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Link.php(111): FusionDirectory\\Ldap\\Result->assert()\n#1 /usr/local/share/fusiondirectory/tools/FusionDirectory/Tools/InsertSchema.php(117): FusionDirectory\\Ldap\\Link->bind()\n#2 /usr/local/share/fusiondirectory/tools/fusiondirectory-schema-manager(29): FusionDirectory\\Tools\\InsertSchema->run()\n#3 {main}\n thrown in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php on line 117", "stderr_lines": ["PHP Fatal error: Uncaught FusionDirectory\\Ldap\\Exception: Invalid credentials (49) in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php:117", "Stack trace:", "#0 /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Link.php(111): FusionDirectory\\Ldap\\Result->assert()", "#1 /usr/local/share/fusiondirectory/tools/FusionDirectory/Tools/InsertSchema.php(117): FusionDirectory\\Ldap\\Link->bind()", "#2 /usr/local/share/fusiondirectory/tools/fusiondirectory-schema-manager(29): FusionDirectory\\Tools\\InsertSchema->run()", "#3 {main}", " thrown in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php on line 117"], "stdout": "Deploying schema: audit-fd\nProblem while getting installed schema, aborting", "stdout_lines": ["Deploying schema: audit-fd", "Problem while getting installed schema, aborting"]}
failed: [localhost] (item=core-fd-conf) => {"ansible_loop_var": "item", "changed": true, "cmd": "/deploy-schema.sh \"core-fd-conf\"", "delta": "0:00:00.225598", "end": "2023-10-17 07:42:35.237168", "item": "core-fd-conf", "msg": "non-zero return code", "rc": 1, "start": "2023-10-17 07:42:35.011570", "stderr": "PHP Fatal error: Uncaught FusionDirectory\\Ldap\\Exception: Invalid credentials (49) in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php:117\nStack trace:\n#0 /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Link.php(111): FusionDirectory\\Ldap\\Result->assert()\n#1 /usr/local/share/fusiondirectory/tools/FusionDirectory/Tools/InsertSchema.php(117): FusionDirectory\\Ldap\\Link->bind()\n#2 /usr/local/share/fusiondirectory/tools/fusiondirectory-schema-manager(29): FusionDirectory\\Tools\\InsertSchema->run()\n#3 {main}\n thrown in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php on line 117", "stderr_lines": ["PHP Fatal error: Uncaught FusionDirectory\\Ldap\\Exception: Invalid credentials (49) in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php:117", "Stack trace:", "#0 /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Link.php(111): FusionDirectory\\Ldap\\Result->assert()", "#1 /usr/local/share/fusiondirectory/tools/FusionDirectory/Tools/InsertSchema.php(117): FusionDirectory\\Ldap\\Link->bind()", "#2 /usr/local/share/fusiondirectory/tools/fusiondirectory-schema-manager(29): FusionDirectory\\Tools\\InsertSchema->run()", "#3 {main}", " thrown in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php on line 117"], "stdout": "Deploying schema: core-fd-conf\nProblem while getting installed schema, aborting", "stdout_lines": ["Deploying schema: core-fd-conf", "Problem while getting installed schema, aborting"]}
failed: [localhost] (item=core-fd) => {"ansible_loop_var": "item", "changed": true, "cmd": "/deploy-schema.sh \"core-fd\"", "delta": "0:00:00.236035", "end": "2023-10-17 07:42:35.789645", "item": "core-fd", "msg": "non-zero return code", "rc": 1, "start": "2023-10-17 07:42:35.553610", "stderr": "PHP Fatal error: Uncaught FusionDirectory\\Ldap\\Exception: Invalid credentials (49) in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php:117\nStack trace:\n#0 /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Link.php(111): FusionDirectory\\Ldap\\Result->assert()\n#1 /usr/local/share/fusiondirectory/tools/FusionDirectory/Tools/InsertSchema.php(117): FusionDirectory\\Ldap\\Link->bind()\n#2 /usr/local/share/fusiondirectory/tools/fusiondirectory-schema-manager(29): FusionDirectory\\Tools\\InsertSchema->run()\n#3 {main}\n thrown in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php on line 117", "stderr_lines": ["PHP Fatal error: Uncaught FusionDirectory\\Ldap\\Exception: Invalid credentials (49) in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php:117", "Stack trace:", "#0 /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Link.php(111): FusionDirectory\\Ldap\\Result->assert()", "#1 /usr/local/share/fusiondirectory/tools/FusionDirectory/Tools/InsertSchema.php(117): FusionDirectory\\Ldap\\Link->bind()", "#2 /usr/local/share/fusiondirectory/tools/fusiondirectory-schema-manager(29): FusionDirectory\\Tools\\InsertSchema->run()", "#3 {main}", " thrown in /usr/local/share/fusiondirectory/tools/FusionDirectory/Ldap/Result.php on line 117"], "stdout": "Deploying schema: core-fd\nProblem while getting installed schema, aborting", "stdout_lines": ["Deploying schema: core-fd", "Problem while getting installed schema, aborting"]}
[...]
PLAY RECAP *********************************************************************
localhost : ok=4 changed=2 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
I'm using Ansible to deploy the containers:
- name: fusioniam-openldap-ltb
image: gitlab.ow2.org:4567/fusioniam/fusioniam/fusioniam-openldap-ltb:snapshot
hostname: fusioniam-openldap-ltb
restart_policy: unless-stopped
security_opts:
- no-new-privileges=true
networks:
- name: net-openldap
aliases:
- fusioniam-openldap-ltb
- fusioniam-openldap-ltb.{{ docker_fqdn }}
volumes:
- fusioniam-openldap-ltb-data:/usr/local/openldap/var/openldap-data
- fusioniam-openldap-ltb-ldap-config:/usr/local/openldap/etc/openldap/slapd.d
ports:
- 127.0.0.1:33389:33389
env:
CUSTOMERID: OW2
ACCCONFIGROOTPW: '{{ ldap_configrootpw }}'
ACCDATAROOTPW: '{{ ldap_datarootpw }}'
ADMIN_LDAP_PASSWORD: '{{ ldap_admin_account_pwd }}'
# Services account for ldap apps
FUSIONDIRECTORY_LDAP_PASSWORD: '{{ ldap_fusiondirectory_pwd }}'
FUSIONDIRECTORY_LDAP_USERNAME: fd-admin
LEMONLDAP2_LDAP_PASSWORD: '{{ ldap_lemonldap2_pwd }}'
LEMONLDAP2_LDAP_USERNAME: lemonldap2
LSC_LDAP_PASSWORD: '{{ ldap_lsc_pwd }}'
LSC_LDAP_USERNAME: lsc
SERVICEDESK_LDAP_PASSWORD: '{{ ldap_servicedesk_pwd }}'
SERVICEDESK_LDAP_USERNAME: servicedesk
WHITEPAGES_LDAP_PASSWORD: '{{ ldap_whitepages_pwd }}'
WHITEPAGES_LDAP_USERNAME: whitepages
- name: fusioniam-fusiondirectory-php-fpm
image: gitlab.ow2.org:4567/fusioniam/fusioniam/fusioniam-fusiondirectory:snapshot
hostname: fusioniam-fusiondirectory-php-fpm
restart_policy: unless-stopped
security_opts:
- no-new-privileges=true
entrypoint: '/bin/bash'
command: '/run-ct.sh php-fpm'
networks:
- name: net-openldap
aliases:
- fusioniam-fusiondirectory-php-fpm
- fusioniam-fusiondirectory-php-fpm.{{ docker_fqdn }}
volumes:
- fd-run:/run/php-fpm
env:
CUSTOMERID: OW2
LDAP_HOST: fusioniam-openldap-ltb
LDAP_PORT: '33389'
LDAP_PROTO: ldap
LDAP_STARTTLS: 'true'
SSO_DOMAIN: sso.ow2.org
FUSIONDIRECTORY_NAME: fusiondirectory.ow2.org
FUSIONDIRECTORY_LDAP_PASSWORD: '{{ ldap_fusiondirectory_pwd }}'
FUSIONDIRECTORY_LDAP_USERNAME: fd-admin
ACCCONFIGROOTPW: '{{ ldap_configrootpw }}'