AWX ldap logs verbosity.
1,696 views
Skip to first unread message
MarcG
Apr 19, 2018, 8:55:26 AM4/19/18
to AWX Project
Hi I am trying to troubleshoot an LDAP integration issue and I need a way to get more verbose logs.
I have put the following line in /etc/tower/settings.py LOGGING['handlers']['tower_warnings']['level'] = 'DEBUG'
I then pull the logs from the awx-web container.
docker logs <container id>
If I enter a non-existent username I get something in the logs.
2018-04-19 12:45:19,706 DEBUG django_auth_ldap search_s('CN=users,DC=sales,DC=local', 2, '(sAMAccountName=%(user)s)') returned 0 objects:
2018-04-19 12:45:19,706 DEBUG django_auth_ldap Authentication failed for sDszc: failed to map the username to a DN.
However if I use a correct username with correct or incorrect password I get nothing and the login fails.
Is there anyway to increase the logging verbosity to see what on earth in going on?
Many thanks.
MarcG
Apr 22, 2018, 8:12:56 AM4/22/18
to AWX Project
I ended up just using wire shark to determine the issue
Eugene Archibald
May 1, 2018, 6:13:30 PM5/1/18
to AWX Project
So what was the issue? I'm facing the same thing in one environment, but not the other, and the lack of valid debugging logs is driving me batshit.
Marcos Georgopoulos
May 1, 2018, 7:27:05 PM5/1/18
to Eugene Archibald, AWX Project
My issue was something as simple as the group DN being incorrect.
If you use Wireshark it can dissect the ldap traffic and it should give you a clear idea of what is going on if you are just using straight LDAP and not ldaps
--
You received this message because you are subscribed to a topic in the Google Groups "AWX Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/awx-project/sEOqveIMNkQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to awx-project...@googlegroups.com.
To post to this group, send email to awx-p...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/b02e5b13-e011-4d5c-9620-de32b7bcea42%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Eugene Archibald
May 2, 2018, 12:11:58 PM5/2/18
to Marcos Georgopoulos, AWX Project
Thanks!
Annoyingly in my case it had cached something in AWX from prior LDAP work that was causing logins to fail even after the LDAP was configured correctly.
I removed the cached accounts and login worked properly.
On Tue, May 1, 2018 at 4:27 PM, Marcos Georgopoulos <m...@marcosg.com> wrote:
My issue was something as simple as the group DN being incorrect.If you use Wireshark it can dissect the ldap traffic and it should give you a clear idea of what is going on if you are just using straight LDAP and not ldaps
So what was the issue? I'm facing the same thing in one environment, but not the other, and the lack of valid debugging logs is driving me batshit.--
On Sunday, April 22, 2018 at 5:12:56 AM UTC-7, MarcG wrote:I ended up just using wire shark to determine the issue
You received this message because you are subscribed to a topic in the Google Groups "AWX Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/awx-project/sEOqveIMNkQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to awx-project+unsubscribe@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages