Issue #8040: ipa migrate-ds fails with internal error. - freeipa

freeipa

#8040 ipa migrate-ds fails with internal error.

Closed: fixed 4 years ago by twoerner. Opened 4 years ago by cheimes.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1731963

Description of problem: ipa migrate-ds fails with internal error.


Version-Release number of selected component (if applicable):
ipa-server-4.8.0-4.module+el8.1.0+3696+eb4a1e69.x86_64

How reproducible:
Always


Steps to Reproduce:
1. Install IPA server
2. Run ipa migrate-ds  command


Actual results:
Internal error is seen.

[Mon Jul 22 18:07:33.180155 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746] ipa: DEBUG:
migrate_ds('ldap://master.rhel81.test:3389', '********',
binddn=ipapython.dn.DN('cn=directory manager'),
usercontainer=ipapython.dn.DN('ou=People'),
groupcontainer=ipapython.dn.DN('ou=groups'), userobjectclass=('person',),
groupobjectclass=('groupOfUniqueNames', 'groupOfNames'),
userignoreobjectclass=None, userignoreattribute=None,
groupignoreobjectclass=None, groupignoreattribute=None,
groupoverwritegid=False, schema='RFC2307bis', continue=False, compat=True,
use_def_group=True, scope='onelevel', version='2.233', exclude_users=None,
exclude_groups=None)
[Mon Jul 22 18:07:33.182543 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746] ipa: DEBUG: retrieving schema for SchemaCache
url=ldapi://%2Fvar%2Frun%2Fslapd-RHEL81-TEST.socket
conn=<ldap.ldapobject.SimpleLDAPObject object at 0x7efcdbed69e8>
[Mon Jul 22 18:07:33.393732 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746] ipa: ERROR: non-public: ValueError: simple_bind
over insecure LDAP connection
[Mon Jul 22 18:07:33.393752 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746] Traceback (most recent call last):
[Mon Jul 22 18:07:33.393758 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]   File
"/usr/lib/python3.6/site-packages/ipaserver/rpcserver.py", line 368, in
wsgi_execute
[Mon Jul 22 18:07:33.393763 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]     result = command(*args, **options)
[Mon Jul 22 18:07:33.393768 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]   File
"/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 450, in __call__
[Mon Jul 22 18:07:33.393774 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]     return self.__do_call(*args, **options)
[Mon Jul 22 18:07:33.393779 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]   File
"/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 478, in __do_call
[Mon Jul 22 18:07:33.393784 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]     ret = self.run(*args, **options)
[Mon Jul 22 18:07:33.393789 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]   File
"/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 800, in run
[Mon Jul 22 18:07:33.393794 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]     return self.execute(*args, **options)
[Mon Jul 22 18:07:33.393799 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]   File
"/usr/lib/python3.6/site-packages/ipaserver/plugins/migration.py", line 917, in
execute
[Mon Jul 22 18:07:33.393804 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]     ds_ldap.simple_bind(options['binddn'], bindpw)
[Mon Jul 22 18:07:33.393809 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]   File
"/usr/lib/python3.6/site-packages/ipapython/ipaldap.py", line 1215, in
simple_bind
[Mon Jul 22 18:07:33.393814 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746]     raise ValueError('simple_bind over insecure
LDAP connection')
[Mon Jul 22 18:07:33.393822 2019] [wsgi:error] [pid 28555:tid 139624469780224]
[remote 10.65.206.140:47746] ValueError: simple_bind over insecure LDAP
connection

Expected results:
The command should execute without any error.

Additional info:

Metadata Update from @cheimes:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1731963

4 years ago

Metadata Update from @cheimes:
- Issue assigned to cheimes

4 years ago

cheimes commented 4 years ago

master:

a36556e Allow insecure binds for migration

twoerner commented 4 years ago

ipa-4-8:

8e207fd Allow insecure binds for migration

Metadata Update from @twoerner:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

4 years ago

Metadata

Assignee

cheimes

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

FreeIPA 4.8.1

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=1731963

tester

None

changelog

None

design

None

freeipa

Source Code

#8040 ipa migrate-ds fails with internal error. Closed: fixed 4 years ago by twoerner. Opened 4 years ago by cheimes.

Metadata

#8040 ipa migrate-ds fails with internal error.

Closed: fixed 4 years ago by twoerner. Opened 4 years ago by cheimes.