Uploaded image for project: 'TrueNAS'
  1. TrueNAS
  2. NAS-110296

Enabling encryption on LDAP w/ FreeIPA results in UI 'str' object has no attribute '__name__'

    XMLWordPrintable

Details

    Description

      Attempting to add TrueNAS as a client in a FreeIPA environment works until you try to set encryption to ON, then it fails with

       

      'str' object has no attribute '__name__'

       

      The console log outputs;

       

      python3.8 300 - - GSSAPI Error:  Miscellaneous failure (see text)/krb5cc_0 (Empty credential cache file: /tmp/krb5cc_0)

       

      The LDAP health indicator after this appears to be normal.

       

      The FreeIPA server is healthy, and I am able to successfully run kinit from the console/SSH

       

      I have been unable to try START_TLS as the procedure for importing the IPA CA is extremely unclear in the documentation.

       

       

      Configuring in the UI without enabling ldap and then running

       

      midclt ldap.start

       

      results in the following:

       

      resizewin: unable to parse response
      root@freenas:~ # midclt call ldap.start
      LDAP
      Traceback (most recent call last):
        File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 137, in call_method
          result = await self.middleware._call(message['method'], serviceobj, methodobj, params, app=self,
        File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1195,in _call
          return await methodobj(*prepared_call.args)
        File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/ldap.py", line 955, in start
          await self.middleware.call('kerberos.start')
        File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1238,in call
          return await self._call(
        File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1195,in _call
          return await methodobj(*prepared_call.args)
        File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/kerberos.py", line 577, in start
          await asyncio.wait_for(self._kinit(), timeout=kinit_timeout)
        File "/usr/local/lib/python3.8/asyncio/tasks.py", line 494, in wait_for
          return fut.result()
        File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/kerberos.py", line 322, in _kinit
          await self.do_kinit(ldap)

      I have been unable to locate a kerberos log on the TrueNAS server to troubleshoot further.

       

       

      Attachments

        Attachments

          JEditor

            Issue Links

              Activity

                People

                  releng Triage Team
                  krbyerdog anonymous
                  Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                    Created:
                    Updated:
                    Resolved: