Uploaded image for project: 'TrueNAS'
  1. TrueNAS
  2. NAS-110297

Enabling encryption on LDAP w/ FreeIPA results in UI 'str' object has no attribute '__name__'

    XMLWordPrintable

Details

    • Bug
    • Status: Engineering Closed (View Workflow)
    • Low
    • Resolution: Duplicate
    • None
    • N/A
    • Directory Services
    • None

    Description

      Attempting to add TrueNAS as a client in a FreeIPA environment works until you try to set encryption to ON, then it fails with

       

      'str' object has no attribute '__name__'

       

      The console log outputs;

       

      python3.8 300 - - GSSAPI Error:  Miscellaneous failure (see text)/krb5cc_0 (Empty credential cache file: /tmp/krb5cc_0)

       

      The LDAP health indicator after this appears to be normal.

       

      The FreeIPA server is healthy, and I am able to successfully run kinit from the console/SSH

       

      I have been unable to try START_TLS as the procedure for importing the IPA CA is extremely unclear in the documentation.

       

       

      Configuring in the UI without enabling ldap and then running

       

      midclt ldap.start

       

      results in the following:

       

      LDAP
      Traceback (most recent call last):
        File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 137, in call_method
          result = await self.middleware._call(message['method'], serviceobj, methodobj, params, app=self,
        File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1195,in _call
          return await methodobj(*prepared_call.args)
        File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/ldap.py", line 955, in start
          await self.middleware.call('kerberos.start')
        File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1238,in call
          return await self._call(
        File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1195,in _call
          return await methodobj(*prepared_call.args)
        File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/kerberos.py", line 577, in start
          await asyncio.wait_for(self._kinit(), timeout=kinit_timeout)
        File "/usr/local/lib/python3.8/asyncio/tasks.py", line 494, in wait_for
          return fut.result()
        File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/kerberos.py", line 322, in _kinit
          await self.do_kinit(ldap)

      I have been unable to locate a kerberos log on the TrueNAS server to troubleshoot further.

       

       

      Attachments

        Attachments

          JEditor

            Activity

              People

                releng Triage Team
                krbyerdog anonymous
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: