Description of problem: the LDAP group lookup functionality fails. The UI just hangs (network inspector shows it gets back the generic error page, viz json). Ultimately production.log shows : Error caught: [Encoding::UndefinedConversionError] "\xC3" from ASCII-8BIT to UTF-8 with the first non gem caller being: /var/www/miq/vmdb/app/controllers/ops_controller/ops_rbac.rb:569:in `rbac_group_user_lookup' Simulating what I'm guessing CF is doing (e.g. : ldapsearch -H ldap://xxx -D "...." -w ... -b ... "(samaccountname=<UI TEXT>)" I'm not seeing any group *names* or *dn*s which have non-ASCII characters, but globally searching for (objectClass=group), there are *descriptions* which are base64 decoded, one random sample having an "é" Also, the *user* I was searching with has a displayName and sn base64 encoded o the command line, and I guess since it gets its own Wikipedia page, "Hébert" isn't obscure enough to censor. The problem is failing on group lookups, but it could be either (or generic encoding failure). Version: 5.6.0.13.20160624114606_13a9153 How reproducible: In this environment, always. Its past the end of my day here, and the VPN just dropped, but will be back on site tomorrow 9AM .
probable dup: https://bugzilla.redhat.com/show_bug.cgi?id=1321082
Possibly a problem with net/ldap... and fixed at https://github.com/ruby-ldap/ruby-net-ldap/pull/242
https://github.com/ManageIQ/manageiq/pull/10635
New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/895c246fbfb833a13f5718b28334ff2552d83443 commit 895c246fbfb833a13f5718b28334ff2552d83443 Author: Gregg Tanzillo <gtanzill> AuthorDate: Fri Aug 19 15:10:05 2016 -0400 Commit: Gregg Tanzillo <gtanzill> CommitDate: Fri Aug 19 17:49:50 2016 -0400 Updating to newer version of net-ldap gem Version 0.14.0 of the gem (actually, starting with 0.13.0) contains a code change that fixes an encoding error (Encoding::UndefinedConversionError) that happens when there are extended characters in a dn. The fix forces utf-8 encoding instead of ASCII-8BIT for objects returned from the directory. See https://github.com/ruby-ldap/ruby-net-ldap/pull/242 https://bugzilla.redhat.com/show_bug.cgi?id=1367600 Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
https://github.com/ManageIQ/manageiq/pull/10398
Already cloned for 5.6.z: https://bugzilla.redhat.com/show_bug.cgi?id=1370196
verified in 5.7.0.3.20160927165516_075d0f3. group with the name "SR-APP-EPM-Membre-équipe" is retrieved correctly in the UI. production log does not show "Encoding::UndefinedConversionError" Errors. marking this issue as verified. Refer the screenshot, ldap_group_retrieve. [root@cfmeappliancerzfpgcv log]# grep -i "UndefinedConversionError" production.log [root@cfmeappliancerzfpgcv log]# [root@cfmeappliancerzfpgcv log]# grep -ir "UndefinedConversionError" . [root@cfmeappliancerzfpgcv log]#
Created attachment 1208182 [details] ldap_group_retrieve