You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have HA vault deployed in kubernetes through helm.
Authentication is served using ldap.
After enabling audit socket i’ve stopped being able to open ldap auth method configuration over the UI, if i disable audit, it starts working again. I was running vault 16.1 and now have upgraded to 17.2 but to no avail. Error below:
Ember Data Request GET /v1/auth/ldap/?help=1 returned a 500 Payload (application/json) [object Object] internal error
Open LDAP config again, the 500 error should appear
Expected behavior
Continue to be able to configure LDAP auth over UI without issues.
Environment:
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
vault vault 2 2024-07-23 08:58:40.790685612 +0100 IST deployed vault-0.28.1 1.17.2
Vault v1.17.2 (2af5655), built 2024-07-05T15:19:12Z
Server Operating System/Architecture: Kubernetes 1.24
For what it's worth, I just tracked down something very similar. I found it related to a bad configuration of token_bound_cidrs. I saw the behavior in auth/ldap/config and auth/approle/role/something.
I'm not sure what I was doing wrong, since I couldn't see the bad configuration, but I think it involved using the "token_bound_cidrs=@file" syntax. I was able to fix/bypass it by using
vault write auth/ldap/config token_bound_cidrs="1.1.1.1/1,2.2.2.2/2,..."
I've managed to find out the issue, although not 100% sure why it fails i have a good workaround.
in that cluster i use FluentD to ship logs elsewhere and somehow not all audit logs are parsing correctly therefore the path can't be accessed as it cannot write to audit output.
My workaround was to enable a second audit output (also recommended in the documentation). In my case i'm outputting to stdout and this way there is no more parsing issues
I have HA vault deployed in kubernetes through helm.
Authentication is served using ldap.
After enabling audit socket i’ve stopped being able to open ldap auth method configuration over the UI, if i disable audit, it starts working again. I was running vault 16.1 and now have upgraded to 17.2 but to no avail. Error below:
Ember Data Request GET /v1/auth/ldap/?help=1 returned a 500 Payload (application/json) [object Object] internal error
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Continue to be able to configure LDAP auth over UI without issues.
Environment:
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
vault vault 2 2024-07-23 08:58:40.790685612 +0100 IST deployed vault-0.28.1 1.17.2
Vault server configuration file(s):
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: