Hi Chris, I'm afraid the changes I talked about were limited to the LDAP support, not Active Directory. The newer version won't fix your problem.
I think it's important to figure out why this is failing in the first place, though. We perform a bind every time we go to authenticate a user. We know that's succeeding because we then immediately go to perform a search (which wouldn't happen if the bind failed), and that's where this is failing. It sounds like this only happens periodically, and not every time someone authenticates? Christian On Tue, Jun 6, 2017 at 12:33 PM, Chris Eagan <[email protected]> wrote: > I am planning to upgrade our version soon so hopefully that resolves the > problem, but either way, here is the traceback from the email in case you > would like to take a look. > > Traceback (most recent call last): > > File "/usr/lib/python2.7/site-packages/django/core/handlers/base.py", > line 112, in get_response > response = wrapped_callback(request, *callback_args, **callback_kwargs) > > File "/usr/lib/python2.7/site-packages/django/views/decorators/cache.py", > line 52, in _wrapped_view_func > response = view_func(request, *args, **kwargs) > > File "/usr/lib/python2.7/site-packages/django/views/decorators/vary.py", > line 19, in inner_func > response = func(*args, **kwargs) > > File "/usr/lib/python2.7/site-packages/djblets/webapi/resources/base.py", > line 135, in __call__ > auth_result = check_login(request) > > File > "/usr/lib/python2.7/site-packages/djblets/webapi/auth/backends/__init__.py", > line 87, in check_login > result = auth_backend_cls().authenticate(request) > > File > "/usr/lib/python2.7/site-packages/djblets/webapi/auth/backends/base.py", > line 84, in authenticate > result = self.login_with_credentials(request, **credentials) > > File > "/usr/lib/python2.7/site-packages/djblets/webapi/auth/backends/base.py", > line 141, in login_with_credentials > user = auth.authenticate(**credentials) > > File "/usr/lib/python2.7/site-packages/django/contrib/auth/__init__.py", > line 49, in authenticate > user = backend.authenticate(**credentials) > > File "/usr/lib/python2.7/site-packages/reviewboard/accounts/backends.py", > line 792, in authenticate > userdomain) > > File "/usr/lib/python2.7/site-packages/reviewboard/accounts/backends.py", > line 641, in search_ad > filterstr=filterstr) > > File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 552, > in search_s > return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly, > None,None,timeout=self.timeout) > > File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 546, > in search_ext_s > return self.result(msgid,all=1,timeout=timeout)[1] > > File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 458, > in result > resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout) > > File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 462, > in result2 > resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all, > timeout) > > File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 469, > in result3 > resp_ctrl_classes=resp_ctrl_classes > > File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 476, > in result4 > ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ > ctrls,add_intermediates,add_extop) > > File "/usr/lib64/python2.7/site-packages/ldap/ldapobject.py", line 99, > in _ldap_call > result = func(*args,**kwargs) > > OPERATIONS_ERROR: {'info': '000004DC: LdapErr: DSID-0C090752, comment: In > order to perform this operation a successful bind must be completed on the > connection., data 0, v2580', 'desc': 'Operations error'} > > > > On Monday, June 5, 2017 at 5:52:51 PM UTC-4, Christian Hammond wrote: >> >> Hi Chris, >> >> I'm surprised you're getting e-mails for this, but I'd have to see the >> entirety of the e-mail, probably. If it's an exception traceback e-mail, >> then likely this particular failure wasn't getting caught and handled >> gracefully, leading to a HTTP 500 being shown to the user who tried to log >> in. Generally speaking, you should only get such e-mails if we have a crash >> bug. >> >> I did a bunch of work to improve the LDAP support in 2.5.12, which should >> also better catch exceptions. Upgrading might prevent those errors from >> showing up. >> >> Do you have a full traceback shown in there? >> >> Christian >> >> On Mon, Jun 5, 2017 at 12:04 PM, Chris Eagan <[email protected]> wrote: >> >>> Sometimes our Review Board server sends emails to the Administrator >>> email account to report errors. I don't see a setting anywhere to control >>> what gets sent to the administrators, but some of these issues are ones >>> that we aren't particularly interested in receiving. For instance, the >>> following error gets sent whenever someone mistypes their password when >>> attempting to login to Review Board. >>> >>> OPERATIONS_ERROR: {'info': '000004DC: LdapErr: DSID-0C090752, comment: >>> In order to perform this operation a successful bind must be completed on >>> the connection., data 0, v2580', 'desc': 'Operations error'} >>> >>> It is a little odd because we can see other ERROR level log entries from >>> today, but we didn't get emails for all of them so the emails don't appear >>> to be related to the log level of the error. It might be useful to let the >>> user customize the log level threshold for which emails are sent to the >>> Administrator, including turning off the automated emails completely. >>> >>> Is there anything we can do to customize what gets sent to the >>> Administrator email account? We are currently running Review Board 2.5.9. >>> >>> -- >>> Supercharge your Review Board with Power Pack: >>> https://www.reviewboard.org/powerpack/ >>> Want us to host Review Board for you? Check out RBCommons: >>> https://rbcommons.com/ >>> Happy user? Let us know! https://www.reviewboard.org/users/ >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "reviewboard" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> >> >> -- >> Christian Hammond >> President/CEO of Beanbag <https://www.beanbaginc.com/> >> Makers of Review Board <https://www.reviewboard.org/> >> > -- > Supercharge your Review Board with Power Pack: > https://www.reviewboard.org/powerpack/ > Want us to host Review Board for you? Check out RBCommons: > https://rbcommons.com/ > Happy user? Let us know! https://www.reviewboard.org/users/ > --- > You received this message because you are subscribed to the Google Groups > "reviewboard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- Christian Hammond President/CEO of Beanbag <https://www.beanbaginc.com/> Makers of Review Board <https://www.reviewboard.org/> -- Supercharge your Review Board with Power Pack: https://www.reviewboard.org/powerpack/ Want us to host Review Board for you? Check out RBCommons: https://rbcommons.com/ Happy user? Let us know! https://www.reviewboard.org/users/ --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
