LDAP login fails with "unexpected response: 500" in OCP 3.11 after change of certificate in LDAP Server
Issue
- We are not able to authenticate to our OCP clusters via LDAPPasswordIdentityProvider. This issue started happening after a Certificate change took place on LDAP servers. We changed the related parameters on OCP cluster, but only authentication is failing while group sync is successful.
E0214 01:55:02.022754 1 authentication.go:62] Unable to authenticate the request due to an error: [invalid bearer token, [invalid bearer token, token lookup failed]]
I0214 07:43:19.809096 1 ldap.go:67] identitymapper: error creating or updating mapping for: &api.DefaultUserIdentityInfo{ProviderName:"my_ldap_provider", ProviderUserName:"CN=User Name,OU=UserAccounts-Standard,OU=UserAccounts,DC=AAA,DC=BBB,DC=CCC", Extra:map[string]string{"name":"User Name", "email":"MYUsername@provider.com, "preferred_username":"myusername"}} due to users.user.openshift.io "MYUsername" not found
E0214 07:43:19.809121 1 basicauth.go:48] Error authenticating login "rmohan" with provider "my_ldap_provider": users.user.openshift.io "MYUsername" not found
I0214 02:10:36.222461 845 helpers.go:201] server response object: [{
"metadata": {},
"status": "Failure",
"message": "Internal error occurred: unexpected response: 500",
"reason": "InternalError",
"details": {
"causes": [
{
"message": "unexpected response: 500"
}
]
},
"code": 500
}]
F0214 02:10:36.222491 845 helpers.go:119] Error from server (InternalError): Internal error occurred: unexpected response: 500
Environment
- Red Hat OpenShift Container Platform (RHOCP) 3.11
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.