More information:
Server that is failing:
irb(main):023:0> pp AuthSourceLdap.all
[#<AuthSourceLdap:0x000077d9bfa02308
id: 4,
type: "AuthSourceLdap",
name: "redacted.global",
host: "ldaps.redacted.global",
port: 636,
account: "redacted",
account_password: "[FILTERED]",
base_dn: "DC=redacted,DC=global",
attr_login: "uid",
attr_firstname: "givenName",
attr_lastname: "sn",
attr_mail: "mail",
onthefly_register: true,
tls: true,
created_at: Tue, 25 Jun 2024 19:50:18.295578000 UTC +00:00,
updated_at: Thu, 15 Aug 2024 17:47:14.014593000 UTC +00:00,
ldap_filter: "",
attr_photo: "jpegPhoto",
server_type: "active_directory",
groups_base: "OU=Salt,OU=Roles,OU=Domain Groups,DC=redacted,DC=global",
usergroup_sync: true,
use_netgroups: false>]
=>
[#<AuthSourceLdap:0x000077d9bfa02308
id: 4,
type: "AuthSourceLdap",
name: "redacted.global",
host: "ldaps.redacted.global",
port: 636,
account: "redacted",
account_password: "[FILTERED]",
base_dn: "DC=redacted,DC=global",
attr_login: "uid",
attr_firstname: "givenName",
attr_lastname: "sn",
attr_mail: "mail",
onthefly_register: true,
tls: true,
created_at: Tue, 25 Jun 2024 19:50:18.295578000 UTC +00:00,
updated_at: Thu, 15 Aug 2024 17:47:14.014593000 UTC +00:00,
ldap_filter: "",
attr_photo: "jpegPhoto",
server_type: "active_directory",
groups_base: "OU=Salt,OU=Roles,OU=Domain Groups,DC=redacted,DC=global",
usergroup_sync: true,
use_netgroups: false>]
Server that is working:
irb(main):001:0> pp AuthSourceLdap.all
[#<AuthSourceLdap:0x00007882315fe5e8
id: 4,
type: "AuthSourceLdap",
name: "redacted.global",
host: "ldaps.redacted.global",
port: 636,
account: "redacted",
account_password: "[FILTERED]",
base_dn: "DC=redacted,DC=global",
attr_login: "uid",
attr_firstname: "givenName",
attr_lastname: "sn",
attr_mail: "mail",
onthefly_register: true,
tls: true,
created_at: Tue, 25 Jun 2024 19:50:18.295578000 UTC +00:00,
updated_at: Thu, 15 Aug 2024 17:47:14.014593000 UTC +00:00,
ldap_filter: "",
attr_photo: "jpegPhoto",
server_type: "active_directory",
groups_base: "OU=Salt,OU=Roles,OU=Domain Groups,DC=redacted,DC=global",
usergroup_sync: true,
use_netgroups: false>]
=>
[#<AuthSourceLdap:0x00007882315fe5e8
id: 4,
type: "AuthSourceLdap",
name: "redacted.global",
host: "ldaps.redacted.global",
port: 636,
account: "redacted",
account_password: "[FILTERED]",
base_dn: "DC=redacted,DC=global",
attr_login: "uid",
attr_firstname: "givenName",
attr_lastname: "sn",
attr_mail: "mail",
onthefly_register: true,
tls: true,
created_at: Tue, 25 Jun 2024 19:50:18.295578000 UTC +00:00,
updated_at: Thu, 15 Aug 2024 17:47:14.014593000 UTC +00:00,
ldap_filter: "",
attr_photo: "jpegPhoto",
server_type: "active_directory",
groups_base: "OU=Salt,OU=Roles,OU=Domain Groups,DC=redacted,DC=global",
usergroup_sync: true,
use_netgroups: false>]
I dont see any difference…
However. Here is the one that works:
irb(main):002:0> source_now = AuthSourceLdap.find_by_id(4)
=>
#<AuthSourceLdap:0x00007882313d7d00
...
irb(main):003:0> conn = source_now.ldap_con
=>
#<LdapFluff:0x0000788231283878
...
And the one that fails:
irb(main):001:0> source_now = AuthSourceLdap.find_by_id(4)
=>
#<AuthSourceLdap:0x00007e86cd352668
...
irb(main):002:0> conn = source_now.ldap_con
At least one field decryption failed, check ENCRYPTION_KEY
=>
#<LdapFluff:0x00007e86cd5b9000
...