Hey Matt, Thanks for the report. This has been fixed in Scalr EE. The reason for this is lazy binding in OpenLDAP. You create the connection, but it gets lazily created when binding.
The new version says something like "LDAP host is...", and will actually output the error message from OpenLDAP if connection fails when binding. Cheers, -- Thomas | Product Manager @ Scalr | [email protected] | www.scalr.com | blog.scalr.com On Mon, May 4, 2015 at 7:46 PM, Matt Shibla <[email protected]> wrote: > On this OSS Scalr server, Scalr is setup for LDAP auth over a local > stunnel connection to a remote AD server configured for LDAPS only. The > root cause of this failure is that the stunnel process, configured to run > on localhost (127.0.0.1) port 65000, is not running. However, as you can > see in the attached screenshot, the error message clearly says: > > 34:07 - Create connection host:127.0.0.1 port:65000 - OK > > As stunnel is not running, there is nothing listening on this port. The > Scalr connection to 127.0.0.1:65000 fails, but that's not what this error > message says. Instead, the failure is reported on the following line of > the error message: > > 34:07 - Bind username:[email protected] password:********** - Failed > > This makes it look as though the credentials are failing, which is not the > case. The error message should report a failure to connect to > 127.0.0.1:65000 on the 2nd line of the error message. > > -- > You received this message because you are subscribed to the Google Groups > "scalr-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "scalr-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
