When logging in to ldap, an error occurs as shown in the figure. Occasional errors can sometimes succeed on the first attempt and sometimes fail. #4347
Description
Preflight Checklist
- I agree to follow the Code of Conduct that this project adheres to.
- I have searched the issue tracker for an issue that matches the one I want to file, without success.
- I am not looking for support or already pursued the available support channels without success.
Version
2.37.0
Storage Type
In-memory
Installation Type
Custom Helm chart
Expected Behavior
The debug parameter does not take effect
When logging in to ldap, an error occurs as shown in the figure. Occasional errors can sometimes succeed on the first attempt and sometimes fail. The error message is as follows:
time="2025-09-30T01:50:45Z" level=info msg="performing ldap search cn=openobserve,cn=groups,dc=startimes,dc=me sub (&(objectClass=posixGroup)(memberUid=xx))"
time="2025-09-30T01:50:45Z" level=error msg="ldap: groups search with filter "(&(objectClass=posixGroup)(memberUid=xx))" returned no groups"
time="2025-09-30T01:50:45Z" level=error msg="Failed to finalize login: failed to update auth request: not found"
Actual Behavior
The debug parameter does not take effect
When logging in to ldap, an error occurs as shown in the figure. Occasional errors can sometimes succeed on the first attempt and sometimes fail. The error message is as follows:
time="2025-09-30T01:50:45Z" level=info msg="performing ldap search cn=openobserve,cn=groups,dc=startimes,dc=me sub (&(objectClass=posixGroup)(memberUid=xx))"
time="2025-09-30T01:50:45Z" level=error msg="ldap: groups search with filter "(&(objectClass=posixGroup)(memberUid=xx))" returned no groups"
time="2025-09-30T01:50:45Z" level=error msg="Failed to finalize login: failed to update auth request: not found"
Steps To Reproduce
No response
Additional Information
No response
Configuration
issuer: https://o2-xxx.com/dex
logger:
level: "debug"
format: "text"
storage:
type: kubernetes
config:
inCluster: true
web:
http: 0.0.0.0:5556
frontend:
issuer: "OpenObserve"
logoURL: "https://cloud.openobserve.ai/web/src/assets/images/common/open_observe_logo.svg"
expiry:
idTokens: 240m
refreshTokens:
validIfNotUsedFor: 241m
staticClients:
- id: o2-client
redirectURIs:
- https://o2-xx.com/config/redirect
name: o2-client
secret: xxx# This should be base64 encoded value of client secret.Gets mapped to O2_DEX_CLIENT_SECRET
oauth2:
responseTypes:
- code
skipApprovalScreen: true
connectors:
- type: ldap
name: OpenLDAP
id: ldap
config:
host: x
insecureNoSSL: true
bindDN: uid=root,cn=users,dc=xxx,dc=me
bindPW: xxx
usernamePrompt: user
userSearch:
baseDN: dc=xxx,dc=me
filter: "(objectClass=inetOrgPerson)"
username: uid
idAttr: uid
emailAttr: mail
nameAttr: cn
groupSearch:
baseDN: cn=openobserve,cn=groups,dc=xxx,dc=me
filter: "(objectClass=posixGroup)"
userMatchers:
- userAttr: uid
groupAttr: memberUid
nameAttr: cn