Error in LDAP-Resolver after Update to 3.8

Hello together,

after updating to 3.8 (ubuntu 18.04 update via apt) the ldap resolver (which was working before) brings the error message “TypeError(“a bytes-like object is required, not ‘str’”,)” when starting the resolver test.

Any ideas what could be the problem?

BR, Ilja

You should take a log in the privacyidea.log file for more details.

Hello.

I have the same issue!

Today I’ve upgraded my PrivacyIdea 3.7.4 installation to 3.8(ubuntu 20.04 LTS):

  1. apt update
  2. apt dist upgrade
  3. /opt/privacyidea/bin/privacyidea-schema-upgrade /opt/privacyidea/lib/privacyidea/migrations

Nothing else was modified neither before nor after installations(realms/resolvers/etc)

Update seemed to be ok, no errors in output.

Then I’ve tried to login with ldap user - Wrong Creds multiple times.
Then I’ve loged in with admin account.

In tokens section I see " resolver error in user column.

I’ve tried to test resolver(previously works fine). Now I get TypeError error:

In logs I see:

[2023-01-23 14:21:14,664][2240][140618607359744][ERROR][privacyidea.lib.token:538] User information can not be retrieved: a bytes-like object is required, not 'str'
[2023-01-23 14:21:14,681][2240][140618607359744][ERROR][privacyidea.lib.token:538] User information can not be retrieved: a bytes-like object is required, not 'str'
[2023-01-23 14:21:14,697][2240][140618607359744][ERROR][privacyidea.lib.token:538] User information can not be retrieved: a bytes-like object is required, not 'str'

and

 File "/opt/privacyidea/lib/python3.8/site-packages/ldap3/utils/ntlm.py", line 491, in ntowf_v2
    passparts = self._password.split(':')

Packages are:

  • privacyidea-apache2/stable,now 3.8-1focal all [installed]
  • privacyidea-nginx/stable 3.8-1focal all
  • privacyidea-radius/stable,now 3.4.2-1focal all [installed]
  • privacyidea/stable,now 3.8-1focal amd64 [installed,automatic]

My Solution was to change Bind-Type to simple and Bind-DN to user@domain.
This was working for me. But i still don’t know why NTLM-Auth is not working anymore.

BR, Ilja

Yep, it’s working solution, thanks a lot!

I can confirm that it is reproducable.
Opened an issue: