[SOLVED] Djoin problem since WAPT 2.4 update

Share your tips or issues concerning the WAPT Console or WAPT Agent here
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
erems
Messages: 46
Registration: Apr 25, 2023 - 3:52 p.m.

June 22, 2023 - 4:31 PM

Hello,

we upgraded WAPT today from 2.3 to 2.4.0.14080 on a Linux Ubuntu 20.04.6 server.

The djoin functionality has changed, and we can no longer get it to work with our Samba Active Directory. The WAPT 2.4 documentation doesn't seem to be up-to-date on this point.

I consistently get a "TLdapClient.Bind with a password requires TLS connection" error, regardless of the port used (389, 636, etc.).

A tcpdump on the WAPT server doesn't show any outgoing requests to the domain controller when I prepare the djoin. This doesn't seem normal.

Until now, the options used were equivalent to those described in the documentation.

Picture

Could you please help us?

Best regards.
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

June 22, 2023 - 5:48 PM

Hello

, could you please provide your version of Samba so we can run some tests?

Simon
High
erems
Messages: 46
Registration: Apr 25, 2023 - 3:52 p.m.

June 23, 2023 - 09:14

Hello,

The DCs use Samba 4.15.13

Regards.
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

June 23, 2023 - 11:34

I just tried

Samba 4.15 (KO)
and Samba 4.16.10 (OK).

In the 4.16 changelog, we can see:

* BUG 14996: Fix ldap simple bind with TLS auditing.

I believe this bug from the older versions is causing the problem.

Since Samba 4.15 has been end-of-life since March 8, 2023:

https://wiki.samba.org/index.php/Samba_Release_Planning,

I therefore suggest you upgrade to restore normal operation. ;)

Simon
High
erems
Messages: 46
Registration: Apr 25, 2023 - 3:52 p.m.

June 23, 2023 - 11:53

Hello,

thank you for your reply, that explains this behavior.

Best regards.
High
Locked

Return to "WAPT usage (Console, Agent) / WAPT usage (Console, Agent)"


  • To go further with WAPT